NFC: A Touchy Subject

Next story

phone-nfc

Security experts at a recent hacking event, known as “Mobile Pwn2Own”, have discovered a series of flaws in Near Field Communication (NFC) that could allow attackers access to the phones contents.


NFC, amongst other things, is increasingly being used for payment, which obviously makes them a much more attractive target to hackers and a much bigger concern to consumers.

The event, Mobile Pwn2Own, happened in Tokyo and was organised by HP. There is a prize pool of $425,000 (£271,000) up for grabs to the most successful hacks. The event isn’t to encourage hacking per se: its purpose is to find these exploits in a safe environment before they occur “in-the-wild”.


“Wealth of Knowledge”


Mark James, ESET security specialist, explains further:

“Competitions like “Mobile Pwn2Own” are on a whole a great way for serious bugs and flaws (Exploits) to be found.

“Most often in these environments bugs are kept under wraps and sent privately to the affected companies thus enabling them to patch these holes quickly and efficiently.”

Amongst the phones successfully hacked were the Apple iPhone 5S, Samsung Galaxy 5, LG Nexus 5 and Amazon Fire Phone.

“With the greatest respect to the companies that make our hardware and software their resources are limited, they have a relatively small development, testing and QA team compared to the millions of people that are expected to buy, use (and find faults) with their goods once released.”

Mark added that “it stands to reason the wealth of knowledge available outside the company for testing is far more than what they have available.

“Getting together and rewarding the people with the massive knowledge required to find any exploits that ultimately should make our technology safer should be applauded and encouraged.”