0

Couple of days ago I attended a political demonstration. Amateur mistake, I know but I left my Bluetooth set to discoverable. I have a LG G2 running Android 5.0. Once during the demonstration I saw that I had one unsuccessful file transfer from another device. It was a file called [something].sqlite.

Although it was unsuccessful, hearing about these new hair-raising vulnerabilities like Heartbleed and Shellshock, I wouldn't be surprised if an "unsuccessful" file transfer could infect a phone. Especially performed by a government agency...

Is it possible that they infected my phone?

alecxe
  • 1,515
  • 5
  • 19
  • 34
Nandor
  • 1

2 Answers2

1

I don't know what makes you think that a file that couldn't get into your phone would attack you. If you got a "file transfer unsuccessful" or similar message, it clearly means that the file isn't received. So, no worries. SQLite is a database that is used in android. Even if you had received the file, it should be executed by a program, your or a third party who can physically access your phone. Which didn't happen. Also, you would need root permissions to allow other apps to make something to execute. So, basically, don't worry on it and don't keep the Bluetooth to discoverable mode to avoid such surprises.

Arun Anson
  • 76
  • 4
  • Thanks. This is what I was thinking. But I also feared that there could be a flaw in the implementation of the technology at some level which I'm anaware of. I mean an Android phone can be hacked by an MMS message. So these kind of insane threats are real. – Nandor Feb 22 '16 at 12:42
  • As you can easily understand, what we humans make can't be perfect. Similarly, software engineering has this theory that no software is assumed bug free. Bugs are fixed or solutions are found as new threats occur. When we users of the solutions are aware that something is not secure to 100%, we will always take precautions from our side which makes it hard to hack. One such thing is turning off the Bluetooth device. Happy that I could answer your question. – Arun Anson Feb 22 '16 at 12:54
  • *Assuming* it was an ordinary SQLite database, and *assuming* that there are no exploitable vulnerabilities in the Bluetooth stack, you are probably correct. But theoretically a well-crafted file transfer attempt that exploited the right bug could compromise a device. Bugs can lurk anywhere, and nothing is truly safe. This was probably someone trying to send a file to a friend, and accidentally sending to the wrong device, but in the future, leave Bluetooth, WiFi, etc. disabled in dodgy environments. – Edward Falk Mar 21 '16 at 21:55
-1

Well, a targeted operation against an individual person or organization involves always the risk that it could be discovered and analyzed. This could raise much suspicion and the methods(exploits) and software(malware) which were used could be rendered useless. This would cost money and could put other ongoing operations at risk. For this reason professional attackers will only attack high value targets. In most cases these are people with special influence, special knowledge or people with some kind of relationship to those.

Assuming that you are not such a high value target it's very unlikely that you have been attacked by a governmental organization.

But it's kinda likely that your mobile was tracked using mass surveillance techniques like IMSI catchers or similar equipment. You should also think about all other traces you left by carrying and using your mobile phone. It's very likely that these data is saved and analyzed by some party.

TL/DR: Leave your phone at home and think twice before giving away sensitive information if you don't want to be tracked.

Noir
  • 2,523
  • 13
  • 23
  • Good point but I also think that the above mentioned method can be part of a non-targeted surveillance. I call this "fishing" because it's exactly like going to the lake and try to catch a few random fish from the mass. I strongly believe that this was a government operation. You don't know every government so you can't make assumptions what they can or willing to do. Yours might not, mine does things like this. My only question is what might be they capable of. – Nandor Feb 23 '16 at 12:19
  • A zero day exploit which allows code execution via Bluetooth as described in your scenario (Afaik Bluetooth discoverability in Android is only enabled either if you are actively in the Bluetooth menu or for a limited amount of time, depending on your Android version) is VERY valuable. If your government is throwing such exploits recklessly at random people, you should be very concerned about the security of all your devices and communication channels. Further, I talked about likeliness, I didn't say that this can't happen. However... Take care! Seems like you have serous struggle over there... – Noir Feb 23 '16 at 13:18
  • Very good point about the value of such vulnerability. Although only AOSP limits the time of discoverability, my silly stock ROM doesn't. (I'm using stock because of the camera capabilities.) I learned it due to this incident. – Nandor Feb 23 '16 at 15:00