How a Bug in an Obscure Chip Exposed a Billion Smartphones to Hackers

If you haven't updated your iPhone or Android device lately, do it now. "We’re witnessing a process in which mainstream systems like the application processors running iOS or Android have become so hardened by undergoing intense security research that security researchers are starting to look into other directions," says Artenstein, who presented his findings at the Black Hat security conference and in a subsequent WIRED interview. As hackers search for increasingly rare attacks that don't require any interaction from users, like opening a malicious page in a browser, or clicking a link in a text message, they'll focus on third-party hardware components like Broadcom's chips, Artenstein says. Broadpwn Artenstein, a researcher for the security firm Exodus Intelligence, says he has suspected for years that Broadcom's Wi-Fi chip might offer new avenues into the guts of a smartphone. After all, the "kernel" of a modern phone---the core of its operating system---is now protected by measures like address space layout randomization, which randomizes code's location in memory to prevent a hacker from being able to exploit it, and data execution prevention, which prevents hackers from planting malicious commands in data to trick a computer into running them.