Palm Pre flaw leads to a bugging device

A rogue vCard can turn the phone into a snooping gadget

Researchers have found a flaw that allows bugging software to be planted on Palm Pre devices.

MWR Labs, which is the research facility of MWR InfoSecurity, found a vulnerable spot wherein a tampered vCard can be sent by sms to cause snooping software to activate on Palm Pre devices. Once activated, it can record audio and stored data to send to whoever is hacking the phone.

After the story was released to the public, an HP/Palm spokesperson told The Register that "the current version of webOS [version 1.4.5] fixes the security vulnerability reported to Palm."

Related links:
- Palm Pre Plus review
- 10 things the Palm Pre does better than the iPhone
- Palm Pre 360 first review
- Palm Pre image gallery


In a separate incident, the same researchers found a flaw on Android phone browsers that might lead to hacking of username and password data stored on the phone. Google released a statement on the matter and said the vulnerability had already been patched.

Google said, "We are not aware of any users having been affected by this bug to date, and it has been fixed in the latest version of our Android software. As always, mobile phone users can protect themselves by only visiting websites and using wifi networks they trust."

Do you have security concerns over your phone? Tell us about it on our Twitter and Facebook feeds.

Via: The Register