Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

4G and CDMA Reportedly Hacked At DEFCON

CmdrTaco posted about 3 years ago | from the hack-and-slash dept.

Cellphones 139

An anonymous reader writes "At the DEFCON 19 hacking conference it seems that a full man-in-the-middle (MITM) attack was successfully launched against all 4G and CDMA transmissions in and around the venue, the Rio Hotel in Las Vegas. This MITM attack enabled hackers to gain permanent kernel-level root access in some Android and PC devices using a rootkit, and non-persistent user space access in others. In both cases, whoever launched this attack on CDMA and 4G devices was able to steal data and monitor conversations. For now the only evidence that such an attack occurred is a Full Disclosure mailing list post, but in the next few hours and days, depending on the response from cellular carriers, we should know whether it's real or not."

cancel ×

139 comments

Sorry! There are no comments related to the filter you selected.

And that ladies is geeks... (0)

The Pirou (1551493) | about 3 years ago | (#37043798)

And that ladies is geeks...Is why you only gamble at Harrah's!

Re:And that ladies is geeks... (1)

San-LC (1104027) | about 3 years ago | (#37044536)

And that ladies is geeks...Is why you only gamble at Harrah's!

Sorry to burst your bubble, but Caesar's Entertainment owns both Harrah's and the Rio. Hope your Faraday cage fits ar the Blackjack table.

Re:And that ladies is geeks... (0)

The Pirou (1551493) | about 3 years ago | (#37045136)

Thanks, but I could have looked at the back of my Total Rewards Card if I forgot. This was a joke about getting points on that very same card through the same hotel chain while being in a different physical location than where a notorious security convention is going down. Sorry to burst your bubble.

Re:And that ladies is geeks... (3, Insightful)

Sancho (17056) | about 3 years ago | (#37045236)

For what it's worth, I still can't parse what your original post said, nor do I get the joke even after explanation.

Re:And that ladies is geeks... (1)

hxnwix (652290) | about 3 years ago | (#37045666)

DEFCON is at one casino, so this guy was like, "hurr you should go to a different casino if you are joe sixpack otherwise these hackers will get you." (no disrespect, I'm sure the OP was being comical)

I want to call bullshit... (0)

jampola (1994582) | about 3 years ago | (#37043830)

...but something is telling me shit just got real. Wowzers, see what happens when nerdlingers all congregate in one place!?!?

Re:I want to call bullshit... (1)

synthesizerpatel (1210598) | about 3 years ago | (#37045676)

No, it is bullshit.

If this were true someone would have posted captured conversations or some sort of proof. Why just make the claim without any evidence to back it up?

This is just a sad attempt at instilling fear.

No proof, no hack.

And they said I was crazy (4, Funny)

ArhcAngel (247594) | about 3 years ago | (#37043858)

for sticking with my RAZR! BWAHAHAHAH...

Good to know (1)

Phaeilo (1851394) | about 3 years ago | (#37043996)

that I'm not alone out there ;)

Re:Good to know (0)

Anonymous Coward | about 3 years ago | (#37046528)

Yeah, me too. I figure my phone is a phone, and I like that I have a phone that was the zenith of 'make the phone smaller.' Now its a race to get the screens larger and finding a small flip phone is damn hard.

Re:And they said I was crazy (2)

jon3k (691256) | about 3 years ago | (#37044144)

That's the same reason I don't use a computer. And those "security experts" called me a luddite! Ha! Jokes on them!

Re:And they said I was crazy (1)

sunfly (1248694) | about 3 years ago | (#37044464)

Me too, but not because I like the Razr. There is a stack of defective ones on my dresser. My wife's Razr looks like it has gone through a war zone (she doesn't regularly kill them like I do).

The cost of data plans and silly 2 year contracts is keeping us away. Waiting for a prepaid App-phone that I like on a prepaid plan less than $30 a month for each phone. Where getting close....

