Hey guys, in the meantime they posted a new video on their page about faking MMS messages as well.
This is how MMS works: An SMS "control message" containing the URL of the content is sent by the MMSC to the recipient's handset to trigger the receiver's WAP browser to open and receive the content from the embedded URL. I am wondering if they use the same capability leak as for SMS and it just needs a special PDU which has to be sent to the SmsReceiverService. Does anyone have a clue? Cheers, Ethan On Tuesday, November 6, 2012 12:18:54 PM UTC+13, Hannes K. wrote: > > Regarding Prof. Xuxian Jiang's > research<http://www.csc.ncsu.edu/faculty/jiang/smishing.html> > > there seems to be a security flaw which can be used for > SMISHING<http://en.wikipedia.org/wiki/Smishing>and it affects a broad range > of Android versions. > > I am curious what the source of this leak is and I am wondering if someone > out there has a clue how they got it work. > I am new to android-security and I don't want to build a malicous app!! > (I just got thrown into an android security project at the Uni) > > I hope to get the ball rolling for a technical discussion. > > Cheers > Hannes > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/aZxYuPrsQdcJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
