Bugtraq mailing list archives
Re: XP automatic recognition of Nokia as NIC?
From: Thomas Cannon <tcannon () noops org>
Date: Mon, 31 Dec 2001 13:50:13 -0800 (PST)
This sounds accurate enough. I have an Ericsson cell phone with an optional attachable cell modem that works over Ir. While I've not played with XP, Win98 was happy enough to install the drivers and allow me to dial out with a minimum of hassle. I'm not sure how much of a threat this actually is, though. The Ir port only works from at most a couple feet. To hijack someone's phone in a cafe or something, it'd have to be one table over, facing the right direction, have an unobstructed view, and not make any beeping noises (mine does) and all it's scoe you is a 9600 baud link to an ISP account that you'd have to provide. For what it's worth, I have also used my palm pilot to dial out via that same modem, again with no problems from the phone. SO it fyou want to think of it as a vulnerability, it's not one of Windows, but rather one of the cell phone. Cheers, Thomas
Beware, this story was related about a friend of a friend (FOAF) and so should be regarded with suspicion... A FOAF had bought a new laptop PC with Windows XP installed. He also owned one of the latest Nokia cell phones. One day he was using the PC when the Nokia was switched on and laid next to the PC. The PC promptly put up a standard "New hardware Discovered" dialog box. Curious, the FOAF worked through the device install dialog. XP had recognised the cell phone via the PC IR interface (one assumes the Nokia announces it's presence when switched on via it's own IR interface.) XP worked out that the Nokia could be used as a network interface and asked for the phone number of the FOAF's ISP, which was given. (It's possible that this is another function of the UPnP package.) The PC then connected to the ISP and a fully working network connection was established... The risk is obvious, XP did not establish the ownership of the cell phone before dialing out. As I said, I'm only relating the tale as it was told. I do not have the hardware necessary to test the truth of the story, perhaps others on this list do. -- Geoff Lane
Current thread:
- XP automatic recognition of Nokia as NIC? Geoff Lane (Dec 31)
- Re: XP automatic recognition of Nokia as NIC? Thomas Cannon (Dec 31)
- RE: XP automatic recognition of Nokia as NIC? Des Gibbons (Dec 31)
- Re: XP automatic recognition of Nokia as NIC? natecars (Dec 31)
- Re: XP automatic recognition of Nokia as NIC? Perry Harrington (Dec 31)
- Re: XP automatic recognition of Nokia as NIC? Thomas Cannon (Dec 31)