1. TheStoof's Avatar
    S beam is pretty crap. Can't work with non Samsung phones. Couldn't even get it working between a galaxy s3 and note 2.
    Now THAT is funny.
    01-23-13 02:22 AM
  2. belfastdispatcher's Avatar
    The pairing process is the same as any two wifi direct or nfc devices. It doesn't matter as it only has to happen once, like pairing a BT headset. After that you just put the phones together and tap. Nothing is misrepresented. Without the pairing process, it would be a glaring security hole as anyone can simply connect your your device if they tapped it or your Wifi directly was on.

    S beam is just android beam customized to use a wifi direct connection instead of blue tooth.

    Wifi direct from my S2 Skyrocket to my mom's S3 transferred a 1.6GB file in 8 minutes. You do the math. For a single picture or small video the transfer is almost instant. Additionally since September Beam uses Wifi it has a much larger range than BT and the transfer can happen in the background while you do something else across a large room (or in another room, even). It's what Android beam should have been since day one.

    Try using it instead of reading text in a commercial. Usually that makes more sense.

    Sent from my AT&T Skyrocket using Tapatalk 2.
    Doesn't that defeat the purpose of NFC? BB Tag does the pairing automatically on tap, no pre pairing needed but it prompts you to accept a file every time, so there's no security risk. After the file is transfered the pairing is disconnected.

    I would have no problem sending a file to a stranger's BB trough NFC but sure as helll I'll never pair my phone to a stranger's.
    01-23-13 02:46 AM
  3. kevinnugent's Avatar
    I would have no problem sending a file to a stranger's BB trough NFC but sure as helll I'll never pair my phone to a stranger's.
    There's a condom for that.
    pallox, Barljo, Toodeurep and 2 others like this.
    01-23-13 03:18 AM
  4. belfastdispatcher's Avatar
    Look what I just came across this morning:

    Android, Nokia smartphone security toppled by Near Field Communication hack | Ars Technica

    "A new technology being added to smartphones running the Google Android and Linux-based MeeGo operating systems makes it trivial for hackers to electronically hijack handsets that are in close proximity, a researcher appearing at the Black Hat security conference said.

    By exploiting multiple security weakness in the industry standard known as Near Field Communication, smartphone hacker Charlie Miller can take control of handsets made by Samsung and Nokia. The attack works by putting the phone a few centimeters away from a quarter-sized chip, or touching it to another NFC-enabled phone. Code on the attacker-controlled chip or handset is beamed to the target phone over the air, then opens malicious files or webpages that exploit known vulnerabilities in a document reader or browser, or in some cases in the operating system itself.

    NFC is already widely available in some countries and is slowly being rolled out in handsets marketed in the United States. It allows devices to establish radio communications when they are gently bumped together or pass within close proximity of special chips. The feature allows people to share business cards and Web links on the fly or to effortlessly establish a Bluetooth connection with PCs, speakers or other devices. It can also be used to zap payment-card data to point-of-sale terminals. It's already built into smartphones running the Android and MeeGo mobile OSes and has been rumored to be a part of future Windows Phone and iOS devices.

    Miller, who is principal research consultant at security firm Accuvant, has spent the past five years demonstrating software flaws that allow hackers to take control of Macs, iPhones, and Android handsets. For this year's Black Hat security conference in Las Vegas, he turned his attention to NFC capabilities available in two three popular devices: the Nexus S made by Samsung, the Galaxy Nexus, and the Nokia N9. The results aren't encouraging.

    "[NFC] certainly increases the risk that something could go wrong," Miller told Ars in an interview ahead of his Wednesday presentation. "It opens you up to a lot more than you would think."

    Insecure by default

    The Nexus S�when running the Gingerbread (2.3), by far the most dominant Android installation�contains multiple memory-corruption bugs. They allow Miller�using nothing more than a specially designed tag�to take control of the application "daemon" that controls NFC functions. With additional work, he said the tag could be modified to execute malicious code on the device. Some, but possibly not all of those bugs were fixed in the Ice Cream Sandwich (4.0) version of Android, so the attacks may also work against that release and Jelly Bean (4.1) as well.

