Or Continue to Thread: [VULNERABILITY] Remote wipe vi…
Find Your Device:
25th September 2012, 02:59 PM   |  #22  
Junior Member
Thanks Meter: 8
 
4 posts
Join Date:Joined: Oct 2011
Exclamation The problem - and a solution
The issue has nothing to do with the browser. I've tested on ICS with Chrome, default browser and Dolphin - all behave the same way.

Test here: dylanreeve DOT com/phone.php (uses IMEI display USSD - it's totally safe).

The issue is with the stock dialer. If you can prevent that dialer from handling the tel: URL then you can either prevent or at least intervene in attack attempts. So the solution is... Install another dialer (probably any other dialer).

dylanreeve.posterous DOT com/remote-ussd-attack

(I can't post URLs yet)
The Following 6 Users Say Thank You to DylanReeve For This Useful Post: [ View ]