At the GeekPwn 2015 hacking contest held in Shanghai, news about cracking has been repeated. Dajiang UAV, Lakara POS POS, TP-link routers, etc. cover smart hardware, mobile payment, smart home and other fields. Someone who has been cracked, as a representative of China's Internet security company, has just released the Qikuo mobile phone to be identified and exploited by hackers.
To this end, 360 said in a statement last night that the world does not have an absolutely secure mobile phone, but must have the safest mobile phone. At the same time, it is pointed out that there are specific preconditions for the hacker flanker to use the cracking method in the contest, and this premise is equivalent to the user sending the mobile phone to the hacker.
The hacker challenged the "fingerprint recognition function" of Qikuo mobile phone, but 360 did not agree with this crack. 360 said that from this "crack" demo, Qiku users must plug the phone into the hacker computer, and tell the other party to unlock the password, and then modify the phone's default settings, in order to bypass the phone's fingerprint recognition, and the user's Fingerprint information does not leak. 360 also describes this "cracking" as the owner needs to hand over the keys to the thief, the thief enters the house and removes the lock, and then the lock is not safe.
For the hole and other vulnerabilities of the 360-character mobile phone of the live demonstration, 360 said that because the organizer has not provided specific details of the vulnerability, it is still unable to verify its validity. Qikuo Mobile will actively communicate with relevant personnel.
Attached to Qikuo Technology's statement on the "Tencent Hacking Contest to find 360 cool mobile phone vulnerabilities":
On October 24th, the hacking crack challenge sponsored by Tencent, some links were targeted by 360 cool mobile phones. We support Internet giants such as Tencent to attach importance to and fund similar cracking activities, that is, "provide an environment for security research." People help identify potential security breaches, which helps drive the security of 360 Cool phones.
There is no absolutely secure mobile phone in this world, but there must be the safest mobile phone. Well-known hardware companies, including Tesla and Apple, have also been cracked by many hackers. For the specific details of the crack contest, the 360 ​​cool phone statement is as follows:
1. In the event, the 360 ​​fingerprint mobile phone “fingerprint recognition function†becomes the challenge object. The “crack†method is to connect a Qi cool phone to the computer, open the “trust device†function that is turned off by default on the phone, and then input the correct password. Or fingerprint to unlock the phone, in order to bypass the phone's fingerprint verification. From this demonstration, Qiku users must insert the phone into the hacker computer and tell the other party to unlock the password, and then modify the default settings of the phone to bypass the fingerprint recognition of the phone, and the user's fingerprint information will not leak. . To make an image metaphor, this kind of "cracking" is like the owner needs to hand over the keys to the thief first. After the thief enters the house, the lock is removed, and then the lock is not safe. For the vulnerabilities such as the Root of the 360 ​​cool phone in the live demonstration, because the organizer has not provided specific details of the vulnerability, we are still unable to verify its validity. Qiku Mobile will actively communicate with relevant personnel.
2, 360 cool mobile phone promises to update the security patch once a month, is the only mobile phone in China that updates the security patch with Google. We value the security of our mobile phones and users and we want to work with more security researchers to responsibly verify, reproduce, respond to and fix vulnerabilities in reports. Thanks to all the researchers who helped us discover and submit vulnerabilities, let us go further than the "safest phone."
3. The "72-hour Security Vulnerability Challenge" launched by the 360 ​​Cool Mobile on October 22 is currently underway. We will reward individuals or organizations that have discovered and submitted valuable vulnerabilities. We encourage hackers to actively participate in the Challenge. Have the opportunity to win a grand prize. Any product has loopholes, the important thing is to find and repair in time. 360 Help Microsoft, Google, Apple and other international giants fix hundreds of high-risk vulnerabilities. Since 2013, 360 has taken the lead in providing cash rewards for vulnerability reporters in China. Millions of bonuses have been issued to effectively protect the safety of 360 users.
4, 360 Qi cool mobile phone for each user prepared a maximum of 120,000 in the year to pay for the odd cool property insurance. Even if users are exposed to security risks, they can recover their losses to the greatest extent possible. We will continue to support and reward security researchers for discovering, submitting, and fixing vulnerabilities. There is no such thing as a seamless product in the world, but there are companies that are responsible for user safety.
Ningbo Autrends International Trade Co.,Ltd. , https://www.mosvape.com