    But even if there are no exploitable bugs in the NFC code itself, a feature known as Android Beam, which Google developers added to Ice Cream Sandwich, allows Miller to force a handset browser to open and visit any website he chooses�without first getting permission of the end user.

    "What that means is with an NFC tag, if I walk up to your phone and touch it, or I just get near it, your Web browser, without you doing anything, will open up and go to a page that I tell it to," Miller said. "So instead of the attack surface being the NFC stack, the attack surface really is the whole Web browser and everything a Web browser can do. I can reach that through NFC."

    Surprisingly, when NFC and Android Beam are enabled�as they are by default�devices will automatically download any file or Web link sent through the service. There's no way for end users to selectively approve or reject a specific transfer initiated by another handset. "The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal," Miller said in a noted understatement.

    Making a malicious hacker's job easier, older Android versions contain known security vulnerabilities that often remain unpatched for months or even years. Miller's Black Hat demonstration includes an attack that exploits a browser bug that ships with every phone running 4.0.1 or earlier of the operating system. Using NFC and Android Beam, he can force the phone to visit a booby-trapped website that allows him to run arbitrary commands as the Web browser, including viewing files stored on the device. He said other documented security bugs in the WebKit browser engine, which is included in Android, can be exploited in the same manner.

    Enter Nokia

    NFC on the N9 isn't turned on by default, but once it's enabled, it too will accept malicious content and requests with no prompting. Among the easiest and most damaging attacks are those that use NFC to establish a Bluetooth connection with another device. Once NFC is turned on, an N9 will automatically accept all connection requests with no prompting. Once Miller connects his MacBook to a handset in range, he can force it to make phone calls, send text messages, or upload and download proprietary files, including contact lists. Users can reject requests for unauthorized Bluetooth connections, but they must first select a configuration setting requiring each one to be approved.

    But even when N9 users change default configurations so they're notified of such NFC requests, the phones accept file transfers initiated by other users without warning. The N9 then opens an application to render the downloaded file, again without prompting. Miller will demonstrate an attack that exploits a known vulnerability in the Microsoft Word-compatible reader, which is based on the open-source KOffice that ships with the phone. Similar attacks can be launched using booby-trapped PDF files. Using NFC to send a poisoned document to an unsuspecting end user, would make it "easy" to exploit such bugs, Miller said.

    "If you know of a PDF bug, instead of trying to e-mail it to the person or get them to go to your website, you can just get near them with NFC and get them to render it," he explained.

    Son of credit-card skimming

    Most of the attacks Miller described could be waged using a concealed NFC tag attached to a payment terminal or other legitimate NFC-enabled device. For attacks to work, a phone's screen must be active, and when it's running Ice Cream Sandwich or MeeGo, it must also be unlocked. Miller said those requirements provide little protection since the most common attack scenario involves targeting people as they're already in the process of using NFC. Attackers who are targeting someone they know can also call or text their victim before exposing him to a malicious tag to ensure the phone is unlocked.

    In a statement, Nokia officials wrote: "Nokia takes product security issues seriously. Nokia is aware of the NFC-research done by Charlie Miller and are actively investigating the claims concerning Nokia N9. Although it is unlikely that such attacks would occur on a broad scale given the unique circumstances, Nokia is currently investigating the claims using our normal processes and comprehensive testing. Nokia is not aware of any malicious incidents on the Nokia N9 due to the alleged vulnerabilities."

    Google representatives didn't have any comment.

    Miller's demonstration is the culmination of more than six months of painstaking research. He ultimately chose the ACR122U and SCL3711 card readers. To automate the process, he placed his test phones on the computer-connected NFC reader devices and then turned the phone's NFC on and off thousands of times. Each time he made subtle changes to the data beamed to the handset. The process of "fuzzing"�in which software is exposed to data millions of times to isolate payloads to make them crash�has long been a core part of Miller's work.

