Project Zero finds large vulnerability involving Broadcom Wi-Fi chips

nexus 5 smartphone
Google’s Project Zero continues to strap on its cape to make the world a safer place for us to use our electronics, this time helping to discover a dangerous flaw in Broadcom Wi-Fi chips. That hardware can be found in a variety of smartphones, including iPhones, Nexus phones, and a variety of Samsung devices.

Project Zero has been helping to rid the world of exploits and security flaws for a few years now, regularly releasing information on these bugs to manufacturers and then giving them a short time period to correct the problem before it’s made public. In this case, the Project Zero researcher and bug discoverer, Gal Beniamini, said that Broadcam had been very “responsive,” helped fix the bug, and explained its problem to manufacturers.

Apple has responded with a security update, fixing up the problem in its 10.3.1 release, though it hasn’t released a comment on the bug. Techcrunch notes that Google has declined to comment on the matter.

It’s good to see speedy responses, though. From the detailed breakdown of the bug, it seems like a nasty one. It uses a series of exploits to breach the Broadcom chip’s security, which can in turn be used to take over the entire device it’s built into. All of that can be achieved wirelessly, with no direct interaction with the handset in question.

Theoretically, anyone on a shared Wi-Fi network, private or public, could compromise a device built with Broadcom’s Wi-Fi system on a chip (SOC).

Fortunately it sounds like Broadcom has been very open to advice on how to improve its security and has now informed Project Zero that newer versions of its Wi-Fi SoC will utilize a memory protection unit and several other hardware security measures. We’re told that these should fix most of the exploit paths used to make this bug viable and Broadcom is also considering implementing “exploit mitigations in future firmware versions,” as well.


Midrange phones can’t do A.I., but MediaTek’s P90 chip aims to change that

MediaTek has announced the Helio P90 mobile processor, which it says will bring the best A.I. features we see on high-end smartphones, to the mid-range. We spoke to the company about the chip.

Does Qualcomm's latest laptop processor hold up against Intel's Core i5?

Qualcomm has been nipping at Intel's mobile CPU heels for years and now it might finally have overtaken it. To find out whether it's new SoC can hold its own in mid-range computing, we pitted the Snapdragon 8cx vs. Core i5.

These are the worst passwords of 2018. Is yours on this list?

Do you use a bad password that makes your online accounts easy to break into? SplashData has compiled a list of the top 100 worst passwords for 2018 and there are quite a few listings that were carryovers from prior lists.

Intel answers Qualcomm's new PC processors by pairing Core and Atom in 'Foveros'

Intel has announced a new packaging technology called 'Foveros' that makes it easier for the company to place multiple chips together on one package. That includes chips based on different Intel architectures, like Core and Atom.

iOS jailbreak app store Cydia shuts down purchasing

For years, iOS users have been jailbreaking their devices to install software not approved by Apple. But now the popular app store alternative Cydia will no longer be accepting purchases.

Lawsuit alleges Apple falsely advertised the screen size of the iPhone X

A lawsuit alleges that Apple was dishonest in the way that it marketed the iPhone X. The lawsuit alleges that despite Apple's marketing campaign, the new iPhone is not in fact all screen because of the notch.

Apple is still selling iPhones in China despite being ordered not to

Apple is following the FTC's lead and has sued Qualcomm for a massive $1 billion in the U.S., $145 million in China, and also in the U.K., claiming the company charged onerous royalties for its patented tech.

Is somebody watching you? How to stop apps from tracking your location

If you don't like the idea of your every movement being tracked by apps on the phone in your pocket, then you may want to turn location tracking off. We take a look at how to do it on an iPhone or Android phone in this easy guide.

Report: Samsung's upcoming foldable phone will cost a hefty $1,800

Samsung has been showcasing bendable display tech for a few years and now a folding smartphone might finally arrive. The Galaxy X, or perhaps the Galaxy F, may be the company's first example. Here's everything we know about it.
Smart Home

Starbucks teams with Uber Eats for delivery from 2,000 of its U.S. stores

Starbucks has teamed up with Uber Eats to offer customers deliveries from almost a quarter of its stores in the U.S. The major expansion launches early next year, making life even easier for fans of the coffee giant.

Huawei Nova 4 has a hole in the screen, and a 48-megapixel camera on the back

Huawei has launched the Nova 4, a new smartphone that has abandoned the screen notch and adopted a punch hole alternative, and also has a massive 48-megapixel camera. Here's what you need to know about the Nova 4.

Black hole in the screen of Samsung's new Galaxy A8s has a camera inside

Samsung is building exciting, technologically innovative midrange phones, and the latest to be revealed is the new Samsung Galaxy A8s, which may give us an idea of what the new Samsung Galaxy S10 will look like.

Score a Christmas deal with Speck’s half-off sale on its entire range of cases

The holidays might be nearing, but bargains don't take time off. To celebrate the last day for U.S. ground shipping, Speck will be offering a sitewide 50-percent-off deal for one day only on Monday December 17.

Doubts emerge over when LG will reveal its folding smartphone

LG may be working on a folding smartphone, making it the latest device manufacturer to be linked to the technology, which may become one of the standout designs of the coming year.