Re:And they said I was crazy (1)

plover (150551) | about 3 years ago | (#37044636)

for sticking with my RAZR! BWAHAHAHAH...

Psht. Last year a guy at DEFCON demoed a fully functional GSM MITM. That meant he is certainly capable of hijacking your puny RAZR's voice calls.

Can you hear me now!? (1)

LinuxGeek (6139) | about 3 years ago | (#37043878)

This will be interesting if it is true. Maybe this will delay the rollout of smartphones to combat soldiers...

Re:Can you hear me now!? (2)

pnewhook (788591) | about 3 years ago | (#37044004)

That's why I use a blackberry. Secure encrypted communication..

Re:Can you hear me now!? (2, Funny)

Anonymous Coward | about 3 years ago | (#37044034)

What good is encryption when they just hand it over to the government:

http://www.guardian.co.uk/uk/2011/aug/08/london-riots-blackberry-messenger-looting

http://www.bloomberg.com/news/2010-08-30/rim-averts-india-blackberry-ban-as-government-tests-security-modification.html

At least the hack above requires them to do something...

Re:Can you hear me now!? (2)

b0bby (201198) | about 3 years ago | (#37044258)

What good is encryption when they just hand it over to the government:

Well, the fact that it's still encrypted? FTA you linked:

"RIM can be legally ordered to hand over details to police of users suspected of unlawful activity. However, the Canadian company would be likely to resist those demands and the content of users' inflammatory messages would be encrypted. The manufacturer has previously insisted that even it cannot unscramble users' messages when sent on the devices."

If you're using your phone provider's BB Server, then they have access to your messages, but that's not RIM. If you're using your own server then the messages are fully encrypted and no third party should have access. It's my understanding that in India the government has access within the country; I'm not sure if they just block your access to your server and force you to use theirs.

Re:Can you hear me now!? (2)

LordLimecat (1103839) | about 3 years ago | (#37044292)

What good is encryption when they just hand it over to the government:

What, without my BES server's AES-256 key? Good luck with that.

Re:Can you hear me now!? (0)

Anonymous Coward | about 3 years ago | (#37044868)

And you are sure there isn't a network command to dump the phone memory with the 256 bit key?

Re:Can you hear me now!? (1)

LordLimecat (1103839) | about 3 years ago | (#37045840)

I suppose there could be. Are you sure there isnt some network command that will cause your PC to start listening on port 22 for assembly instructions to execute?

Just asking the question doesnt make it a significant concern.

Re:Can you hear me now!? (1)

QuantumRiff (120817) | about 3 years ago | (#37045962)

Why would that matter, if they can get to the other host that you are communicating with? (ie, your cell phone companies BES server) Kind of like saying SSH is secure, when the bad guy is running as root on the other end :)

Re:Can you hear me now!? (1)

DrXym (126579) | about 3 years ago | (#37044622)

The blackberry story looks like so much bullshit. How many people own blackberry devices compared to other kinds of phones. I imagine most rioters if they communicated at all would have done so through sms, twitter and so on.

Re:Can you hear me now!? (1)

Spad (470073) | about 3 years ago | (#37045092)

A lot more than you'd expect; estimates put it at almost 40% of teenagers in the UK who have a Blackberry, mostly for the BBM functionality.

Re:Can you hear me now!? (1)

pnewhook (788591) | about 3 years ago | (#37045344)

The blackberry is the ONLY smartphone that is secure, which is why companies love them and RIM will always have a market share for corporations, ones that care about security anyway.

Re:Can you hear me now!? (1)

SleazyRidr (1563649) | about 3 years ago | (#37045994)

Here's your whoosh.

Re:Can you hear me now!? (0)

Anonymous Coward | about 3 years ago | (#37044046)

+1, Funny.

Re:Can you hear me now!? (2)

wolrahnaes (632574) | about 3 years ago | (#37045638)

That's why I use a VPN and/or SSL encrypted connections on my Android and iPhone. Secure encrypted communication, and I'm not stuck dealing with an e-mail device that's been bodged in to trying to be a smartphone which pointlessly runs everything through RIM's servers. How many times has a server outage disabled functionality on every Blackberry again?

