Most active commenters

    ←back to thread

    Remotely Compromising Android and iOS via a bug in Broadcom's WI-FI Chipsets

    (blog.exodusintel.com)
    387 points pedro84 | 29 comments | 26 Jul 17 19:51 UTC | HN request time: 1.483s | source | bottom
    1. shock ◴[26 Jul 17 20:14 UTC] No.14859838[source]
    This is kind of scary :(. How does one ensure that they aren't vulnerable to this bug?
    replies(7): >>14859911 #>>14859922 #>>14859950 #>>14860039 #>>14860460 #>>14860969 #>>14861222 #
    2. pedro84 ◴[26 Jul 17 20:22 UTC] No.14859911[source]
    Apple released fixes for both macOS and iOS last week:

    https://support.apple.com/en-us/HT207923 https://support.apple.com/en-us/HT207922

    3. excalibur ◴[26 Jul 17 20:23 UTC] No.14859922[source]
    Don't use any devices with a Broadcom Wi-Fi chipset.
    replies(1): >>14860292 #
    4. spudlyo ◴[26 Jul 17 20:25 UTC] No.14859950[source]
    If you have an iPhone make sure you're on iOS 10.3.3. For Macs, you want macOS 10.12.6.
    replies(1): >>14862419 #
    5. ben1040 ◴[26 Jul 17 20:33 UTC] No.14860039[source]
    If your Android OEM has pushed the July 2017 security update to your device, you're patched.

    https://source.android.com/security/bulletin/2017-07-01#broa...

    replies(1): >>14860094 #
    6. yodon ◴[26 Jul 17 20:38 UTC] No.14860094[source]
    Out of curiosity, what fraction of Android OEMs push these security updates promptly (or equivalently what fraction of Android phones receive these kind of updates regularly)?
    replies(2): >>14860468 #>>14860479 #
    7. merb ◴[26 Jul 17 20:58 UTC] No.14860292[source]
    which basically means don't use any wifi. I think at least 60% of all wi-fi chipsets are broadcom ones.
    replies(2): >>14861267 #>>14861362 #
    8. ◴[26 Jul 17 21:18 UTC] No.14860460[source]
    9. ben1040 ◴[26 Jul 17 21:18 UTC] No.14860468{3}[source]
    This page has a table of OEMs/devices that, as of the end of May, were fewer than 60 days behind on patches.

    https://android-developers.googleblog.com/2017/06/2017-andro...

    To me, the takeaway from this is that unless you are using a "flagship" device, or one sold directly by Google, you're probably not getting updates in a timely manner.

    replies(3): >>14860737 #>>14861434 #>>14861849 #
    10. mjevans ◴[26 Jul 17 21:20 UTC] No.14860479{3}[source]
    The supported Pixel and Nexus phone lines get things quickly.

    There isn't any third party customization to re-validate.

    11. thrownblown ◴[26 Jul 17 21:57 UTC] No.14860737{4}[source]
    Manufacturer: Device(S)

    BlackBerry: PRIV

    Fujitsu: F-01J

    General Mobile: GM5 Plus d, GM5 Plus, General Mobile 4G Dual,

    General Mobile 4G

    Gionee A1

    Google: Pixel XL, Pixel, Nexus 6P, Nexus 6, Nexus 5X, Nexus 9

    LGE: LG G6, V20, Stylo 2 V, GPAD 7.0 LTE

    Motorola: Moto Z, Moto Z Droid

    Oppo: CPH1613, CPH1605

    Samsung: Galaxy S8+, Galaxy S8, Galaxy S7, Galaxy S7 Edge, Galaxy S7 Active, Galaxy S6 Active, Galaxy S5 Dual SIM, Galaxy C9 Pro, Galaxy C7, Galaxy J7, Galaxy On7 Pro, Galaxy J2, Galaxy A8, Galaxy Tab S2 9.7

