On 2023-10-05 Adam Thompson wrote:
What everyone calls SMS almost always includes MMS, which is a layered superset of SMS capabilities (using OTT IP, FWIW).
Ya, even if iMessage tries to take over on Apple as the MMS replacement, iOS devices must still speak MMS to communicate with Android phones.
MMS is capable of sending images. While they normally get transcoded at least once, and usually 3 times (wtf, I know), it is possible for a sufficiently-sophisticated attacker to send webP images bypassing all the transcoding. To do so, the attacker would need an SS7 connection, but while expensive, that's not a massive technical hurdle.
If the carriers (of which there actually aren't many in terms of "big" players) are already transcoding then in theory they could also check or block/strip images that have the hack in them? The bug description makes it sound like it would be trivial to do.
So... sadly that's still a zero-click vuln on every cell phone with a carrier that isn't still in the dark ages.
Then the next question is with Apple pushing iOS updates out fairly quickly, what is Android doing? I've yet to see any new OS update from Samsung. I guess it's just their usual head-in-the-sand nothing-to-see-here response?
Since webp never really took off, makes you wonder why they pushed it out to every browser and device so eagerly... malware on purpose? People thought it was "safe" because it was a huge company pushing it? No one checked the source? If I was conspiracy minded...
Now excuse me while I go setup my firefox to run in firejail...