I didn't know this, but according to OSnews' Thom Holwerda, every smartphone runs two operating systems. There is the one you see (Android, iOS, PalmOS) and then there is a "a small operating system that manages everything related to radio." The problem, explains Thom, is that not only very little is known about this other system, but considering its responsibility to the functioning of a modern communication device, it is everything but safe and secure.
You can do some crazy things with these exploits. For instance, you can turn on auto-answer, using the Hayes command set. This is a command language for modems designed in 1981, and it still works on modern baseband processors found in smartphones today (!). The auto-answer can be made silent and invisible, too.
While we can sort-of assume that the base stations in cell towers operated by large carriers are "safe", the fact of the matter is that base stations are becoming a lot cheaper, and are being sold on eBay - and there are even open source base station software packages. Such base stations can be used to target phones. Put a compromised base station in a crowded area - or even a financial district or some other sensitive area - and you can remotely turn on microphones, cameras, place rootkits, place calls/send SMS messages to expensive numbers, and so on. Yes, you can even brick phones permanently.
This is a pretty serious issue, but one that you rarely hear about. This is such low-level, complex software that I would guess very few people in the world actually understand everything that's going on here.
|Traffic Lights Installed in Pavement to Prevent Cellphone Users from Dying|
|iPhone and iPad Clip-On Camera Lenses|
|Kill-Switch on Smartphones Signed into Law|
|YotaPhone: Smartphone With LCD and Electronic Ink Screens|
|Everpurse: the Phone Charging Purse|
|“We deserve pity for being born in such primitive times.”|
|“If you don’t remember any of these countries from geography class, you’re not alone.”|
|“The greatest economic crisis of our age: the one still awaiting us.”|
|Making a Movie Inside a Video Game|
|“Any person, organization or government serious about web security should return to plain-text.”|
|“Clicking on a Facebook advert may reveal things about yourself you don’t want anyone to know.”|
|“Instead of consuming fossil fuels, it would then feed surplus electricity into the grid.”|
|Facebook Knows I Abandoned It|
|How to Avoid Jury Duty|
|Google Map Shows You the Most Photographed Areas of the World|