Topic: AT&T Android phone potential exploit

So, as some of you know, AT&T has that "AT&T Wifi Hotspot" crap at their stores. However, how many of you with an Android phone with AT&T carrier have noticed you can't delete the "attwifi" network entry from the Wifi section of Settings? If the AT&T Wifi app is enabled, your phone will automatically connect to said network and transmit enough data to have the ability to make calls from anywhere look like it came from said phone. I think we can find a way to use this to create a "call botnet" to call and send SMS/MMS and make it look like it came from a victimized phone! I have no idea how this could be done, as the phone requires the AP to send a certificate verifying its legitimacy before it'll auto-connect and send the info we'd need, but we might be able to find a way to fake the certificate, so who knows? I'm just putting this out there.

I like to examine and theorize about everything, from Amazon's <quote> impenetrable </quote> ultravisor to autorun viruses (virii?) being technology's version of an STD (Slot Transmitted Disease).
I dabble in Python 2.x and non-stereotypical BATCH (x>50 lines). I also fuck up VMs from time to time.

┬──┬ ︵ /(.□. \)

Thumbs up Thumbs down