It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Millions of Sim cards are 'vulnerable to hack attack'

page: 1
8

log in

join
share:

posted on Jul, 22 2013 @ 03:00 PM
link   

Millions of Sim cards are 'vulnerable to hack attack'


www.bbc.co.uk

A flaw with mobile phones' Sim card technology is putting millions of people at risk of being spied on and robbed, according to a leading security expert.
(visit the link for the full news article)


Related News Links:
srlabs.de..." target="_blank" class="postlink">https:



posted on Jul, 22 2013 @ 03:00 PM
link   
Well Chaps and Chapesses,

This is my first post, so please be gentle with me!

According to the BBC, our mobile phone data may be at significant risk of theft, by hackers using a flaw in the security used by within the sim card itself.

The hack is initiated by the hacker sending a text in binary to the phone. When the text program is executed, it allows the hacker to upload additional malware written in Java to the phone.

In addition to allowing the theft of data, the hack may also permit, criminals and dare I say others to listen into your calls. In addition, the malware maybe used to track the phones location. Apparently, the digital signature is in about 75% of cases the phone will recognise the signature as fake and cut communication.

It kind of makes you think, how long the security services have known of this flaw and have utilised it. It also makes me wonder if these "back doors" are being identified by private concerns, how many others are there in the other devices we use in our everyday life.

www.bbc.co.uk
(visit the link for the full news article)



posted on Jul, 22 2013 @ 03:29 PM
link   
reply to post by thefifthcat
 

Everything that is technologically incorporated in everyday life is vulnerable to hack attacks. Nothing is impervious. So sit back, relax. Put your feet up and enjoy the funny pages.



posted on Jul, 22 2013 @ 03:32 PM
link   
reply to post by thefifthcat
 


It was built like it from the start.

The only problem now is that "bad people" are exploiting too =/



posted on Jul, 22 2013 @ 03:38 PM
link   
reply to post by XLR8R
 


I think that sounds like good advice.



posted on Jul, 22 2013 @ 03:49 PM
link   
Well, the NSA already has all of this info on you anyway...

Can't see how a hacker having it would be much worse.

eta: BTW this is also why I am happy NFC tech is so behind in the US, I don't need my smartphone being my wallet as well.
edit on 22-7-2013 by benrl because: (no reason given)



posted on Jul, 22 2013 @ 03:57 PM
link   
reply to post by benrl
 


I'd forgotten about Near Field. There have been spates of NFC cards being scanned and charged, when people have passed scanners with the card in their wallet and pocket. I think it is a technological advance which is open to abuse.



posted on Jul, 22 2013 @ 04:12 PM
link   

Originally posted by thefifthcat
reply to post by benrl
 


I'd forgotten about Near Field. There have been spates of NFC cards being scanned and charged, when people have passed scanners with the card in their wallet and pocket. I think it is a technological advance which is open to abuse.



Yea, and that would be the only way for them to steal money with this method, by gaining root access through the sim vulnerability to NFC information.

Unless people are worried about cell charges, cause the other thing would be cloning the sim.



posted on Jul, 22 2013 @ 04:16 PM
link   
Your best way to stay safe and secure is buying the cheapest mobile phone you can possibly find like one that costs £10 and comes with a £5 top up voucher they are perfect for criminals becouse the police can not trace your signal and pin point you the phone is too poor of quality to be compatible with all the latest spy technology but also good for people who are paranoid and think people are spying on them.



posted on Jul, 22 2013 @ 08:45 PM
link   
no worries
Everything connected to the web is at risk
stop living in fear,. and drink the cool aid



posted on Jul, 23 2013 @ 01:24 AM
link   

Originally posted by XLR8R
reply to post by thefifthcat
 

Everything that is technologically incorporated in everyday life is vulnerable to hack attacks. Nothing is impervious.
Then why does the source say:


Mr Nohl said one in eight Sim cards might be vulnerable
That implies 7 out of 8 sim cards are not vulnerable to this attack, which is far from everything. Therefore there does seem to be a flaw with that 1 out of 8 sim cards.


