The recently ended 27C3 event in Berlin was a good closing of 2010, with some interesting GSM security related topics.
1st presentation is about running your own GSM stack on your phone using OsmocomBB Open Source Baseband software on old Motorola phone, while it does not sound like a threat, but it opened the door into conducting lots of attacks, considering that you now have full access to what is going on the GSM network from the handset side, I would think of mapping the GSM network with geo-location data for example.
2nd presentation is about attacking Android GSM Geolocation, which can be used in several ways:
- mapping GSM network, using old Nokia phone or USRP.
- live tracking of phone location via application
- offline location history, via USB (location while answering specific call, or sending specific SMS)
3rd presentation is the well known wide band GSM sniffing one by Karsten Nohl, which is about cracking A5/1 with 2TB rainbow tables available online for anyone to download using URSP2 or even a low cost Motorola phone running OsmocomBB.
0 comments:
Post a Comment