    "The hard part was finding the right hardware and software where all this magic would work," Miller said. "It's a big, elaborate mess that eventually worked.""
    01-23-13 03:28 AM
  5. anon62607's Avatar
    S beam is pretty crap. Can't work with non Samsung phones. Couldn't even get it working between a galaxy s3 and note 2.
    I just sent a photo via android beam between a galaxy S3 and a (htc) droid DNA without problem. There was no pairing process - just put the phones back to back with gallery running on both and tap to send from one to the other. It was about 15 seconds to transmit a full sized, ~ 2MB photo. Otherwise it does work pretty much exactly as advertised, no pairing process or anything.
    01-23-13 04:17 AM
  6. Admorris's Avatar
    S beam is pretty crap. Can't work with non Samsung phones. Couldn't even get it working between a galaxy s3 and note 2.
    User issue, not phone issue

    Sent from my SGH-I317 using Tapatalk 2
    01-23-13 07:08 AM
  7. pallox's Avatar
    again, a thread to be closed by mod.
    01-23-13 07:31 AM
  8. Rickroller's Avatar
    You just came across this article this morning from 6 months ago? Thanks for that . Good to know my phone, and the 30+million of other new Androids running JellyBean don't have that "issue".
    randall2580 likes this.
    01-23-13 07:45 AM
  9. pantlesspenguin's Avatar
    Look what I just came across this morning:

    Android, Nokia smartphone security toppled by Near Field Communication hack | Ars Technica

    "A new technology being added to smartphones running the Google Android and Linux-based MeeGo operating systems makes it trivial for hackers to electronically hijack handsets that are in close proximity, a researcher appearing at the Black Hat security conference said.

    By exploiting multiple security weakness in the industry standard known as Near Field Communication, smartphone hacker Charlie Miller can take control of handsets made by Samsung and Nokia. The attack works by putting the phone a few centimeters away from a quarter-sized chip, or touching it to another NFC-enabled phone. Code on the attacker-controlled chip or handset is beamed to the target phone over the air, then opens malicious files or webpages that exploit known vulnerabilities in a document reader or browser, or in some cases in the operating system itself.

    NFC is already widely available in some countries and is slowly being rolled out in handsets marketed in the United States. It allows devices to establish radio communications when they are gently bumped together or pass within close proximity of special chips. The feature allows people to share business cards and Web links on the fly or to effortlessly establish a Bluetooth connection with PCs, speakers or other devices. It can also be used to zap payment-card data to point-of-sale terminals. It's already built into smartphones running the Android and MeeGo mobile OSes and has been rumored to be a part of future Windows Phone and iOS devices.

    Miller, who is principal research consultant at security firm Accuvant, has spent the past five years demonstrating software flaws that allow hackers to take control of Macs, iPhones, and Android handsets. For this year's Black Hat security conference in Las Vegas, he turned his attention to NFC capabilities available in two three popular devices: the Nexus S made by Samsung, the Galaxy Nexus, and the Nokia N9. The results aren't encouraging.

    "[NFC] certainly increases the risk that something could go wrong," Miller told Ars in an interview ahead of his Wednesday presentation. "It opens you up to a lot more than you would think."

    Insecure by default

    The Nexus S—when running the Gingerbread (2.3), by far the most dominant Android installation—contains multiple memory-corruption bugs. They allow Miller—using nothing more than a specially designed tag—to take control of the application "daemon" that controls NFC functions. With additional work, he said the tag could be modified to execute malicious code on the device. Some, but possibly not all of those bugs were fixed in the Ice Cream Sandwich (4.0) version of Android, so the attacks may also work against that release and Jelly Bean (4.1) as well.

    But even if there are no exploitable bugs in the NFC code itself, a feature known as Android Beam, which Google developers added to Ice Cream Sandwich, allows Miller to force a handset browser to open and visit any website he chooses—without first getting permission of the end user.

    "What that means is with an NFC tag, if I walk up to your phone and touch it, or I just get near it, your Web browser, without you doing anything, will open up and go to a page that I tell it to," Miller said. "So instead of the attack surface being the NFC stack, the attack surface really is the whole Web browser and everything a Web browser can do. I can reach that through NFC."

