The Straight Dope

Go Back   Straight Dope Message Board > Main > General Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 07-13-2008, 09:56 PM
astro astro is online now
Guest
 
Join Date: Jul 1999
Is it possible to remotely "hack" someone's cellphone and download pics from it?

Re this story below the claim is that someone "hacked" her cell phone and made it send them some private pics on it that she had taken. I did not think it was technologically possible to remotely take control of a person's cell phone like this. Is this a credible claiim?

Miley Cyrus Got Violated

Last edited by astro; 07-13-2008 at 09:56 PM..
Reply With Quote
Advertisements  
  #2  
Old 07-13-2008, 10:07 PM
Fubaya Fubaya is offline
Guest
 
Join Date: Apr 2008
While I couldn't give a flip about this tart, you got me interested in the tech. I wouldn't think anyone could access your phone from, say, across the room, but some phones have accounts linked to them where you can upload photos. It would be easy for someone to crack the password to that. But one website claims this girl emailed them to someone a year ago and someone got ahold of them since.
Reply With Quote
  #3  
Old 07-13-2008, 10:27 PM
xash xash is offline
Ogministrator
Moderator
 
Join Date: Jan 2001
Location: Palo Alto, CA
Posts: 4,133
Technically, it is possible. For any mobile operating system that you can develop and install 3rd party software applications (e.g. Windows Mobile, Palm OS, RIM OS, Symbian, Linux) you can technically write an application that allows access to the device remotely or sends out information from the device.

For example, look at this FTP server for Windows Mobile that allows you to access any file on the phone from your desktop browser:
http://www.mochasoft.dk/freeware/ftpd.htm

The more difficult part is actually getting access to the device in order to install such 3rd party software. If you have physical access to the device, this is a trivial thing to do. Without physical access to the device, security vulnerabilities can be exploited to do some level of hacking.

For example, there was a vulnerability in the iPhone Safari web browser that allowed a remote hacker to take control of the iPhone (however, no known attack in the wild was reported because the vulnerability was fixed in a security update):
http://www.nytimes.com/2007/07/23/te...in&oref=slogin
Reply With Quote
  #4  
Old 07-13-2008, 10:34 PM
Omniscient Omniscient is offline
Charter Member
 
Join Date: Apr 1999
Location: Chicago, IL, USA
Posts: 16,281
It's very possible. There was quite a big issue with the Sidekick being hackable a couple years ago and I have no doubt issues still exist. Frankly as more phones become internet capable and more users start browsing the web and running apps on them it's only going to get more common.
Reply With Quote
  #5  
Old 07-13-2008, 10:41 PM
xash xash is offline
Ogministrator
Moderator
 
Join Date: Jan 2001
Location: Palo Alto, CA
Posts: 4,133
Here's a detailed explanation of how the iPhone vulnerability worked:

http://securityevaluators.com//content/iphone.jsp

"
When the iPhone's version of Safari opens the malicious web page, arbitrary code embedded in the exploit is run with administrative privileges. In our proof of concept, this code reads the log of SMS messages, the address book, the call history, and the voicemail data. It then transmits all this information to the attacker. However, this code could be replaced with code that does anything that the iPhone can do. It could send the user's mail passwords to the attacker, send text messages that sign the user up for pay services, or record audio that could be relayed to the attacker.
"
Reply With Quote
  #6  
Old 07-14-2008, 12:58 AM
Anaglyph Anaglyph is offline
Guest
 
Join Date: Jan 2007
The instance of this I have seen (a tech show on TV) was what the victim was invited to download a picture from a second persons phone, and while this connection was active, the second person stole pictures from the victim's phone. So, it was more like trick thiefery than hacking, abusing a legitimately established connection between the two phones.
Reply With Quote
  #7  
Old 07-14-2008, 02:30 AM
SmartAleq SmartAleq is offline
Guest
 
Join Date: Sep 2005
There are Bluetooth vulnerabilities as well, and third party apps to exploit them to the fullest.
Reply With Quote
  #8  
Old 07-14-2008, 04:17 AM
Nava Nava is offline
Guest
 
Join Date: Nov 2004
Dunnow about purposeful hacking, but one of my coworkers has all his fancy little machines set to synch with his computer. The other day I gave him some files using my pen drive, and the pen drive helpfully came back with all the music from his ipod, plus the pics from his phone.

I promise my pen drive didn't hack anything! It was his computer that was too helpful.
Reply With Quote
  #9  
Old 07-14-2008, 06:59 AM
rbroome rbroome is offline
Member
 
Join Date: Jun 2003
Location: Louisiana
Posts: 1,888
Quote:
Originally Posted by astro
Re this story below the claim is that someone "hacked" her cell phone and made it send them some private pics on it that she had taken. I did not think it was technologically possible to remotely take control of a person's cell phone like this. Is this a credible claiim?

Miley Cyrus Got Violated
There have been posts on Slashdot (so take it with a grain of salt), that not only can a phone be taken over remotely, the phones can be reprogrammed, remotely, to look like they are still off. So yes, with proper access one could take pictures from another phone, place pics in the phone, alter anything stored in the phone, and turn the phone into a live mic. Oh and use it as a tracking device. Highly concerned/paranoid people take the batteries out of their phones whenever they don't want to be monitored. And of course the Gov't solves the problem by simply not allowing people to bring phones in to classified areas.
Remember, phones are powerful computers with their own built-in radios. And the phone companies designed them (OK, had them designed) for the company's benefit, not the privacy of the user.
Reply With Quote
  #10  
Old 07-14-2008, 07:03 AM
Argent Towers Argent Towers is offline
Guest
 
Join Date: Jun 2005
It's remotely possible, I suppose.
Reply With Quote
  #11  
Old 07-14-2008, 10:14 AM
Projammer Projammer is online now
Member
 
Join Date: Apr 2006
Location: SW Arkansas
Posts: 4,468
Paris Hilton is reported to have had her phone hacked as well.

Undetermined veracity as far as I'm concerned, she may have sent them out herself as a publicity ploy. But the report is there.
Reply With Quote
  #12  
Old 07-14-2008, 02:22 PM
bryanmaguire bryanmaguire is online now
Guest
 
Join Date: Nov 2000
it is most definitely possible

bluesnarfing
Reply With Quote
Reply



Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 05:18 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright 2013 Sun-Times Media, LLC.