Security hole in Sony Ericsson mobiles
Adrian Nowak and Karsten Sohr, research scientists at Bremen university, have discovered a vulnerability in Sony Ericsson phones which gives applications read and write access to the device's system files. This could, for example, be exploited to replace the certificates confirming the origin of programs to be installed. While attackers could use it to install arbitrary software on the devices, users could also replace the logos and ring tones installed for "branding" purposes.
For the installation of malicious software, the user only needs to confirm that the software is allowed to read and write user data. According to the researchers this is standard practice with trusted applications and doesn't, therefore, raise any suspicion. Many of the models sold between 2005 and 2007 are affected: for example K750i, K800i, K810i, T650i and W880i. These models don't run the Symbian OS but a proprietary Sony Ericsson operating system.
Nowak and Sohr used a Java program to demonstrate the flaw. It is still unclear whether the hole is located in the operating system itself or in the Java VM. The scientists didn't want to release any details before Sony Ericsson has had the opportunity to fix the vulnerability. No statement has so far been received from the vendor.
In September, scientists at the Fraunhofer Institute for IT security (SIT) discovered a hole in Sony Ericsson's "Code Memo" password program that allows attackers to crack stored passwords.