    Surprisingly, when NFC and Android Beam are enabled—as they are by default—devices will automatically download any file or Web link sent through the service. There's no way for end users to selectively approve or reject a specific transfer initiated by another handset. "The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal," Miller said in a noted understatement.

    Making a malicious hacker's job easier, older Android versions contain known security vulnerabilities that often remain unpatched for months or even years. Miller's Black Hat demonstration includes an attack that exploits a browser bug that ships with every phone running 4.0.1 or earlier of the operating system. Using NFC and Android Beam, he can force the phone to visit a booby-trapped website that allows him to run arbitrary commands as the Web browser, including viewing files stored on the device. He said other documented security bugs in the WebKit browser engine, which is included in Android, can be exploited in the same manner.

    Enter Nokia

    NFC on the N9 isn't turned on by default, but once it's enabled, it too will accept malicious content and requests with no prompting. Among the easiest and most damaging attacks are those that use NFC to establish a Bluetooth connection with another device. Once NFC is turned on, an N9 will automatically accept all connection requests with no prompting. Once Miller connects his MacBook to a handset in range, he can force it to make phone calls, send text messages, or upload and download proprietary files, including contact lists. Users can reject requests for unauthorized Bluetooth connections, but they must first select a configuration setting requiring each one to be approved.

    But even when N9 users change default configurations so they're notified of such NFC requests, the phones accept file transfers initiated by other users without warning. The N9 then opens an application to render the downloaded file, again without prompting. Miller will demonstrate an attack that exploits a known vulnerability in the Microsoft Word-compatible reader, which is based on the open-source KOffice that ships with the phone. Similar attacks can be launched using booby-trapped PDF files. Using NFC to send a poisoned document to an unsuspecting end user, would make it "easy" to exploit such bugs, Miller said.

    "If you know of a PDF bug, instead of trying to e-mail it to the person or get them to go to your website, you can just get near them with NFC and get them to render it," he explained.

    Son of credit-card skimming

    Most of the attacks Miller described could be waged using a concealed NFC tag attached to a payment terminal or other legitimate NFC-enabled device. For attacks to work, a phone's screen must be active, and when it's running Ice Cream Sandwich or MeeGo, it must also be unlocked. Miller said those requirements provide little protection since the most common attack scenario involves targeting people as they're already in the process of using NFC. Attackers who are targeting someone they know can also call or text their victim before exposing him to a malicious tag to ensure the phone is unlocked.

    In a statement, Nokia officials wrote: "Nokia takes product security issues seriously. Nokia is aware of the NFC-research done by Charlie Miller and are actively investigating the claims concerning Nokia N9. Although it is unlikely that such attacks would occur on a broad scale given the unique circumstances, Nokia is currently investigating the claims using our normal processes and comprehensive testing. Nokia is not aware of any malicious incidents on the Nokia N9 due to the alleged vulnerabilities."

    Google representatives didn't have any comment.

    Miller's demonstration is the culmination of more than six months of painstaking research. He ultimately chose the ACR122U and SCL3711 card readers. To automate the process, he placed his test phones on the computer-connected NFC reader devices and then turned the phone's NFC on and off thousands of times. Each time he made subtle changes to the data beamed to the handset. The process of "fuzzing"—in which software is exposed to data millions of times to isolate payloads to make them crash—has long been a core part of Miller's work.

    "The hard part was finding the right hardware and software where all this magic would work," Miller said. "It's a big, elaborate mess that eventually worked.""
    And this is exactly why I don't trust NFC yet. I won't use it on BB10 either until its track record is established as secure in the USA. Right now I'd like to keep my wallet and my smartphone separate. And it's like I always say, if people aren't stupid with what they do with their Android device, it remains pretty darn secure.

