Need to have APN settings unlocked - Security Flaw found for MMS on Android Phones - Stagefright Exploit

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
New security exploit found for Android - from Gingerbread versions, up to and including Lollipop 5.1.1.

Details to be released on Aug 8th.

Trying to Disable MMS in the meantime - but unable to do so, since the phone is Carrier Locked. Why do this to your customers?

http://blog.zimperium.com/experts-found-a-unicorn-in-the-heart-of-android/

Have already tried creating a new APN - but the old one is still active and you cannot disable it.  MMS messages are still going through since the "Active" checkbox is still enabled on the default sp.koodo.com APN.
Photo of Woo Saa

Woo Saa

  • 150 Points 100 badge 2x thumb

Posted 3 years ago

  • 1
Photo of Chad Burr

Chad Burr, Mobile Master

  • 203,988 Points 100k badge 2x thumb
Just create a new apn and foul up the mms part. That should do it. Select it after you're done
Photo of Woo Saa

Woo Saa

  • 150 Points 100 badge 2x thumb
Unfortunately, I have already tried creating a separate APN with zero MMS fields entered.  For some reason, MMS keep getting through successfully.  I suspect it is related to the default APN - there is an Enable/Disable checkbox for the Samsung Note 4 - that shows it is enabled and cannot be turned off.  Selecting a different APN doesn't matter.  Even with the custom APN selected, if I go back to the default APN provided by Koodo, the checkbox shows as enabled.  The reverse is also true - with the default selected, the custom APN shows as the APN is enabled.  Very strange, not sure as to the purpose of this checkbox.  I've attached a screenshot.

Custom APN:


Default sp.koodo.com APN - carrier locked:
Photo of Chad Burr

Chad Burr, Mobile Master

  • 203,988 Points 100k badge 2x thumb
So.it must be part of the firmware not to.allow changes to a locked device. You still have options

Turn data off locally

Turn data off at the koodo level

Unlock your phone which should/may then allow you to edit and select a custom apn.

This conversation is no longer open for comments or replies.