1 files changed, 36 insertions, 0 deletions

diff --git a/markdown/2012_09_replicant-2-3-0005-images-fixing-the-ussd-vulnerability.md b/markdown/2012_09_replicant-2-3-0005-images-fixing-the-ussd-vulnerability.md
new file mode 100644
index 0000000..5e4c670
--- /dev/null
+++ b/markdown/2012_09_replicant-2-3-0005-images-fixing-the-ussd-vulnerability.md
@@ -0,0 +1,36 @@
+tags: Privacy/security, Replicant images release, Paul Kocialkowski
+date: 2012-09-30 12:55
+title: Replicant 2.3 0005 images, fixing the USSD vulnerability
+---
+Earlier this week, we were noticed that an USSD vulnerability was discovered
+in Android. After doing a bit of research, we came to understand the nature of
+the vulnerability: intents can basically dial a number and start a call
+without asking confirmation to the user. That could seem harmless at first
+sight, but it turns out it also works with USSD codes, and some of them are
+very powerful. This is mostly the case of vendor-specific USSD codes (that are
+not included in Replicant), which could erase the phone’s user data.
+
+What’s also problematic about this is that web pages can trigger such intents
+(through an iframe with the `tel:` prefix for instance).  
+Since this vulnerability was present in our Replicant images (although the
+damage was reduced as we don’t include vendor-specific USSD codes), we decided
+to include the fix in our code base and release new images. That’s nearly the
+only new feature of these images (Galaxy S also got a nasty graphic bug
+fixed).
+
+You can download the images from the [ReplicantImages][1] page and find
+[installation instructions][2] as well as [build guides][3] on the [Replicant
+wiki][4].
+
+ [1]:
+<http://redmine.replicant.us/projects/replicant/wiki/ReplicantImages#Replicant-23-0005-images>
+
+ [2]: <http://redmine.replicant.us/projects/replicant/wiki#Installing-
+Replicant>
+
+ [3]: <http://redmine.replicant.us/projects/replicant/wiki#Building-
+Replicant>
+
+ [4]: <http://redmine.replicant.us/projects/replicant/wiki/>
+
+