Mobile Phone Security

Mobile Phone Security Breached

Tent with CCC pirate flag as seen on the Chaos...
Image via Wikipedia

Mobile calls and texts made on any GSM network can be eavesdropped upon using four cheap phones and open source software, say security researchers.

Karsten Nohl and Sylvain Munaut demonstrated their eavesdropping toolkit at the Chaos Computer Club Congress (CCC) in Berlin. The work builds on earlier research that has found holes in many parts of the most widely used mobile technology. The pair spent a year putting together the parts of the eavesdropping toolkit.

“Now there’s a path from your telephone number to me finding you and listening to your calls,” Mr Nohl told BBC News. “The whole way.”

He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves.

“The one piece that completed the chain was the ability to record data off the air,” he said.

In a demonstration at the CCC, the pair took attendees through all the steps that led from locating a particular phone to seizing its unique ID, then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent.

Key to grabbing the data from the air were cheap Motorola phones which can have their onboard software swapped for an open source alternative.

“We used the cheap Motorola telephones because a description of their firmware leaked to the internet,” he said.

This led to the creation of open source alternative firmware that, he said, has its “filters” removed so it could see all the data being broadcast by a base station.

Read More…

How Secret are these Secrets on WikiLeaks ?

The WikiLeaks release of 250,000 documents is, of course, big news –  it’s the largest number of published leaked secret documents ever.

There is much excitement about the content, understandably so. The US Administration is less excisted and is apparently concerned about the leaks with the following statements being made:

  • “Such disclosures puts at risk our diplomats, intelligence professionals, and people around the world who come to the United States for assistance in promoting democracy and open government”
  • “President Obama supports responsible, accountable, and open government at home and around the world, but this reckless and dangerous action runs counter to that goal.”
  • “place at risk the lives of countless innocent individuals
  • “place at risk on-going military operations,”
  • “place at risk on-going cooperation between countries.”

So, the US administration and  US Intelligence seem to be pretty concerned about the “risk”.

Clearly, such damaging material would be kept under incredibly tight security? They would probably take the following actions to minimize risk:

  • Partition the information – so only certain people could access certain information
    • For example, there is no need for all the Brazil analysts to access information on Italy.
  • Remove any network connections
    • For obvious reasons
  • Limit physical access
    • High security rooms, CCTV, armed guards, those fancy double key entry rooms you see in movies, etc, etc
  • ZERO ability to copy data.
    • Systems to prevent photography, printing, etc (obviously USB devices would be blocked

Errr, will no.

Those statements are probably true for critical intelligence, but these cables are NOT even Top Secret. They were just “Secret”, which is pretty low in the world of intelligence, in fact Top Secret is when intelligence circles really start to operate and there several levels above Top Secret.

The data that was stolen was copied from a centralized system, which around 3 million US military and US government workers had access to; from very junior levels upwards.

Much of the data was, according to the Guardian who are involved in leaking the material with WikiLeaks, copied to a CD! I.e – it was nothing more than a drag and drop exercise.

Hardly, high-tech and hardly highly protected data.

There is a staggering lack of security around these secret files. Probably because they contain opinions rather than hard intelligence, source names or signal frequencies.

Given the numerous cases of spying and espionage (see a small sample below, more available here)  its  likely  these cables would already have been seen by other intelligence agencies.

Examples of Spying

It highly unlikely that all cases of spying are discovered and made public.

Given the alleged “risks” this data poses, with “countless lives at risk”  there was little security around the actual data. In fact it sounds like its harder to get onto a plane with a 500 ml bottle of water than get hold of the “secret” cables.

The 250,000 leaked cables maybe the biggest leak ever published, but it’s probably not the biggest leak ever.

Data Theft – T-Mobile 1st Conviction

A former T-Mobile employee has admitted his role in the illegal sale of massive volumes of customer data to marketers.

David Turley, of Birmingham, 39, pleaded guilty to 18 charges under section 55 of the Data Protection Act at Chester Crown Court Un July 2010. A second former T-Mobile employee, Darren Hames, of Staffordshire, 38, will enter his pleas in relation to his alleged role in the theft on 23 November 2010

The illegal sale of millions of subscriber records was revealed by the Information Commissioner Christopher Graham last November, as part of a campaign for tougher sentences for data thieves.

The T-Mobile data was used to cold call and poach subscribers who were coming to the end of their contracts.

The Register

Data Theft – T Mobile (Nov 2009)

Personal details of thousands of mobile phone customers have been stolen and sold to rival firms in the biggest data breach of its kind, the government’s privacy watchdog said today.

An employee of phone operator T-Mobile sold the customer records, including details of when contracts expired. The millions of items of information were sold on for “substantial sums”, the Information Commissioner’s Office (ICO) said. Rival networks and mobile phone retailers then tried to lure away T-Mobile customers by “cold calling”.

Guardian

BBC

Data Theft – T-Mobile 2nd Conviction

Darren Hames aged 38, from Staffordshire, who used to work for T-Mobile UK pleaded guilty at Warrington Crown Court to having sold confidential customer information from the telecom operator to third parties.

Darren Hames was found guilty under Section 55 of the Data Protection Act. Sentancing will not occur until the New Year (2011). The first man convicted in relation to this incident was David Turley, of Birmingham, 39,

The ICO statement on Hames


Follow

Get every new post delivered to your Inbox.

Join 29 other followers