Noted security researcher Charlie Miller is to present the findings from his research into NFC P2P and tag reading vulnerabilities at Black Hat 2012 today.
“It turns out that through NFC, using technologies like Android Beam or NDEF content sharing, one can make some phones parse images, videos, contacts, office documents, even open up web pages in the browser, all without user interaction,” Miller explains in the preview to his “Don’t stand so close to me: An analysis of the NFC attack surface” presentation.
“In some cases, it is even possible to completely take over control of the phone via NFC, including stealing photos, contacts, even sending text messages and making phone calls. So next time you present your phone to pay for your cab, be aware you might have just gotten owned.”
NFC World will be speaking with Miller tomorrow to discuss his findings and we’ll be bringing readers all the details then.