Erik's Weblog 2.0

September 27, 2012

[@858]

NoUSSD 1.0: Prevent Remote Wipe

I've just released NoUSSD 1.0, an Android intent that prevents malicious websites from using the recently discovered tel: URL attack and potentially remotely wipe your device.

NoUSSD will intercept all USSD codes and give you the choice to not dial them. Regular phone numbers will be sent automatically to your favorite dialer.

NoUSSD requires no special permissions and is open source. It is available for free on the Google Play Store.

Comments

Motsomi

Sep 29, 2012 at 11:11

I have just installed the No Ussd app on my Samsung Galaxy Note GT-N7000 and it works perfectly.
Prior to the installation the operating system which is Android Gingerbread 2.3 was also vulnerable to the attack.
Thanks a lot.

Alan B.

Oct 1, 2012 at 15:28

Your NoUSSD app doesn't seem to be working on the HTC Droid Incredible 2.  Do you know of any issues associarted with that device?

Erik C. Thauvin

Oct 1, 2012 at 18:02

Alan, not specifically, but someone did comment that it did not work on the HTC One X either. It seems to work on other HTC devices, so it is quite puzzling.

I'll send you an email, maybe you can test a few things for me.

Thanks,

E.

Alan B.

Oct 2, 2012 at 05:19

Erik-
WOW... I just clicked on your link in my PC browser and read this on the page:  

"If visiting this page automatically causes your phone's dialer application to pop up with *#06# displayed then you are not vulnerable."

When I opened the link on my phone, I never saw that message. It just went straight to the dialer.  I apologize for taking up your valuable time by not completely reading the information. And I thank you for actually taking the time to contact me.  

Alan

Post a comment

 

Comment Preview