PhonePrivacy

Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol


Publicado el 11/8/2014

“Since the introduction of the smart phone, the issue of control has entered a new paradigm. Manufacturers and enterprises have claimed control over not just how your phone operates, but the software that is allowed to run on it. However, few people know that Service Providers have a hidden and pervasive level of control over your device. These hidden controls can be found in over 2 billion cellular devices worldwide. Organizations have been quietly deploying these controls in smart phones, feature phones, basebands, laptops, embedded M2M devices, and even certain cars. Someone with knowledge of these controls and the right techniques could potentially leverage them for cellular exploitation on a global scale.

We’ve reverse engineered embedded baseband and application space code. We’ve torn apart the Over-the-Air communications and implemented our own code to speak the relevant protocols. Layer by layer, we’ve deconstructed these hidden controls to learn how they work. While performing this work we’ve unearthed subtle flaws in how the communication is handled and implemented. After understanding these flaws, we’ve written proof-of-concept exploits to demonstrate the true risk this software presents to the end user.

In this presentation, we will discuss and disclose how Over-the-Air code execution can be obtained on the major cellular platforms and networks (GSM/CDMA/LTE). Including but not limited to Android, iOS, Blackberry, and Embedded M2M devices. You will come away from this talk armed with detailed insight into these hidden control mechanisms. We will also release open source tools to help assess and protect from the new threats this hidden attack surface presents. These tools will include the ability to dynamically test proprietary system applications and simulate different aspects of a cellular environment.”

BH Cover Photo

BH Cover Photo

NEWSNIGHT: Glenn Greenwald full interview on Snowden, NSA, GCHQ and spying #mass #surveillance #PRISM


BBC Newsnight exclusive interview with journalist Glenn Greenwald on Edward Snowden, the PRISM revelations and mass surveillance.

Glenn Greenwald (left) walks

Glenn Greenwald (left) walks

 

 

 

 

 

 

 

 

 

 

 

 

Report: UK and US spies have cracked BlackBerry’s BES encryption


http://news.techworld.com/security/3467695/report-uk-and-us-spies-have-cracked-blackberrys-bes-encryption/

By Peter Sayer
Techworld
09 September 2013

The U.S. National Security Agency is able to read messages sent via a corporate BlackBerry Enterprise Server (BES), according to a report by German news magazine Der Spiegel. The purpose of this spying is economic or political, and not to counter terrorism, the magazine hints.


The report, published in English on Monday, cites internal documents leaked by former NSA contractor Edward Snowden.


Governments have long demanded that BlackBerry provide access to encrypted messages carried by its email and BlackBerry Messenger (BBM) services, to allow them to monitor for terrorist activity.


BlackBerry has complied in the case of its consumer-grade BlackBerry Internet Service (BIS), notably providing the Indian government with access to consumer messages. Indeed, Der Spiegel cited NSA documents claiming that since 2009, analysts have been able to see and read

[...]

--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/

MOTOROLA Moto X by Google Factory


Motorola revela el primer teléfono de la era Google, el Moto X

motorola-moto-x

motorola-moto-x

El Moto X pone menos énfasis en el control manual, en favor de sensores integrados y siempre activos para responder a la palabra, los gestos y el contexto.

Moto X by Motorola

Moto X by Motorola

http://www.motorola.com/us/consumers/home

http://www.motorola.com/us/consumers/Moto-X/moto-x,en_US,pg.html

Car immobilizer hacking [SIGINT13] Speaker: Karsten Nohl


lecture: Car immobilizer hacking

Car manufacturers nicely illustrate what _not_ to do in cryptography.

Immobilizers have for a long time increased the difficulty of stealing cars. Older immobilizer transponders defeated thieves by requiring non-trivial RF skills for copying keys. Current transponders go one step further by employing cryptographic functions with the potential of making car cloning as difficult as breaking long-standing mathematical problems. Cryptography, however, is only as strong as the weakest link of key management, cipher strength, and protocol security. This talk discusses weak links of the main immobilizer technologies and their evolution over time.

Speaker: Karsten Nohl
EventID: 5034
Event: SIGINT 2013 by the Chaos Computer Club [CCC] Cologne
Location: KOMED; Im Mediapark 7; 50670 Cologne; Germany
Language: english
Begin: 05.07.2013 17:00:00 +02:00
Lizenz: CC-by-nc-sa

SIM cards are prone to remote hacking by Karsten Nohl


https://srlabs.de/

SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets.

