Mobile Phone Security

Mobile Phone Security Breached

Tent with CCC pirate flag as seen on the Chaos...
Image via Wikipedia

Mobile calls and texts made on any GSM network can be eavesdropped upon using four cheap phones and open source software, say security researchers.

Karsten Nohl and Sylvain Munaut demonstrated their eavesdropping toolkit at the Chaos Computer Club Congress (CCC) in Berlin. The work builds on earlier research that has found holes in many parts of the most widely used mobile technology. The pair spent a year putting together the parts of the eavesdropping toolkit.

“Now there’s a path from your telephone number to me finding you and listening to your calls,” Mr Nohl told BBC News. “The whole way.”

He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves.

“The one piece that completed the chain was the ability to record data off the air,” he said.

In a demonstration at the CCC, the pair took attendees through all the steps that led from locating a particular phone to seizing its unique ID, then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent.

Key to grabbing the data from the air were cheap Motorola phones which can have their onboard software swapped for an open source alternative.

“We used the cheap Motorola telephones because a description of their firmware leaked to the internet,” he said.

This led to the creation of open source alternative firmware that, he said, has its “filters” removed so it could see all the data being broadcast by a base station.

Read More…

How Secret are these Secrets on WikiLeaks ?

The WikiLeaks release of 250,000 documents is, of course, big news –  it’s the largest number of published leaked secret documents ever.

There is much excitement about the content, understandably so. The US Administration is less excisted and is apparently concerned about the leaks with the following statements being made:

  • “Such disclosures puts at risk our diplomats, intelligence professionals, and people around the world who come to the United States for assistance in promoting democracy and open government”
  • “President Obama supports responsible, accountable, and open government at home and around the world, but this reckless and dangerous action runs counter to that goal.”
  • “place at risk the lives of countless innocent individuals
  • “place at risk on-going military operations,”
  • “place at risk on-going cooperation between countries.”

So, the US administration and  US Intelligence seem to be pretty concerned about the “risk”.

Clearly, such damaging material would be kept under incredibly tight security? They would probably take the following actions to minimize risk:

  • Partition the information – so only certain people could access certain information
    • For example, there is no need for all the Brazil analysts to access information on Italy.
  • Remove any network connections
    • For obvious reasons
  • Limit physical access
    • High security rooms, CCTV, armed guards, those fancy double key entry rooms you see in movies, etc, etc
  • ZERO ability to copy data.
    • Systems to prevent photography, printing, etc (obviously USB devices would be blocked

Errr, will no.

Those statements are probably true for critical intelligence, but these cables are NOT even Top Secret. They were just “Secret”, which is pretty low in the world of intelligence, in fact Top Secret is when intelligence circles really start to operate and there several levels above Top Secret.

The data that was stolen was copied from a centralized system, which around 3 million US military and US government workers had access to; from very junior levels upwards.

Much of the data was, according to the Guardian who are involved in leaking the material with WikiLeaks, copied to a CD! I.e – it was nothing more than a drag and drop exercise.

Hardly, high-tech and hardly highly protected data.

There is a staggering lack of security around these secret files. Probably because they contain opinions rather than hard intelligence, source names or signal frequencies.

Given the numerous cases of spying and espionage (see a small sample below, more available here)  its  likely  these cables would already have been seen by other intelligence agencies.

Examples of Spying

It highly unlikely that all cases of spying are discovered and made public.

Given the alleged “risks” this data poses, with “countless lives at risk”  there was little security around the actual data. In fact it sounds like its harder to get onto a plane with a 500 ml bottle of water than get hold of the “secret” cables.

The 250,000 leaked cables maybe the biggest leak ever published, but it’s probably not the biggest leak ever.

Data Theft – T-Mobile 1st Conviction

A former T-Mobile employee has admitted his role in the illegal sale of massive volumes of customer data to marketers.

