Telefoninos

Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol


Publicado el 11/8/2014

“Since the introduction of the smart phone, the issue of control has entered a new paradigm. Manufacturers and enterprises have claimed control over not just how your phone operates, but the software that is allowed to run on it. However, few people know that Service Providers have a hidden and pervasive level of control over your device. These hidden controls can be found in over 2 billion cellular devices worldwide. Organizations have been quietly deploying these controls in smart phones, feature phones, basebands, laptops, embedded M2M devices, and even certain cars. Someone with knowledge of these controls and the right techniques could potentially leverage them for cellular exploitation on a global scale.

We’ve reverse engineered embedded baseband and application space code. We’ve torn apart the Over-the-Air communications and implemented our own code to speak the relevant protocols. Layer by layer, we’ve deconstructed these hidden controls to learn how they work. While performing this work we’ve unearthed subtle flaws in how the communication is handled and implemented. After understanding these flaws, we’ve written proof-of-concept exploits to demonstrate the true risk this software presents to the end user.

In this presentation, we will discuss and disclose how Over-the-Air code execution can be obtained on the major cellular platforms and networks (GSM/CDMA/LTE). Including but not limited to Android, iOS, Blackberry, and Embedded M2M devices. You will come away from this talk armed with detailed insight into these hidden control mechanisms. We will also release open source tools to help assess and protect from the new threats this hidden attack surface presents. These tools will include the ability to dynamically test proprietary system applications and simulate different aspects of a cellular environment.”

BH Cover Photo

BH Cover Photo

Report: UK and US spies have cracked BlackBerry’s BES encryption


http://news.techworld.com/security/3467695/report-uk-and-us-spies-have-cracked-blackberrys-bes-encryption/

By Peter Sayer
Techworld
09 September 2013

The U.S. National Security Agency is able to read messages sent via a corporate BlackBerry Enterprise Server (BES), according to a report by German news magazine Der Spiegel. The purpose of this spying is economic or political, and not to counter terrorism, the magazine hints.


The report, published in English on Monday, cites internal documents leaked by former NSA contractor Edward Snowden.


Governments have long demanded that BlackBerry provide access to encrypted messages carried by its email and BlackBerry Messenger (BBM) services, to allow them to monitor for terrorist activity.


BlackBerry has complied in the case of its consumer-grade BlackBerry Internet Service (BIS), notably providing the Indian government with access to consumer messages. Indeed, Der Spiegel cited NSA documents claiming that since 2009, analysts have been able to see and read

[...]

--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/

Car immobilizer hacking [SIGINT13] Speaker: Karsten Nohl


lecture: Car immobilizer hacking

Car manufacturers nicely illustrate what _not_ to do in cryptography.

Immobilizers have for a long time increased the difficulty of stealing cars. Older immobilizer transponders defeated thieves by requiring non-trivial RF skills for copying keys. Current transponders go one step further by employing cryptographic functions with the potential of making car cloning as difficult as breaking long-standing mathematical problems. Cryptography, however, is only as strong as the weakest link of key management, cipher strength, and protocol security. This talk discusses weak links of the main immobilizer technologies and their evolution over time.

Speaker: Karsten Nohl
EventID: 5034
Event: SIGINT 2013 by the Chaos Computer Club [CCC] Cologne
Location: KOMED; Im Mediapark 7; 50670 Cologne; Germany
Language: english
Begin: 05.07.2013 17:00:00 +02:00
Lizenz: CC-by-nc-sa

SIM cards are prone to remote hacking by Karsten Nohl


https://srlabs.de/

SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets.

With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.

Cracking SIM update keys. OTA commands, such as software updates, are cryptographically-secured SMS messages, which are delivered directly to the SIM. While the option exists to use state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA, many (if not most) SIM cards still rely on the 70s-era DES cipher. DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM’s A5/1 cipher breakable by anyone.

To derive a DES OTA key, an attacker starts by sending a binary SMS to a target device. The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS. A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer.

MORE: https://srlabs.de/rooting-sim-cards/

SIM cards are prone to remote hacking

karsten-nohl

karsten-nohl

http://actualidad.rt.com/actualidad/view/100862-hacker-tarjeta-sim-rt-telefono

Firefox OS


Firefox OS3 (nombre clave: Boot to Gecko o B2G)4 es un sistema operativo móvil, basado en Linux, de código abierto, para smartphones y tabletas. Es desarrollado por Mozilla Corporation bajo el apoyo de otras empresas como Telefónica5 y una gran comunidad de voluntarios de todo el mundo. Este sistema operativo está enfocado especialmente en los dispositivos móviles incluidos los de gama baja. Está diseñado para permitir a las aplicaciones HTML5 comunicarse directamente con el hardware del dispositivo usando JavaScript y open web APIs.4 Ha sido mostrado en smartphones6 7 y Raspberry Pi,8 compatibles con Android

El 1° de julio de 2013, Telefónica comenzó la venta de terminales con Firefox OS.9 ZTE ha confirmado en la CES 2013 que comercializará un smartphone con Firefox OS.10

geeksphone

geeksphone

https://es.wikipedia.org/wiki/Firefox_OS

https://www.mozilla.org/es-ES/firefox/partners/

AISEC-TR-2012-001-Android-OS-Security #Android #Security


128360067

128360067

[docstoc docId=”128360067″ mId=”-10″ width=”630″ height=”550″ slideMode=”false” showRelatedDocs=”true” showOtherDocs=”true” allowdownload=”true” url=”http://www.docstoc.com/docs/128360067/AISEC-TR-2012-001-Android-OS-Security”%5DAISEC-TR-2012-001-Android-OS-Security%5B/docstoc%5D

PDF: http://www.docstoc.com/docs/128360067/AISEC-TR-2012-001-Android-OS-Security

US drone debate may affect Australia


The use of drone warfare is being debated in the United States, and just how it plays out may have implications for Australia, Greg Dyett reports. 