Re:Can you hear me now!? (1)

hxnwix (652290) | about 3 years ago | (#37045736)

That's why I use a blackberry. Secure encrypted communication..

Predictably, this snark generated a whoosh, touching off a flame war.

Re: (1)

taiwanjohn (103839) | about 3 years ago | (#37044072)

I was thinking the same thing. Kinda ties in with the previous /. story about Why The US Will Lose a Cyber War [slashdot.org] .

It's tempting to deploy every new gadget that looks useful, but the military (rather, the gov't in general) has a spotty record in new-tech security.

Re:Can you hear me now!? (1)

DrgnDancer (137700) | about 3 years ago | (#37044170)

It probably will have no affect what-so-ever. Why? Well you probably don't remember, but when the story about using smartphones for soldier to soldier communication came out, I said that the final version would no doubt use a portable military infrastructure for radios and towers. I got a rash of shit from people who a) thought I was right and were convinced the military would be wasting money, or b) thought I was wrong. The general argument went: "every nation on Earth has a cellular infrastructure in place, why not just use that?"

This is why.

Re:Can you hear me now!? (1)

GooberToo (74388) | about 3 years ago | (#37044816)

"every nation on Earth has a cellular infrastructure in place, why not just use that?"

Because you can be traced/tracked by those outside the battlefield, basically making it an intelligence coo.

Re:Can you hear me now!? (1)

compro01 (777531) | about 3 years ago | (#37045386)

I believe the word you're looking for is "coup".

Re:Can you hear me now!? (1)

bennomatic (691188) | about 3 years ago | (#37045564)

No, I'm pretty sure the GP poster was suggesting that enemy intelligence forces communicate with bird calls. "Coo coo!"

Re:Can you hear me now!? (2)

GooberToo (74388) | about 3 years ago | (#37045596)

You are of course correct.

The fact you've bothered to correct a post which took about three seconds to create, while still fully comprehensible, IMOHO, is the greater travesty.

Seriously, look at my posts. I long gave up on caring about typos and spelling errors on /. posts. Most people on /. are beneath contempt. As such, my posts tend to reflect this fact. Basically it boils down to, I don't give a shit for 99% of my posts.

Re:Can you hear me now!? (0)

Anonymous Coward | about 3 years ago | (#37046126)

Seriously, look at my posts. I long gave up on caring about typos and spelling errors on /. posts. Most people on /. are beneath contempt. As such, my posts tend to reflect this fact. Basically it boils down to, I don't give a shit for 99% of my posts.

You realize this makes you a contemptible blowhard like all the rest, right?

Re:Can you hear me now!? (0)

Anonymous Coward | about 3 years ago | (#37044322)

How do you combat a soldier with a phone?

Re:Can you hear me now!? (1)

plover (150551) | about 3 years ago | (#37044684)

With a Cell Phone Cannon [youtube.com] , of course.

PMITA Prison time soon (0)

Anonymous Coward | about 3 years ago | (#37043918)

Someone better hope they get a lenient sentence instead of getting some time in pound me in the ass prison.

Relation between MITM and rootkit (3, Informative)

Bromskloss (750445) | about 3 years ago | (#37043930)

Achieving MITM status is a very different thing from installing a rootkit, in my mind. The summary left out how the two could be connected but the article mention something about it:

Coderman’s report suggests that, like Wi-Fi MITM, which regularly harasses surfers at DEF CONs and other hacker conventions, the attackers were able to inject custom packets into the 4G and CDMA data stream. These forged packets allowed the attackers to create on-screen prompts that, if clicked, installed a rootkit on the PC or Android device.

So, to install the rootkit, you also need to exploit a bug in the user. Where do I file the bug report?

