Google and Apple patch Wi-Fi vulnerability that could have affected 1 billion phones

Google and Apple patch Wi-Fi vulnerability that could have affected 1 billion phones
At the recent Black Hat security conference in Las Vegas, Exodus Intelligence's Nitay Artenstein wanted to prove that some Wi-Fi chips produced by Broadcom could negatively affect 1 billion handsets, both iOS and Android flavored. The attack code sent out by Artenstein asks to make a connection with computing devices that are nearby. When these requests are received by devices running the BCM43xx model of Wi-Fi chips found inside certain smartphones, the firmware controlling the chip is revised by the attack.

The affected chip sends out malicious packets to other devices creating a domino effect. All together, roughly one billion handsets were vulnerable to this attack until Google sent out an update that included a patch earlier this month. Apple sent out its patch last week.


Artenstein, who named the worm "Broadpwn," says that the attack worked on the Apple iPhone 5 and later, and the Nexus 5, Nexus 5X, Nexus 6, and Nexus 6P. Also affected were the Samsung Galaxy S3 through the current Galaxy S8.

With the flaw now closed by Apple and Google, this is one vulnerability that you need not worry about anymore. However, for every flaw that is plugged, another one seems to pop up. That means companies like Google and Apple can never let their guard down.

source: ArsTechnica

FEATURED VIDEO

15 Comments

1. maple_mak

Posts: 953; Member since: Dec 18, 2013

I remembered someone just said iOS is more secured.

2. blingblingthing

Posts: 919; Member since: Oct 23, 2012

Little do they know. The correct term is more "closed" which causes the illusion it's more secure.

7. mikehunta727 unregistered

Statistically, iOS has actually been the more secure OS, targeted less by malware, more people overall and up to date, MUCH less malware has hit App Store vs Play Store, more vulnerabilities found and exposed and used on Android side daily, etc. People on near latest iOS version or latest version are much more protected and secure than 99% of the Android userbase You literally have tens of millions of people around the word being recked by ransomware/malware/trojans on their Android device that is sapping information from these poor people/stealing money/etc via built in Chinese backdoors/unpatched Android devices/etc Android security system in the whole Android ecosystem from low end to high end is in much more dire "trouble" than Apple is and will ever be until the day we see same day patches for everyone on Android

11. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

I think it's time for Google to design and built-in a firewall into Android. A firewall under their control could filter out such attack.

3. Leo_MC

Posts: 6935; Member since: Dec 02, 2011

The worm does nothing to the system (both iOS and Android), it just sends itself to other devices.

6. mikehunta727 unregistered

Considering not even 0.50% of total Android users have this July update, while the whole update has already been pushed to the whole active iOS user base,(over billion active devices) means that much much much more people are patched and protected. This was a Broadcom firmware vulnerability that was patched. The rest of Android ecosystem will not be on at least July patch for 1 year minimum so..

9. sissy246

Posts: 7035; Member since: Mar 04, 2015

That's because they believe everything Timmy boy tells them. Nothing is safe

10. Chidoro

Posts: 168; Member since: Sep 20, 2016

It is, make no mistake.

4. Zylam

Posts: 1813; Member since: Oct 20, 2010

What about all the Android phone that won't get a patch to fix this?

5. TeriusRose

Posts: 108; Member since: May 12, 2017

Then I guess they won't be protected. I'm not sure what you're trying to say here unless it's just a swipe at android.

8. sissy246

Posts: 7035; Member since: Mar 04, 2015

That's what he is trying to do. Just ignore him.

12. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Take precautions not to connect to public wifi hotspot. I have 15gb data plan /per month so there is absolutely no need to connect to wifi when I travel.

13. Xilam unregistered

I think he's trying to prove that iOS is essentially more secure because when these things are discovered nearly all iOS devices get patched instantly... which is true. Hope my explanation is clear enough.

14. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

iOS may be better with security update but they have their own set of disadvantage in other areas. For examples my iPad 1 is useless to me now that Apple decided to abandon it. Will it enjoy the security update available to the newer modal plus the apps that I use to run are block due to not having the later iOS release. As for my Motorola Xoom bought during the same time period is far more useful compare to my iPad 1. Every app I have still run and update as usual.

15. Xilam unregistered

Yeah you're right.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.