    And remember, it's this guys job to find security flaws. Kind of like the team that found the flaw in the BB webkit browser.
    01-23-13 08:14 AM
  10. Toodeurep's Avatar
    And this is exactly why I don't trust NFC yet. I won't use it on BB10 either until its track record is established as secure in the USA. Right now I'd like to keep my wallet and my smartphone separate.
    Glad I'm not the only one...
    pantlesspenguin likes this.
    01-23-13 08:25 AM
  11. pillswoj's Avatar
    The vulnerability was in the NFC Standard and if Blackberry had had NFC at the time they also would have been part of the vulnerability. And they will with BB10 be part of any future NFC vulnerability.

    pantlesspenguin and bp3dots like this.
    01-23-13 08:25 AM
  12. Toodeurep's Avatar
    just put the phones back to back with gallery running on both and tap to send from one to the other. It was about 15 seconds to transmit a full sized, ~ 2MB photo.
    Call me old-fashioned but rather than go through all that I would just send an email. Isn't it added through the "share" function under menu?
    01-23-13 08:28 AM
  13. Rickroller's Avatar
    Call me old-fashioned but rather than go through all that I would just send an email. Isn't it added through the "share" function under menu?
    It is, and I agree. NFC useage for "beaming" isn't something I find useful. I've tried it to try it, but I always have NFC turned off, and it's just as easy to send pictures, contact info, or other things thru other means.
    randall2580 likes this.
    01-23-13 08:45 AM
  14. reeneebob's Avatar
    There's some funny stuff stated in this thread as fact. Just sayin'.

    I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2
    01-23-13 08:47 AM
  15. pantlesspenguin's Avatar
    Call me old-fashioned but rather than go through all that I would just send an email. Isn't it added through the "share" function under menu?
    But the share function is so much neater . Seriously though you do have a point. However with the size of some of these high res pictures and longer songs and videos, sometimes your phone won't allow you to attach something over a certain size.
    jakie55 likes this.
    01-23-13 08:49 AM
  16. jagrlover's Avatar
    The vulnerability was in the NFC Standard and if Blackberry had had NFC at the time they also would have been part of the vulnerability. And they will with BB10 be part of any future NFC vulnerability.

    I thought BB was first to incorporate NFC into a phone. No?
    01-23-13 08:56 AM
  17. belfastdispatcher's Avatar
    The vulnerability was in the NFC Standard and if Blackberry had had NFC at the time they also would have been part of the vulnerability. And they will with BB10 be part of any future NFC vulnerability.
    BlackBerry did have NFC at the time, since late 2010
    01-23-13 09:06 AM
  18. screechop's Avatar
    i find a lot of the features that Samsung and iPhone preach as new innovation, Blackberry has had already. NFC was here way before Android, and Do No Disturb, remind anyone of Bedside Mode, which has been on every bb ive had in the last 10 years. yeah, the os are newer and fresher but all that is changing. Blackberry is back, with an amazing combination of multitasking. the combination of brilliant blackberry communications and the ability to play is something Im really looking forward to!

    Sent from my BlackBerry 9900 using Tapatalk
    01-23-13 09:11 AM
  19. Toodeurep's Avatar
    But the share function is so much neater . Seriously though you do have a point. However with the size of some of these high res pictures and longer songs and videos, sometimes your phone won't allow you to attach something over a certain size.
    Agreed. I tried to send a 10MB email from my work PC yesterday and it nearly shut this place down.

    Give me all of the options and I will decide what works for me. I look forward to an NFC enabled device or two.

    Getting back to the OP. Yes it was "misleading". An earlier poster mentioned a 2MB picture taking about about 15 seconds. I find that too long and hope that there is a magnet in there because I refuse to carry around a pocket full of rubber bands. However, misleading and carefully stated sales points are the norm nowadays. As sad as it is to say it, this just doesn't bother me anymore.
    01-23-13 09:25 AM
  20. Captian4Phones's Avatar
    S beam is pretty crap. Can't work with non Samsung phones. Couldn't even get it working between a galaxy s3 and note 2.
    If you can't get it to work you probably doing it wrong.
    reeneebob likes this.
    01-23-13 09:29 AM
  21. pantlesspenguin's Avatar
    i find a lot of the features that Samsung and iPhone preach as new innovation, Blackberry has had already. NFC was here way before Android, and Do No Disturb, remind anyone of Bedside Mode, which has been on every bb ive had in the last 10 years. yeah, the os are newer and fresher but all that is changing. Blackberry is back, with an amazing combination of multitasking. the combination of brilliant blackberry communications and the ability to play is something Im really looking forward to!