Re:Relation between MITM and rootkit (2)

Infiniti2000 (1720222) | about 3 years ago | (#37043954)

So, to install the rootkit, you also need to exploit a bug in the user. Where do I file the bug report?

Well, the bug is that the on-screen prompt occurred at all. That's the part needs to be stopped. Surely, no one would consciously run the rootkit, but I can see the case where the prompt accidentally gets clicked if it pops up during another high-click-count application.

Re:Relation between MITM and rootkit (1)

nschubach (922175) | about 3 years ago | (#37044020)

Or just a simple button on the screen that get's pushed by a pocket dialer.

I've accidentally put my phone in my pocket only to pull it out later and I was one click away from sending my friend a text full of gibberish.

Re:Relation between MITM and rootkit (1)

gbjbaanb (229885) | about 3 years ago | (#37044080)

depends what the on-screen prompt says. I really doubt it'll say "click here to install virus".

Re:Relation between MITM and rootkit (1)

shugah (881805) | about 3 years ago | (#37044230)

Button labelled "p0rn"

Re:Relation between MITM and rootkit (2)

jesseck (942036) | about 3 years ago | (#37044240)

To make it simple, how about "Network busy: error code 2343" with an "OK" button. In an urban environment, it wouldn't be hard to fathom the network was busy. My Sprint service does that occasionally when I place phone calls, and I have to click "OK" to terminate the call. The MITM attack could cause the appearance of network problems, with the "forced" installation of accepting there were problems, so try again. Who doesn't click "OK" when the network tells them it is busy and to try again later? Of course, now that I think about it, maybe I shouldn't....

Re:Relation between MITM and rootkit (1)

EvilStein (414640) | about 3 years ago | (#37044238)

And we all know how end users love to click on stuff... this is exactly how the existing Android rootkits have been getting installed.

Re:Relation between MITM and rootkit (1)

LordLimecat (1103839) | about 3 years ago | (#37044400)

Well, the bug is that the on-screen prompt occurred at all. That's the part needs to be stopped.

This can be done in plaintext open wifi connections to laptops. You request www.google.com, i send you www.InfectMeWithARootkit.com, which requests permission to download and run executable code. If you agree, you will be rootkitted.

Or on a blackberry, you send a link to a malicious .jad file, and it asks if you want to download, and later run, the content.

Re:Relation between MITM and rootkit (1)

hitmark (640295) | about 3 years ago | (#37046150)

Could be that what we see as a bug was originally intended as a feature, used by the carriers to prompt the handset user about something.

I would that the security-thru-obscurity mentality is still rampant in telcos and related organizations to this day, even tho AT&T and others got bitten by leaving open modems behind unlisted numbers on their switches.

Re:Relation between MITM and rootkit (1)

ByOhTek (1181381) | about 3 years ago | (#37043966)

I believe you have to fill out form AK-47 or M-16, and file it with the appropriate user.

Re:Relation between MITM and rootkit (0)

Anonymous Coward | about 3 years ago | (#37044064)

So, to install the rootkit, you also need to exploit a bug in the user. Where do I file the bug report?

Slashdot, via ExtremeTech.

Re:Relation between MITM and rootkit (1)

Baloroth (2370816) | about 3 years ago | (#37044096)

So, to install the rootkit, you also need to exploit a bug in the user. Where do I file the bug report?

With nature. The bug is already fixed in some new generations of humans, but unfortunately the widespread deployment of the old version and it's tenacity, combined with the fact that most people have updates turned off, prevents a rapid fix of the problem.

However, a long-term plan is currently in effect. A few more earthquakes and hurricanes should do the trick.

Re:Relation between MITM and rootkit (3, Informative)

Anonymous Coward | about 3 years ago | (#37044606)

The injected rootkits were specific to different android builds and phones. On some no prompt was needed, on others if a prompt was accepted we saw the phones get completely destroyed by the rootkits or have the microphones turned on. The WiMax in particular discussion is not LTE, but it is likely that LTE was compromised as well because the hardware required to MiTM WiMax would be software defined radio systems which could just as easily be programmed for 4G as 4G LTE emulation. No upgrades or installs or prompts were required for rooting, it was a progressive system of attacks whereby low-hanging fruit was plucked first, and later the horrific 0days came out to play.

