Windows Mobile feature being used to spy on users

Home » News

Reading time icon 2 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

spy Back in the old days of PocketPC 2003 windows mobile has ‘push’ e-mail driven by SMS messages. A SMS would be sent by the server when new e-mail arrives, silently activating synching by your smartphone.

It seems this code is still lurking in the bowels of Windows Mobile, and this feature has now seem misuse by a tool called HushSMS.

HushSMS  sends a class zero message (aka Flash-SMS) or a stealthy PING message to another Windows Mobile cell phone.

The message is discarded on the owners phone and no trace exists. The sender will get back a message from the operator that the message has been delivered, proving that your message has been received, and thus you can know that the owners phone is switched on.

While the information provided, that the receiving phone is on, is very limited, one can think of many situations where one would not want to be monitored in this way. Calling it a vulnerability is likely overblown (unlike the recent Nokia bug where a specially crafted SMS would kill all reception of SMS messages until the phone was hard reset) but its a feature which should be under the control of users, and like most network features, disabled by default.

Read more about the issue at this Computerworld article here.

More about the topics: software, vulnerability, windows mobile

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.