News 
Just a heads up, via Symbian-Guru today.
Over at F-Secure’s site, they’re posted that they made a presentation called ‘Security Nightmares 2009?, at the 25th Chaos Communication Congress in Berlin, that showed a demonstration of a ‘Curse of Silence‘ exploit in S60, that supposedly affects S60 2nd Edition phones, and S60 3rd Edition phones too(but not Feature Pack 2 or after). S60 3rd Edition phones and later are supposedly immune to this exploit.
The method that this exploit uses, involves sending a secially formatted SMS to the recipient, which then renders the messaging capabilities of the phone completely useless.
However, you cannot get “attacked” by this exploit by an application or bluetooth, only by receiving an SMS. With Feature pack 1, the attacker must send multiple messages before the critical limit is reached, and the user is presented with a ‘Not enough memory to receive message(s). Delete some data first.’ error.
If you get attacked with this, you’ll need to hard reset your phone. You cannot use any backup/restore features, as that will reportedly only restore the offending messages, recreating the problem.
However, SG says there’s a very slim change you’ll get affected by this one :
In order for this exploit to happen, 1. you must know a ‘hacker’ who knows how to create this ’specially formatted message’ 2. this ‘hacker’ must know your cell phone number 3. He/she must, at least for S60 3rd Edition handsets, send the attack multiple times, to your phone.In other words, unless you’ve got your cell phone number plastered all over the place, or you’ve directly upset someone who knows how to do this, the odds of you being vulnerable to such an attack are extremely slim. You’d be more likely to drop your phone into a puddle of water, or a beer, than have to worry about this exploit.
Watch a video of the exploit in action, after the break.
Like SG says, there’s no way you’d really get affected by this one, unless you know someone who’s really out to get you and really into the S60 Hackosphere. Y’all been warned :)
-Teh Cj
Clinton is currently based in New Delhi, India and is executive editor for UnleashThePhones. He is responsible for all editorial decisions, and covers all forms of Mobile things.
Cj is addicted to caffeine, social media, and technology. Always up for a good conversation, you can reach him through the contact form, his website, on Google Plus 
or on Facebook or Twitter: Follow @clintonjeff
Add a comment