Re:Relation between MITM and rootkit (3, Interesting)

tlhIngan (30335) | about 3 years ago | (#37045280)

So, to install the rootkit, you also need to exploit a bug in the user. Where do I file the bug report?

The user is the biggest vulnerability. It's called the Dancing Pigs [wikipedia.org] problem and it's extremely difficult to protect. In fact, popping up additional dialogs hurt security because of it (that Android permissions screen? Utterly useless - even if you make it so they have to check off every item then hit install).

Hell, the age of the Honor System Virus [wikipedia.org] is actually around. Facebook viruses and spam and such [msdn.com] often rely on such odd techniques as well (click here and here and here, paste this URL, etc...).

A simple popup like "Low battery" might be easily dismissed by anyone and no one is the wiser.

Re:Relation between MITM and rootkit (1)

dissy (172727) | about 3 years ago | (#37046524)

So, to install the rootkit, you also need to exploit a bug in the user.

The user is no doubt the best thing to exploit, as it is the weakest link in the chain.

But you are assuming there are no exploits (Which there are, some Android phones installed the app with no prompt)

You also assume the Over-the-Air updates are signed somehow.

Define "4G" (4, Insightful)

russlar (1122455) | about 3 years ago | (#37043934)

Which "4G" technology are we talking? WiMAX? LTE? AT&T&Tmobile's HSPA cranked up to 11?

Re:Define "4G" (0)

Anonymous Coward | about 3 years ago | (#37044008)

Microsoft 4G, obviously

G is like san Re:Define "4G" (3, Insightful)

140Mandak262Jamuna (970587) | about 3 years ago | (#37044284)

Most Asian languages use a suffix to indicate respectful reference. Japanese uses -san as in Suzuki-san or Yamomoto-san or Admiral Nakudo-san. Similarly Hindi uses ji. As in Obama-ji met the Senator Liberman-ji.

Most cell phone companies use the suffix G to add respectability to what is otherwise a meaningless number.

Re:G is like san Re:Define "4G" (1)

orthancstone (665890) | about 3 years ago | (#37044390)

Long way to get to that, but I'll say it was worth it.

Re:Define "4G" (0)

Anonymous Coward | about 3 years ago | (#37044788)

I think we can safely assume that this Coderman person is lying. If he did what he says he did he would know that 4G means nothing, and instead specified the actual RAN standard.

First lesson of hacking (0)

Anonymous Coward | about 3 years ago | (#37043960)

Nothing is secure.

le sigh (2)

TheBeardIsRed (695409) | about 3 years ago | (#37044092)

Let me take a moment to point out that using the wifi or atms at the hotel as well as making software updates during DEF CON all are squarely in the category of "babytown frolics".

Re:le sigh (4, Insightful)

DrgnDancer (137700) | about 3 years ago | (#37044250)

My technology plan for BlackHat:

1) Put phone on airplane mode
2) Once a day, drive to the middle of the desert to check e-mail/voice mail/text messages.
3) Put phone back on airplane mode.
4) Hope some enterprising asshole hasn't put up some crap in the middle of the desert.

Probably a little over paranoid, but not much. In reality I'd probably be a bit less paranoid than that, but I'd definitely move a few hotels down to do anything more serious than checking text messages.

Re:le sigh (1)

ewanm89 (1052822) | about 3 years ago | (#37045408)

I suggest learning where the power button is, then take out the battery and sim card ;)

Re:le sigh (1)

RobertLTux (260313) | about 3 years ago | (#37045640)

"Probably a little over paranoid, but not much. In reality I'd probably be a bit less paranoid than that, but I'd definitely move a few hotels down to do anything more serious than checking text messages."

actually given that this is DEFCON we are talking about you might be just being "safe" given the mix of TLAs and "interested parties" you might be on to something.