With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.

Cracking SIM update keys. OTA commands, such as software updates, are cryptographically-secured SMS messages, which are delivered directly to the SIM. While the option exists to use state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA, many (if not most) SIM cards still rely on the 70s-era DES cipher. DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM’s A5/1 cipher breakable by anyone.

To derive a DES OTA key, an attacker starts by sending a binary SMS to a target device. The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS. A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer.

MORE: https://srlabs.de/rooting-sim-cards/

SIM cards are prone to remote hacking

karsten-nohl

karsten-nohl

http://actualidad.rt.com/actualidad/view/100862-hacker-tarjeta-sim-rt-telefono

Firefox OS


Firefox OS3 (nombre clave: Boot to Gecko o B2G)4 es un sistema operativo móvil, basado en Linux, de código abierto, para smartphones y tabletas. Es desarrollado por Mozilla Corporation bajo el apoyo de otras empresas como Telefónica5 y una gran comunidad de voluntarios de todo el mundo. Este sistema operativo está enfocado especialmente en los dispositivos móviles incluidos los de gama baja. Está diseñado para permitir a las aplicaciones HTML5 comunicarse directamente con el hardware del dispositivo usando JavaScript y open web APIs.4 Ha sido mostrado en smartphones6 7 y Raspberry Pi,8 compatibles con Android

El 1° de julio de 2013, Telefónica comenzó la venta de terminales con Firefox OS.9 ZTE ha confirmado en la CES 2013 que comercializará un smartphone con Firefox OS.10

geeksphone

geeksphone

https://es.wikipedia.org/wiki/Firefox_OS

https://www.mozilla.org/es-ES/firefox/partners/

Obama in 2007: No more spying on citizens who are not suspected of a c…….. #Politicianslie #ObamaRectifies


Excerpt from President Obama’s speech at the Woodrow Wilson Center in August 2007.

This Administration also puts forward a false choice between the liberties we cherish and the security we demand. I will provide our intelligence and law enforcement agencies with the tools they need to track and take out the terrorists without undermining our Constitution and our freedom.

That means no more illegal wire-tapping of American citizens. No more national security letters to spy on citizens who are not suspected of a crime. No more tracking citizens who do nothing more than protest a misguided war. No more ignoring the law when it is inconvenient. That is not who we are. And it is not what is necessary to defeat the terrorists. The FISA court works. The separation of powers works. Our Constitution works. We will again set an example for the world that the law is not subject to the whims of stubborn rulers, and that justice is not arbitrary.

This Administration acts like violating civil liberties is the way to enhance our security. It is not.

 

NSA data-gathering: Overkill or necessary tool?

Flash Points: CBS News State Department Correspondent Margaret Brennan speaks with CBS News Senior National Security Analyst Juan Zarate about the recent revelation that the U.S. government is collecting data on the internet and telephone use of Americans, and the balance between privacy and security that the program has attempted to strike.

Source clip: https://www.youtube.com/watch?v=SEdpT…

White House Press Briefings are conducted most weekdays from the James S. Brady Press Briefing Room in the West Wing.

Steven VanRoekel, Federal Chief Information Officer, discusses the goals of the digital government strategy

AISEC-TR-2012-001-Android-OS-Security #Android #Security


128360067

128360067

[docstoc docId=”128360067″ mId=”-10″ width=”630″ height=”550″ slideMode=”false” showRelatedDocs=”true” showOtherDocs=”true” allowdownload=”true” url=”http://www.docstoc.com/docs/128360067/AISEC-TR-2012-001-Android-OS-Security”%5DAISEC-TR-2012-001-Android-OS-Security%5B/docstoc%5D

PDF: http://www.docstoc.com/docs/128360067/AISEC-TR-2012-001-Android-OS-Security

Defending mobile phones #DOCUMENT #mobilephones


Karsten Nohl, nohl@srlabs.de
Luca Melette, luca@srlabs.de

PDF: http://events.ccc.de/congress/2011/Fahrplan/attachments/1994_111217.SRLabs-28C3-Defending_mobile_phones.pdf

346356357 5745 54 5

346356357 5745 54 5

Jacob Appelbaum videos


Publicado el 11/09/2012 por 

In this Surveillance Teach-In, award-winning filmmaker Laura Poitras is joined by computer security expert and privacy advocate Jacob Appelbaum and National Security Agency whistle-blower Bill Binney to present an artistic and practical commentary on living in the contemporary Panopticon.

