The one monkey with a wrench, said John Pescatore, vice president and research fellow with Gartner, would be an attack based on a carrier’s own over-the-air provisioning capabilities. Newer phone operating systems let carriers do automatic updating using OTA.
"If the OTA path is vulnerable, attackers would not need to use viruses or worms to spread malware, because they could install it directly," Pescatore and Girard wrote in their report.
"It would be like if someone hacked into Comcast," said Pescatore, "or Microsoft’s Update service, and used the ISP or an update to install files, either automatically or by pretending to be from the ISP."
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.