Bad RCS implementations are creating big vulnerabilities, security researchers claim

Bad RCS implementations are creating big vulnerabilities, security researchers claim

by Jon Porter, The Verge

Carriers are creating problems for users.

Security researchers at SRLabs have found a number of vulnerabilities with the way carriers around the world are implementing RCS, the new messaging standard designed to replace SMS, Motherboard reports. In some cases, these issues could compromise a user’s location data, they could allow their text messages or calls to be intercepted, or they might allow their phone number to be spoofed.

One issue identified on an unnamed carrier’s implementation could allow any app on your phone to download your RCS configuration file, for example, giving the app your username and password and allowing it to access all your voice calls and text messages. In another case, the six-digit code a carrier uses to verify a user’s identity was vulnerable to being guessed through brute force by a third-party. These problems were found after researchers analyzed a sample of SIM cards from several different carriers.

Read the full article here…

How did you like this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

SHARE THIS PAGE OR POST

Leave a Reply