Re:le sigh (0)

Anonymous Coward | about 3 years ago | (#37045744)

IIRC, there was some DEFCON (or something similar) project which increased the range of WLAN to a few km using a passive antenna in one end. You better make sure you're at least a few dozen km into the desert to be safe (assuming you aren't afraid of satellites).

Don't take electronics, maybe? (4, Interesting)

Beardydog (716221) | about 3 years ago | (#37044136)

Why in god's name would anyone be willing to go to that with electronics? For god's sake, just take a pad and pencil! Even if you manage not to become part of a hilarious proof-of-concept hack to startle the audience into realizing how easy it is to X and Y someone's Z by forging an A with a malformed B, and avoid being targeted by some Russian mobster who's thrown out a dragnet for data on -other- people's new techniques ( and sure, credit card numbers and personal info, as long as were in there already, the place is still probably surrounded by black vans full of studious FBI, NSA, DHS, and CIA ( east AND west ) agents, all trying to hack, monitor, and watchlist you on completely separate orders and agendas. It's got to be just... a shitstorm. Am I wrong?

Re:Don't take electronics, maybe? (0)

Anonymous Coward | about 3 years ago | (#37044340)

Because they hacked pads and pencils LAST year, duh.

Re:Don't take electronics, maybe? (1)

Anonymous Coward | about 3 years ago | (#37044436)

Two types of people take electronics (near) there:

1. Those who don't know
2. Those who have honeypots running on their smartphones to collect all the wonderful exploits that others have developed.

Re:Don't take electronics, maybe? (1)

LordLimecat (1103839) | about 3 years ago | (#37044440)

Or just disable your data ports and adapters (ethernet, bluetooth, wifi), and your usb ports. Good luck hacking that; I dont care if youre an NSA agent with Charles Babbage as a lifeline, I doubt you have a hack that can exploit an unpowered wifi adapter.

Re:Don't take electronics, maybe? (1)

ftobin (48814) | about 3 years ago | (#37044750)

Consider attacks involving remove screen capturing and remote keystroke-capturing technology.

I wouldn't want to be viewing or enter any privileged data at such a conference. Simply typing a passphrase could expose you.

Re:Don't take electronics, maybe? (2)

sexconker (1179573) | about 3 years ago | (#37045100)

Consider attacks involving remove screen capturing and remote keystroke-capturing technology.

I wouldn't want to be viewing or enter any privileged data at such a conference. Simply typing a passphrase could expose you.

Such attacks are academic at best. Up there with "able to read deleted data unless you overwrite it at least a dozen times". And then you posit performing such an attack during a tech convention? I'd be more worried about contracting the hantavirus from rat shit in the hotel walls.

Re:Don't take electronics, maybe? (1)

LordLimecat (1103839) | about 3 years ago | (#37046030)

What, exactly, am i logging into without wireless? Why would I care about keystroke capturing if I have no connectivity? Why am I opening Top Secret documents @ DEFCON?

Seems to me I would be listening to music and taking notes.

Re:Don't take electronics, maybe? (1)

ftobin (48814) | about 3 years ago | (#37046358)

You might be using the same passphrase to unlock your device as your email account. Or even if it's not the exact same passphrase, it could provide knowledge on your passphrase methodology, which, combined with other data, would reduce the amount of entropy in your secret.

If the loss of your secret would not in any way assist an attack on another vector, sure, you might be fine. But people are human and can only manage so much.

Also, you wouldn't even need to be opening "top secret" documents. If your device has information on you that could grant access through a lost-passphrase "security question" on a website, you need to protect even that.

Re:Don't take electronics, maybe? (1)

AC-x (735297) | about 3 years ago | (#37044546)

Why in god's name would anyone be willing to go to that with electronics?

Or stick that device in flight mode

You do know what DEFCON is, right? (1)

gosand (234100) | about 3 years ago | (#37044722)

I can't even come up with a sufficient analogy to describe how wrong your comment is.

