Handy-PIN im Klartext auf Smartphones gespeichert

[Guest rico12345]

:roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll:

Windows für Pocket PC 2002 Phone Edition aus dem Hause Microsoft (Börse Frankfurt: MSF) hat ein nicht zu verachtendes Sicherheitsloch: Wie der Online-Dienst Teltarif berichtet, konnte der Sicherheitscode (PIN) beispielsweise beim Smartphone MDA und XDA unverschlüsselt in Registrydaten des Handys ausgelesen werden.

Das Problem sei in Fachkreisen bereits seit längerem bekannt, bisher aber nicht veröffentlicht worden. Man wollte so Microsoft Zeit zum Nachbessern zu lassen. "Bis heute gibt es allerdings noch keine Aktualisierung oder Korrektur der Software", beklagt Teltarif.

Der Fehler ist, dass das Betriebssystem die jeweils zuletzt eingetippte PIN (Personal Identification Number) der SIM-Karte im Klartext in der Registry ablegt. Der PIN-Code befinde sich unverschlüsselt in Schlüssel HKEY_CURRENT_USERControlPanelPhoneExtendFunctionExtendData. Das Problem: Wer eine SIM-Karte und die zugehörige PIN hat, kann auf Kosten des Vertragsinhabers quasi unbegrenzt telefonieren.

Der Eintrag in der Registry bleibe selbst dann erhalten, wenn das Gerät in den Standy-Modus geschaltet werde. Wer ein entsprechendes Gerät verleihe oder verliere, müsse also damit rechnen, dass seine PIN-Nummer ausgespäht werde.

Bis Microsoft die Lücke schließe, könnten sich betroffene User eines MDA oder XDA nur mit dem Tool WipePIN schützen, das den Schlüssel mit vier Fragezeichen ???? überschreibe.

[Guest Firaas]

Roughly translated by Google:

Windows for pocket PC 2002 Phone edition from the house Microsoft (stock exchange Frankfurt:  MSF) does not have a safety hole which can be despised:  As the on-line service Teltarif reports, for example the sicherheitscode (pin) could be picked out with the Smartphone MDA and XDA unencrypted in Registrydaten of the Handys.  The problem was not well-known, published in experts already since longer so far however.  One wanted to leave Microsoft in such a way time for improving.  "until today there is however still no actualization or correction of the software", deplores Teltarif.  The error is that the operating system puts down last in each case the typed pin (personnel identification NUMBER) of the SIM map in the plain language into the Registry.  The pin code is unencrypted in key HKEY_CURRENT_USERControlPanelPhoneExtendFunctionExtendData.  The problem:  Who has a SIM map and the associated pin, can telephone expense the expense of the contract owner quasi for an unlimited period.  The entry in the Registry remains even if the equipment is switched into the Standy mode.  Who lends or loses appropriate equipment, it must count thus on the fact that its pin number is spied.  Until Microsoft closes the gap, could user concerned of a MDA or a XDA protect themselves only with the Tool WipePIN, that the key with four question marks????  overwrite.

[Guest agent.m]

can you translate the translation???? :)

is that a way of sim unlocking?

[Guest Monolithix [MVP]]

I think its basically saying that SmartPhone OS puts the SIM PIN number into the registry when you unlock the phone after booting, however it is stored unencrypted and can effectively be viewed by anyone that gets hold of your phone when its on (assuming device lock isn't activated).

However i can't see that registry key on my phone...

[Guest cymro]

That key doesnt appear to exist. At least not on my phone.

Looking at it PHM regedit.

[Guest agent.m]

cheers!! let us know if you find it :)

[Guest ClintEastman]

Not on my phone ether!

[Guest Firaas]

It doesn't mention Smartphone :)

It's on about Pocket PC Phone Edition...

[Guest Paul [MVP]]

This is a widely publicised PPCPE bug (see XDADEVELOPER.COM for an app to read it!), but it does not apply to SmartPhone.

PThis is a widely publicised PPCPE bug (see XDADEVELOPER.COM for an app to read it!), but it does not apply to SmartPhone.

P

[Guest agent.m]

found a folder under

hkey_local_machine/security/simlang

then click on value and you get

id and lang

does that mean anything?

[Guest Firaas]

It'll be the language ID...