@

Publicado el 04/06/2012 por 

Jacob Appelbaum shares his views on privacy, government surveillance and the current state of democracy with YASSSU at the Re:publica conference 2012 in Berlin

Jacob Appelbaum is an independent computer security researcher and hacker. He is currently employed by the University of Washington, and is a core member of the Tor project. Appelbaum is known for representing Wikileaks at the 2010 Hope conference. He has subsequently been repeatedly targeted by US law enforcement agencies, who obtained a court order for his Twitter account data, detained him 12 times at the US border after trips abroad, and seized a laptop and several mobile phones.

@

@

Publicado el 22/05/2012 por 

Re-contextualizing our social interactions in the face of privatisation of data leads us into a space of social responsibility. The impact of our permissive data sharing habits and the economic models that incentivize it is not yet fully understood. How may we ensure that we’re fully informed and consenting to information released or sold about us? How may try we ensure that consent is required? How can we re-contextualize and better come to a shared understanding about transitive risks posed by the surveillance state?

@

@

 

Deepsec – Debugging GSM


Publicado el 14/08/2012 por 

This video is part of the Infosec Video Collection at SecurityTube.net:http://www.securitytube.net

Deepsec – Debugging GSM

Slides : –https://deepsec.net/docs/Slides/DeepSec_2010_Debugging_GSM.pdf Dieter Spaar, Karsten Nohl, Security Research Labs, BerlinThe popular GSM cell phone standard uses outdated security and provides much less protection than its increasing use in security applications suggests. Our research aims to correct the disconnect between technical facts and security perception by creating a GSM tool that allows users to record and analyze GSM data to see what security features were really implemented by their operator. The talk discusses a GSM debugging tool that consists entirely of open source software and open radio hardware. We will demonstrate how to record and decode GSM calls, even encrypted ones.Dieter reverse-engineers systems to an open source equivalents. Currently, his work focus is GSM where he contributed to the OpenBSC, OsmocomBB and Airprobe projects.

@

Deepsec – The Future of Social Engineering

@

 

ANDROID SECURITY APPS #ANDROID #APPS #SECURITY


Tor on Android

Android QR code

Orbot: Mobile Anonymity + Circumvention

https://www.torproject.org/docs/android.html.en

https://guardianproject.info/apps/orbot/

Gibberbot: Secure Instant Messaging

https://guardianproject.info/apps/gibber/

Orweb: Proxy+Privacy Browser

https://guardianproject.info/apps/orweb/

UDP Tester

http://es.androidzoom.com/android_applications/communication/udp-tester_bttgr.html

Allow to send a datagram to a remote location, and optionally receive a datagram as answer. Main use case is to check that a correct NAT/firewall configuration is setup to access a UDP server from a public address, when there is no possible access to a machine that can call from the outside.

Tags: udptester, udp untuk android, udp tester, udp test android, download udp tester android.

Connect Cat

http://www.androidpit.es/es/android/market/aplicaciones/aplicacion/org.terukusu.connectcat/Connect-Cat

A Netcat like applilication.
Connect to host and send anything.

Feature:
– send data interactively
– send data from the file on the strage
– line separator can be specified
– charactercode can be specified

* You need OI FileManager to send a file.

My twetter: @teru_kusu

The Nessus Android.

The Nessus Android app, from Tenable Network Security Inc., enables you to log into your Nessus scanners and start, stop and pause vulnerability scans as well as analyze the results directly from your Android device.

This mobility helps improving the efficiency of your Incident Response process by letting you quickly log into a Nessus scanner from your phone to search previous scan results or check the status of an on-going scan.

(Requires an access to version 4.2 of the Nessus server, or newer)

https://play.google.com/store/apps/details?id=com.tenable&hl=es

 

Donate
If you want to support our work financially, you can donate to one of the following organizations in our name, and we’ll make sure it is applied relevantly:

24c3 Mifare (Little Security, Despite Obscurity)


Publicado el 04/05/2012 por 

Mifare are the most widely deployed brand of secure RFID chips, but their security relies on proprietary and secret cryptographic primitives. We analyzed the hardware of the Mifare tags and found weaknesses in several parts of the cipher.

Chaos Computer Club
Speaker: Karsten Nohl
Speaker: Henryk Plötz

 

@