back to article To cut off all nearby phones with these Chinese chips, this is the bug to exploit

A critical flaw in the LTE firmware of the fourth-largest smartphone chip biz in the world could be exploited over the air to block people's communications and deny services. The vulnerability in the baseband – or radio modem – of UNISOC's chipset was found by folks at Check Point Research who were looking for ways the silicon …

  1. Clausewitz4.0 Bronze badge
    Devil

    The Terminator

    Robots pwning devices automagically screaming modem signals over the phone looked so much science fiction back in those days...

    1. Version 1.0 Silver badge
      Devil

      Re: The Terminator

      Back in those days when you found a problem in a device then you worked to fix it, in this example you would probably just replace the chip with a new version, but these days you work to make them buy a new device.

      I was working for a company in Oxford back in the 70's that found a problem with their tape decks, so I reworked the 8048 coding to fix it - I just fixed an 8-bit integer overflow (LOL).

      1. Brewster's Angle Grinder Silver badge

        RTFA

        "....in this example you would probably just replace the chip with a new version..."

        From the article:

        Google will roll out this fix in its upcoming Android Security bulletin.

  2. Gene Cash Silver badge

    Google will roll out this fix in its upcoming Android Security bulletin

    Uh huh. And since these are apparently the cheapest of the cheap, I assume support ended the moment the customer walked out of the store and there's zero percent chance they'll get any updates.

    1. Muscleguy

      Re: Google will roll out this fix in its upcoming Android Security bulletin

      I have a Moto phone, not high end. I have had at least two updates since buying it 18months ago.

      1. Snowy Silver badge
        Holmes

        Re: Google will roll out this fix in its upcoming Android Security bulletin

        Only two updates in 18months that is not very many, when was the last one? Was it over a year ago?

        Also a 18months old phone is not very old.

        1. Michael Wojcik Silver badge

          Re: Google will roll out this fix in its upcoming Android Security bulletin

          I have a Moto G8 Power, which was released a bit more than 2 years ago. (It has a Qualcomm chipset, so isn't vulnerable to this particular attack -- not that it would rank very high in my threat model anyway.) Its last software update was February. This is a phone I bought outright on the grey market; I use an MVNO carrier.

          Again, two years isn't very old. Just noting that it's hard to predict which devices will and won't receive updates.

    2. bombastic bob Silver badge
      Unhappy

      Re: Google will roll out this fix in its upcoming Android Security bulletin

      I would not be surprised if MOST of these are not 'droid devices, but ones that use a different OS like maybe KaiOS

      1. doublelayer Silver badge

        Re: Google will roll out this fix in its upcoming Android Security bulletin

        That's quite unlikely. Unisoc chips are heavily used in Android devices. Yes, they have a couple low-end SOCs that get used for KaiOS devices, but they have a large number of other models that are too powerful to be used in them. They're quite popular for the low and mid-range Android devices produced by Chinese OEMs.

  3. DS999 Silver badge

    This is nice and all

    But don't believe for a second similar flaws don't exist in Qualcomm, Mediatek or Exynos modems.

    Whether you have an iPhone, Samsung, or even a Google-free Android that you flashed a fully open source bootloader on and use pure 100% open source Android, its modem is running proprietary baseband software which is rarely if ever audited and almost certainly has multiple 0 days known by intelligence agencies (if you're lucky) as well as criminal organizations (if you're not) which can take over the entire device.

    1. elsergiovolador Silver badge

      Re: This is nice and all

      known by intelligence agencies (if you're lucky) as well as criminal organizations (if you're not)

      Given how little they get paid, likely they supplement their income by selling to the underworld. I mean, we are at the times where the police is not capable of investigating a party they had their own people at...

      1. RegGuy1 Silver badge

        Re: This is nice and all

        How many more times...

        IT WASN'T A PARTY IT WAS A WORK DO

        (we always have Proseco at work dos; just move on, we have)

        1. OhForF' Silver badge

          Re: This is nice and all

          Still trying to define the difference between work and a party?

          Must be nice work if you can get it - where do i apply?

  4. elsergiovolador Silver badge

    Next level

    UNISOC is a 21-year-old chip designer based in China that spent the first 17 years of life known as Spreadtrum Communications, and that by 2011 was supplying chips for more than half of the mobile phones in the country. In 2018, the company changed its name to UNISOC.