    Sent from my BlackBerry 9900 using Tapatalk
    The first Android phone to incorporate NFC was the Nexus S in late 2010. Wasn't the first BB device with NFC the 99xx released in August 2011?
    howarmat and Rello like this.
    01-23-13 09:50 AM
  22. pkcable's Avatar
    again, a thread to be closed by mod.
    There's some funny stuff stated in this thread as fact. Just sayin'.

    I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2
    I really don't think we need to close the thread. It's an interesting topic, and I think we can be civil about it. Just some ground rules, NO PERSONAL ATTACKS, and lets try not to bait each other either. Just discuss the Sammy commercial and the beaming issue. Personally I love their commercials, they are a hoot. And as someone pointed out, it's so cool that they are including BB now, it just means they see us as a threat and THAT friends is a good thing! Does anyone really believe all they see in commercials? Come on now? Images simulated, your experience may vary, results are not typical, etc READ THE SMALL PRINT on screen folks at the end of the commercial!
    01-23-13 09:56 AM
  23. belfastdispatcher's Avatar
    The first Android phone to incorporate NFC was the Nexus S in late 2010. Wasn't the first BB device with NFC the 99xx released in August 2011?
    You're right, I think there might've been an even earlier limited android on orange network in uk. But NFC on blackBerry has never poised a problem, on Android there have been several.
    01-23-13 10:00 AM
  24. jagrlover's Avatar
    The first Android phone to incorporate NFC was the Nexus S in late 2010. Wasn't the first BB device with NFC the 99xx released in August 2011?


    I think you're right. BlackBerry was first to get Mastercard certification for Paypass.
    NFC-enabled BlackBerry phones first to earn MasterCard PayPass certification - FierceMobileContent
    01-23-13 10:04 AM
  25. reeneebob's Avatar
    I really don't think we need to close the thread. It's an interesting topic, and I think we can be civil about it. Just some ground rules, NO PERSONAL ATTACKS, and lets try not to bait each other either. Just discuss the Sammy commercial and the beaming issue. Personally I love their commercials, they are a hoot. And as someone pointed out, it's so cool that they are including BB now, it just means they see us as a threat and THAT friends is a good thing! Does anyone really believe all they see in commercials? Come on now? Images simulated, your experience may vary, results are not typical, etc READ THE SMALL PRINT on screen folks at the end of the commercial!
    Pk... The voice of reason as usual.

    Pretty sure I've seen the "images on display are simulated" on that awful glow in the dark 10 speed 9900 ad too. RIM isn't immune.

    I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2
    pantlesspenguin likes this.
    01-23-13 10:18 AM
70 123

Similar Threads

  1. Samsung Galaxy S2 vs BB Torch 9850
    By the_sleuth in forum BlackBerry Torch Series
    Replies: 16
    Last Post: 01-24-12, 07:47 AM
  2. Opera Mini vs. BB Browser
    By MMB916 in forum BlackBerry OS Apps
    Replies: 26
    Last Post: 12-05-09, 06:39 AM
  3. MOTO Q vs. BB 8130
    By abishai100 in forum Other Platforms
    Replies: 24
    Last Post: 02-10-09, 10:23 AM
  4. Seidio Holster vs BB Curve Leather Case
    By jcp007 in forum More for your BBOS Phone!
    Replies: 0
    Last Post: 02-13-08, 10:37 AM
  5. Opera Mini vs. BB Browser
    By matthiasj in forum BlackBerry Curve Series
    Replies: 11
    Last Post: 08-03-07, 08:26 AM
LINK TO POST COPIED TO CLIPBOARD