    Sharp: Android One S1, 507SH

    Sony: Xperia XA1, Xperia X

    Vivo: Vivo 1609, Vivo 1601, Vivo Y55

    replies(1): >>14861922 #
    12. 0xdeadbeefbabe ◴[26 Jul 17 22:29 UTC] No.14860969[source]
    It is pretty hard to ensure you are vulnerable.
    13. cududa ◴[26 Jul 17 23:12 UTC] No.14861222[source]
    Turn off your wifi
    14. cpncrunch ◴[26 Jul 17 23:21 UTC] No.14861267{3}[source]
    And who's to say another chipset won't have a similar issue?
    15. gruez ◴[26 Jul 17 23:34 UTC] No.14861362{3}[source]
    that seems pretty doable. on phones there's qualcomm chipsets, and on desktops/laptops there's atheros, intel, and realtek (of the vendors i know of).
    replies(2): >>14861774 #>>14863387 #
    16. JepZ ◴[26 Jul 17 23:49 UTC] No.14861434{4}[source]
    And yet another time we learn why it is better to use Lineage OS. Five year old Samsung S3:

      Android: Version 7.1.2
  Security Patch Level: 5th July 2017
    replies(5): >>14861794 #>>14861921 #>>14862149 #>>14862780 #>>14867992 #
    17. simonh ◴[27 Jul 17 00:57 UTC] No.14861774{4}[source]
    So your considered recommendation is for 60% of recently bought device owners globally to all replace their phones, tablets and laptops with devices containing Qualcomm chips, immediately.

    And this is preferable to a software fix.

    18. ◴[27 Jul 17 01:02 UTC] No.14861794{5}[source]
    19. zerocrates ◴[27 Jul 17 01:11 UTC] No.14861849{4}[source]
    My TV came with no on-screen menus but a tablet you use to interact with most features and settings: it's on the June... 2016 patch set. It was over half of year out of date before I took it out of the box.
    20. contingencies ◴[27 Jul 17 01:25 UTC] No.14861921{5}[source]
    My phone screen was eaten alive by fungi last week, so I had a look at the field to pick a new device. Discovered Lineage OS, super keen. Unfortunately, its device support is crap.
    21. feikname ◴[27 Jul 17 01:25 UTC] No.14861922{5}[source]
    Just a disclaimer, this isn't the complete list of devices that received the July 2017 update. I, for one, received it for my Moto G4 Play in Brazil.

    This list shows the models with a MAJORITY OF DEPLOYED DEVICES running a security update from the last two months.

    replies(2): >>14862024 #>>14862025 #
    22. thrownblown ◴[27 Jul 17 01:50 UTC] No.14862024{6}[source]
    Yeah I just cut and pasted from the link above
    23. nosajm ◴[27 Jul 17 02:13 UTC] No.14862149{5}[source]
    My five-year-old Samsung S3 for Verizon stopped receiving updates less than 2 years after its release. The bootloader is locked tight, so I am unable to install any custom ROMs such as Lineage OS.
    24. yborg ◴[27 Jul 17 03:15 UTC] No.14862419[source]
    Why is El Capitan not getting an update? It's still on support.
    replies(1): >>14863249 #
    25. ams6110 ◴[27 Jul 17 04:46 UTC] No.14862780{5}[source]
    Guess I'll have to look at upgrading my diehard old Moto G. It's still on Android 5.1.1.

    Meanwhile I guess disabling WiFi is a mitigation?

    replies(1): >>14887714 #
    26. culturestate ◴[27 Jul 17 07:10 UTC] No.14863249{3}[source]
    This is the relevant security update for El Cap: https://support.apple.com/kb/DL1932?viewlocale=en_US&locale=...
    27. merb ◴[27 Jul 17 07:45 UTC] No.14863387{4}[source]
    well on servers/laptops i was always happy to have a intel chip. I once bought a usb stick with intel, which was a complete chunk of garbadge. Well the BCM chips were "mostly" stable, so I didn't had too much problems with them, some chips had problems under linux, but besides that they were ok.
    28. ihattendorf ◴[27 Jul 17 18:20 UTC] No.14867992{5}[source]
    Note that not all vulnerabilities are/can be patched by LineageOS, regardless of what the security patch level claims. Your device maintainer needs to actively merge patches into the kernel/device (see [0], note that this list relies on maintainers to update it). In addition, binary blob firmware needs to be patched by the manufacturer (e.g. Broadcom wi-fi exploits), which won't happen for devices that are out of support.

    [0] https://cve.lineageos.org/kernels

    29. kbenson ◴[30 Jul 17 20:44 UTC] No.14887714{6}[source]
    > Meanwhile I guess disabling WiFi is a mitigation?

    That's a good question. If it's disabled in firmware and not actually powered down, it might still be susceptible.