Like entering a bicycle in a Formula 1 race because you don't like going fast?

Re:Don't take electronics, maybe? (0)

Anonymous Coward | about 3 years ago | (#37044730)

in my experience, those vans are white.

Re:Don't take electronics, maybe? (1)

bill_mcgonigle (4333) | about 3 years ago | (#37044924)

Why in god's name would anyone be willing to go to that with electronics?

Sometimes playing the game is more fun than perfect security. Plus, people can get ahold of you still, so you might actually get invited to parties and such.

It would be bad form to permanently destroy the phone via an exploit, and I'm sure most attendees know how to wipe their phones blank when they get home.

Re:Don't take electronics, maybe? (1)

sempernoctis (1229258) | about 3 years ago | (#37044978)

You need to adjust your tin foil hat. I took my droid, my tablet, and my laptop, and there really isn't that much to worry about if you follow basic security practices, like not sending any plaintext passwords, closing any ports or services you don't need, and not doing financial transactions or other very confidential things there. And I'm sure the assorted 3-letter agencies already know all about anyone they are interested in.

Re:Don't take electronics, maybe? (1)

russotto (537200) | about 3 years ago | (#37046088)

and not doing financial transactions or other very confidential things there

I went to DefCon, logged into my bank, logged out, logged in from a different machine, took out the max advance on all my credit cards, transferred the money into a series of other accounts, then withdrew those as gambling chips, had a lot of fun gambling it all away, then claimed I got hacked.

Re:Don't take electronics, maybe? (0)

Anonymous Coward | about 3 years ago | (#37045572)

The hilarious thing was that no-one was really safe at Defcon. Even the POS terminals ended up hacked (hope everyone payed for liquor with cash!). Harrah's ended up connecting the CTF network to their INTERNAL network. Was especially funny when they found the lighting controllers still used default passwords. Siemens is a joke of an outsource company.

Don't trust the network (0)

Anonymous Coward | about 3 years ago | (#37044138)

Border router security, hard shell soft core, perimeter defense: However you call it, it's all bogus. The network must not be trusted, especially when it's got wireless components. IPSec was the right idea. Shame it doesn't get any use. Somehow the illusion that you can make the network trusted is even more prevalent among users and operators of mobile networks.

Really surprised... not. (4, Informative)

ewanm89 (1052822) | about 3 years ago | (#37044158)

This is DEFCON, it's like putting every army and mercenary group in the world in one room without disarming them first. There is a reason why the DEFCON wireless network is described as the most hostile network on earth, it's more hostile than the internet itself.

Re:Really surprised... not. (1)

tgd (2822) | about 3 years ago | (#37044254)

This is DEFCON, it's like putting every army and mercenary group in the world in one room without disarming them first.
There is a reason why the DEFCON wireless network is described as the most hostile network on earth, it's more hostile than the internet itself.

I smell next years' big summer Hollywood blockbuster!

What's Michael Bay up to?

Re:Really surprised... not. (1)

antdude (79039) | about 3 years ago | (#37044716)

That is why I avoid Sin City during that week so my old school bone conduction analog hearing aid, CASIO Data Bank 150 calculator watch, body, etc. won't get hacked/exploited. :P

HORRAY !! GOOD NEWS EVERYONE !! (0)

Anonymous Coward | about 3 years ago | (#37044162)

We wanted this stuff cracked, and now it is !! HORRAY !! Now it's on to the next unproductive task !! Like submitting crap disquised as news to slashdot !!

If you give a mouse a cookie... (1)

Oswald McWeany (2428506) | about 3 years ago | (#37044220)

If you put candy in a bowl in a room full of children- they will eat it. If you put whiskey in a room full of frat-boys- they will drink it. If you put technology in a room full of hackers- they will hack it. If you put Michael Jackson in a room full of children- he will behave admirably. I don't see much surprise here.

