Many devices including smartphones and tablets are shipping now or will be available soon with a feature called NFC or Near Field Communications. We have seen this already in contactless credit card products such as PayPass and PayWave. Soon you will be able to use your smartphone to make purchases as well.
Charlie Miller, a researcher at this years Black Hat convention in Las Vegas took a look at exploiting the NFC feature, and although NFC in and of itself is pretty secure, there are opportunities to attack the applications that are written to take advantage of NFC. For example, the Android Beam applications lets an Android phone user transfer files to another Android phone just by touching them together. Theoretically, a malicious programmer could create an infected document or web page, transfer it to your phone and have you inadvertently execute the malicious payload.
As these devices come online, we will need to be careful about giving permission to applications to use the NFC feature. Here again is a new vector for a stranger to gain access to your phone and it’s contents, such as pictures and personal documents and account information.
To read the full article, go to Sophos.Share