A US Predator Drone. (Getty)

A US Predator Drone. (Getty)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(Transcript from World News Australia Radio)

A United States Senator claims 4,700 people have been killed by the US unmanned aerial craft, known as drones.

Republican senator Lindsey Graham is a supporter of the drone program, primarily in use by the U-S in Afghanistan and northwest Pakistan.

Senator Graham says while some innocent people have died, the program has managed to kill some senior members of al-Qaeda.

His comments come as President Obama tries to get the architect of the program, John Brennan, confirmed as the new head of the Central Intelligence Agency, and as the United Nations investigates the legality of drone strikes.

Drones have proven to be effective killing machines for the United States.

Under the Obama administration, there’s been an increase in drone strikes which have killed al-Qaeda figures the US says have been plotting attacks against America.

In a recent interview with CNN, President Barack Obama reiterated his previous assurances that the secretive drone program is tightly controlled.

Via: http://www.sbs.com.au/news/article/1741690/US-drone-debate-may-affect-Australia

RELATED

(Transcript from World News Australia Radio)

 

 

Deepsec – Debugging GSM


Publicado el 14/08/2012 por 

This video is part of the Infosec Video Collection at SecurityTube.net:http://www.securitytube.net

Deepsec – Debugging GSM

Slides : –https://deepsec.net/docs/Slides/DeepSec_2010_Debugging_GSM.pdf Dieter Spaar, Karsten Nohl, Security Research Labs, BerlinThe popular GSM cell phone standard uses outdated security and provides much less protection than its increasing use in security applications suggests. Our research aims to correct the disconnect between technical facts and security perception by creating a GSM tool that allows users to record and analyze GSM data to see what security features were really implemented by their operator. The talk discusses a GSM debugging tool that consists entirely of open source software and open radio hardware. We will demonstrate how to record and decode GSM calls, even encrypted ones.Dieter reverse-engineers systems to an open source equivalents. Currently, his work focus is GSM where he contributed to the OpenBSC, OsmocomBB and Airprobe projects.

@

Deepsec – The Future of Social Engineering

@

 

How to #unlock and root a Google Nexus One


Step by step walkthrough to unlocking and rooting your Nexus One. Not for beginners. Got stuck?

Look for help in the forums: forums.androidandme.com

Complete guide: bit.ly/7nVg5o

http://www.tecnologiablog.com/post/1582/como-desbloquear-el-google-nexus-one

http://www.flickr.com/photos/androidandme/sets/72157623192159924/

 


@

Soluciones de seguridad empresarial desde la nube. Nuevos retos: protección de terminales. #ESET


Publicado el 07/05/2012 por 

Charla impartida por Fernando de la Cuadra, de la empresa Eset para el evento Gira Up to Secure que tuvo lugar en Madrid el día 25 de Enero de 2012.

@

Tibetan independence activist using open-source nonviolent strategy, technology & training to make change.


lhadon

@lhadon

Tibetan independence activist using open-source nonviolent strategy, technology & training to make change.

New York · https://tibetaction.net/

Lhadon

Lhadon

 

 

 

 

 

 

 

 

 

 

 

 

 

 

@

@

Attack Vectors on mobile Devices


Mobile devices are everywhere – and they get smarter by the minute (at least they get more functionality by the second). This is a threat to business and a treat for attackers. But are mobile devices safe? This talk looks at physical and psychological aspects of mobile device security, and also covers the various types of software attacks! Tam Hanna gave an overview in his presentation at the DeepSec 2011 security conference.

 


@

Cracking GSM by Karsten Nohl


This is the GSM security follow-up to DeepSec 2007. Karsten Nohl explains the state of GSM security by adressing the weaknesses of GSM A5 encryption. Karsten held this talk at the DeepSec conference in 2009. [archivo viejo pero muy interesante]


@

Karsten Nohl speaks about GSM: „The popular GSM cell phone standard uses outdated security and provides much less protection than its increasing use in security applications suggests. Our research aims to correct the disconnect between technical facts and security perception by creating a GSM tool that allows users to record and analyze GSM data to see what security features were really implemented by their operator. The talk discusses a GSM debugging tool that consists entirely of open source software and open radio hardware. We will demonstrate how to record and decode GSM calls, even encrypted ones.“

The talk was held at the DeepSec 2010 conference.

 


@

Proxy + Privacy Browser for Anonymous Surfing of Blocked Websites on Android


Download Monitor

Monitor & block user downloads in real time. Download 30 day Trial!
Proxy + Privacy Browser is a useful application for users who are restricted from accessing their favorite websites due to certain limitations by their ISP or their country.  You can download theProxy + Privacy Browser app from the Google Play Store for free and try it out for yourself.
banner-privacy-browser-app

banner-privacy-browser-app

 

 

 

 

 

 

 

 

 

 

 

 

 

screenshot-proxy-privacy-browser-android-home

screenshot-proxy-privacy-browser-android-home

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

screenshot-proxy-privacy-bowser-android-ua-string

screenshot-proxy-privacy-bowser-android-ua-string

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

@