Re:If you give a mouse a cookie... (1)

morgosmaci (1277138) | about 3 years ago | (#37044420)

If you put Michael Jackson in a room full of children- he will behave admirably.

You mean sit in the corner and add a lovely decomposition smell to the room?

Re:If you give a mouse a cookie... (3, Funny)

Oswald McWeany (2428506) | about 3 years ago | (#37044462)

Decomposing plastic has no odor.

Re:If you give a mouse a cookie... (1)

PIBM (588930) | about 3 years ago | (#37044478)

I guess you could say he wouldn`t do a thing..

Re:If you give a mouse a cookie... (1)

jemtallon (1125407) | about 3 years ago | (#37044810)

Michael Jackson behaving admirably... http://i.imgur.com/Okk86.jpg [imgur.com]

You Fa"il It! (-1, Redundant)

Anonymous Coward | about 3 years ago | (#37044370)

Moans and groans to its laid-Back Good to write you

For once, helps to be Canadian! (1)

thejaded1 (582827) | about 3 years ago | (#37044398)

... or any other country with atrocious data package rates.

I shut my Android's data option off before arrived, primarily for costs reasons, but also for security reasons. I'm sure there were plenty other foreign travelers who had there data disabled for duration of their stay.

Fucking Steve Jobs! (1)

bennomatic (691188) | about 3 years ago | (#37044410)

I'm sure he's responsible for this somehow. Probably because he can't innovate!!

Featuer Phones for the Win (0)

Anonymous Coward | about 3 years ago | (#37044564)

Verizon can't figure out why I tried a smartphone and went back to a "regular" phone as soon as my contract was up. The data plans are too expensive, they want you to pay extra for tethering, they have data caps, and the devices are way too intrusive (see iPhone location scandal or Android's WiFi surveillance). You couldn't pay me money to carry a smart phone around unless there was one I rooted and installed a custom version of *nix on it (like some WiFi routers).

We need Authentication/Encryption NOW (1)

Gyorg_Lavode (520114) | about 3 years ago | (#37044648)

This points that the last bastion of security (secure transport layers provided by the transporter) is no longer viable. MITM is apperently practical on most wireless networks, even the adnvaced cellular ones. In that case, you MUST authenticate every location every app goes to. This means EVERYONE needs certs. I wish there was more info on Moxie's new tool [convergence.io] because it may be an absolute necessity in the very near future. (Unless the CAs are going to start giving out free certs.)

Re:We need Authentication/Encryption NOW (0)

Anonymous Coward | about 3 years ago | (#37045216)

Lol wrong. One of the 0days The Beast system used was a remote exploit in TextSecure!

Re:We need Authentication/Encryption NOW (1)

DDLKermit007 (911046) | about 3 years ago | (#37045450)

You make it out to be way worse than it is. If you go over cellular, should just SSH back to your home connection. The wireless insecurity isn't much to worry about at that point. WiMax is a huge joke security-wise anyways. WiMax was cracked last year already in this regard. Seems he spent the year building better tools.

Re:We need Authentication/Encryption NOW (1)

citizenr (871508) | about 3 years ago | (#37046352)

Its worse than that. Last year GSM presentation revolved around taking over GSM codec part of the phone, and ALL android phones run codec in same memory space as main CPU.

FYI (2)

DDLKermit007 (911046) | about 3 years ago | (#37045362)

It's WiMax that's fallen. It was already cracked open as of the last Defcon. Some other cool stuff is being done with it too. The WiMax authentication system is a joke.

Pfft, no 4G in the US what are you talking about (0)

Anonymous Coward | about 3 years ago | (#37045752)

I do hope the authors realize that 4G is not LTE, but the technology that comes after it. Without reading the article it sounds like Verizon just had it's ass kicked.

What's commonly advertised as 4G right now is still 3G.

Don't worry (1)

ThatsNotPudding (1045640) | about 3 years ago | (#37046234)

the carriers will fix this by rolling out... 5G!!!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>