David Turley, of Birmingham, 39, pleaded guilty to 18 charges under section 55 of the Data Protection Act at Chester Crown Court Un July 2010. A second former T-Mobile employee, Darren Hames, of Staffordshire, 38, will enter his pleas in relation to his alleged role in the theft on 23 November 2010

The illegal sale of millions of subscriber records was revealed by the Information Commissioner Christopher Graham last November, as part of a campaign for tougher sentences for data thieves.

The T-Mobile data was used to cold call and poach subscribers who were coming to the end of their contracts.

The Register

Data Theft – T Mobile (Nov 2009)

Personal details of thousands of mobile phone customers have been stolen and sold to rival firms in the biggest data breach of its kind, the government’s privacy watchdog said today.

An employee of phone operator T-Mobile sold the customer records, including details of when contracts expired. The millions of items of information were sold on for “substantial sums”, the Information Commissioner’s Office (ICO) said. Rival networks and mobile phone retailers then tried to lure away T-Mobile customers by “cold calling”.

Guardian

BBC

Data Theft – T-Mobile 2nd Conviction

Darren Hames aged 38, from Staffordshire, who used to work for T-Mobile UK pleaded guilty at Warrington Crown Court to having sold confidential customer information from the telecom operator to third parties.

Darren Hames was found guilty under Section 55 of the Data Protection Act. Sentancing will not occur until the New Year (2011). The first man convicted in relation to this incident was David Turley, of Birmingham, 39,

The ICO statement on Hames


DNA Rention Limits – More of the Same

The Home Office is due to formally  state that their plan is to maintain the DNA data, of innocent people, for 6 years.

This is, of course, a lot longer than the zero time of many other countries and the UK less than a decade ago, but still a lot less than the previous policy of “forever”.

This statement now follows on from the previous statement in May 2009 by the government of the intention to retain the data fro 12 and 6 years, depending on the offense.

For those not acquainted with the reasons behind this change in the law this is due to the S and Marper V United Kingdom test cases in the ECHR, where they challenged, successfully the UK law on detaining, indefinitely the DNA samples of innocent.

 

 

How to Hack an Oyster Card

There are many reasons to want to know where somebody has been on the Tube

  • Do you want to find out where your girlfriend/boyfriend has been on the tube?
  • Are you concerned that your boss is traveling around London, looking to replace you?
  • Are you just a regular stalker/paparazzi who wants to follow somebody around?
  • Are you a private investigator who wants to know where your perp has gone on the tube?

Whatever the reason the following guide, of just five simple steps, will show you how to access the travel details of a person’s recent underground journeys:

  1. Obtain the relevant Oyster Card
  2. Take the card to the nearest London Underground Station
  3. Walk up to a counter, hand the card over and state “Excuse me mate, but I am not sure my balance is right on this, I think I didn’t swipe out recently, can you check it for me
  4. The TFL staff will then print out a list of the last couple of weeks journeys and hand them to you
  5. Leave the station with the card, the paper, nefarious mind set and a  maniacal laugh

Joking aside, this actually works.

Which is slightly concerning because people can so easily access other peoples travel details. While this may not bother many people, as they will simply say that there journey to work and home again, is their standard commuter route, and so of no interest. Others may think differently.

Firstly, private investigations firms do still use illicit methods to obtain data, the recent telephone bugging scandals involving journalists, is nothing new, its that is only just come to light. A few years ago, several well known companies were involved in a case that showed that information was obtain illegally, via data theft.

High networth individuals, especially if they are going through a divorce or possibly a major deal, can attract the attention of investigation firms. There have been occasions when these individuals have had the routes monitored, their phones and computers hacked into, and other such activity.

People who are involved in protests , for anything from animal rights activists to the anti-war lobby, are likely to be monitored and tracked where possible, and this is not all done via the state.  Large corporate who are likely to be disrupted, or targeted, by protests,  sometimes employ private firms to provide their own intelligence briefings, and these firms will go to great lengths to obtain this information for their client.

Interestingly the TFL (Transport For London) who operate the London Underground, have an exemption from the data protection act, which allows MI5 and the police to get near live data from the system, so track people moving around London.

Follow

Get every new post delivered to your Inbox.

Join 29 other followers