    So he started when he was only 4? I know there is this stereotype that Asian children are much smarter, but this is like next level!

    When I was 4 I was trying to drink water from a puddle and they were designing chips!

    1. ghp

      Re: Next level

      Probably the people working for that company were older than the company. I guess.

    2. bombastic bob Silver badge
      Devil

      Re: Next level

      I was reading medical and other science books when I was 5... but did not start a company. (I look back at how hilarious it must have been back in 1966 when *they* tried to hold me BACK in kindergarten for "Improper Social Development" yet I was reading a 1st year medical book given to me by the family doctor, and due to mother and doctor they were FORCED to give me an I.Q. test, which included Rorshach drawings - one looked like a bat, and another looked like cells dividing so I said "cellular mitosis" since I wanted to impress the teacher with big words being not quite 6, and the teacher said "whu?" and I repeated and added "See those look like the chromosomes dividing". She left the room and I waited forever, thought I was in trouble - for being "smart". Test continued and I played with blocks for a while as some guy used a stop watch. I heard later I was pegged high off of the IQ scale - and NO SHIT, THIS REALLY HAPPENED - and *they* wanted to HOLD ME BACK in KINDERGARTEN for IMPROPER SOCIAL DEVELOPMENT (and, of course, DRUG me) - like a bunch of SOCIALISTS - in 1966! Hell I had nothing in common with other 5-6 year old kids, so what the hell?)

  5. deevee

    Won't be long til the Chinese equivalent of Check Point reveals similar or worse flaws in US made/designed chip sets.

    1. stiine Silver badge

      You and the upvoter seem to have missed where the bug was reported to UNISOC.

  6. stiine Silver badge
    Devil

    one more paragraph and you could have spelled it three ways

    UNISOC, UNISCO, you only missed UNICOS, which would have confused we old folk.

    re: the article,

    I hope they weren't testing outside of a controlled environment.

    This is the kind of bug that you expect to be demo'd at hacking conventions, but not by a participant, but by someone in the audience...

  7. Steve Graham

    Have you tried switching it off and on again?

    1. TimMaher Silver badge
      Joke

      Switching it on and off again?

      I was going to but there was a tap at the door.

      Our gardener had turned up.

      We don’t know his real name so we call him “The Lawnmower Man”.

      1. Ken Moorhouse Silver badge

        Re: We don’t know his real name so we call him “The Lawnmower Man”.

        Why don't you call him Mo?

    2. Twanky
      Angel

      Have you tried switching it off and on again?

      FTFY

  8. ThatOne Silver badge
    Facepalm

    Diseased Ecosystem!

    > The smartphone modem is a prime target for hackers

    So I guess it's okay that only the most recent phones get a slim chance at patches...

    (For the record I have been using Android smartphones since Android 2.4, but I'm hesitating to continue this way. Hesitation only due to the lack of options, iApples being only marginally more secure.)

  9. Twanky
    Big Brother

    ...booming mobile security market

    ...in large part to the increase in online mobile payments, the use of mobile devices for tasks that involve sensitive information – such as banking information and credit card and social security numbers

    My bank keeps trying to get me to download their app for my phone. I keep wondering why they think my phone is secure. What do they know about my phone that I don't?

    1. Muscleguy

      Re: ...booming mobile security market

      Depends, a banking app doesn’t mean you have a payment system. I have the former but not the latter. I’m limited on what I can do on the phone vs from a proper computer which don’t forget could have a keylogger on it.

      1. ThatOne Silver badge

        Re: ...booming mobile security market

        > doesn’t mean you have a payment system

        The app can make money transfers, can't it? So all the hacker has to do is to transfer your money to a mule. Or, less ambitious, just use it to circumvent 2FA.

        Never forget, whoever controls your banking app controls your bank account.

    2. ThatOne Silver badge

      Re: ...booming mobile security market

      > I keep wondering why they think my phone is secure.

      Because if your phone app gets hacked it's your problem, not theirs.

      On the other hand having all customers on a (TCP/IP) leash simplifies their herding management and alleviates need for brick & mortar branches. So for them it's win-win. For you and me it's Russian roulette (and given the apps of some banks, Russian roulette with a semiautomatic pistol instead of a revolver...).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like