Originally posted by thefifthcat
This is my first post, so please be gentle with me!
Good job on your first thread! plenty of comments to give your perspective and discussion points.

The biggest mistake most seem to make is not using search or using too many search terms when doing so, and not finding the material was already posted. In addition to search, I also look in the forum post list at the first page to see if the topic appears there but didn't show up in search, as it only takes a few seconds to do that.



posted on Jul, 23 2013 @ 08:09 AM
link   
reply to post by thefifthcat
 


So java is it android then? I know some of the sim card specs allowed a small java applet to run on the sim card or something…



posted on Jul, 23 2013 @ 08:33 AM
link   
reply to post by Arbitrageur
 


Well, the public wouldn't like it very much if he were to say; "Every sim card is possibly vulnerable to attack" now would they? All tech is hackable. All of them in one way shape or form, bar none.
edit on 23-7-2013 by XLR8R because: (no reason given)



posted on Jul, 23 2013 @ 10:28 AM
link   
reply to post by thefifthcat
 




The hack is initiated by the hacker sending a text in binary to the phone. When the text program is executed, it allows the hacker to upload additional malware written in Java to the phone.


i'm going to have to look into this, that just doesn't make sense. Are phones scanning text messages for code and arbitrarily running it? And how exactly are you initiating this without the user becoming aware, I sure as heck know when I get an SMS text.

nothing you can't protect yourself against with the right know how, but yeah, I'm sure like many security holes, this bug has made the rounds through intelligence agencies.



posted on Jul, 23 2013 @ 10:34 AM
link   
reply to post by SupersonicSerpent
 





Your best way to stay safe and secure is buying the cheapest mobile phone you can possibly find like one that costs £10 and comes with a £5 top up voucher they are perfect for criminals becouse the police can not trace your signal and pin point you the phone is too poor of quality to be compatible with all the latest spy technology but also good for people who are paranoid and think people are spying on them.


the only reason those are harder to track is because of the "burner" nature of them, basically single use phones. You can be tracked to an alarming accuracy from the towers and networks you connect to, which all phones do regardless of how "smart" they are.

In fact, if you are using burner phones and consistent in your locations, they can interpolate that it's you from past usage.

There is no way to avoid spying 100% if you are using someone elses network, and you will always be using someone elses network. You can make it harder though. You can use apps instead of SMS and cell, apps that can offer end to end encryption.

Sure, they still get your traffic, but they might never be able to decrypt it. They are collecting far too much data to be concerned with breaking encryption on joe blows traffic. Unless you were a direct target, encryption alone should save you some hassle.

That's why as soon as this NSA story broke big, major credit card companies added VPNs to their list of stuff you can't buy, VISA and Mastercard as far as I know, but probably others. That's why when you talk about large p2p or voip systems that offer encryption, you see the NSA making direct deals with them, because it's too costly to dump resources into breaking encryption.

If you want to be secure, get an android phone, install either a rom you hand build, or cyanogen mod, this alone replaces most of the bloat and spyware added by the telco and manufacturer. Then pay for an encypted SIP service that is not within the united states.

You are still tracked, but not directly, and it's not easy for them to force offshore companies to hand your data over.



posted on Jul, 24 2013 @ 07:42 AM
link   
I don't have a cell phone or an iPod or a tablet only this computer in Mum's basement. Know, it's not becuase I can't afford better.

Darryl Forests
It's becusae she can't afford better.



posted on Jul, 24 2013 @ 11:27 AM
link   

Originally posted by XLR8R
reply to post by Arbitrageur
 


Well, the public wouldn't like it very much if he were to say; "Every sim card is possibly vulnerable to attack" now would they? All tech is hackable. All of them in one way shape or form, bar none.
Where is the source explaining the vulnerability on the rest of the sim cards?

Without that it sounds like you're making stuff up. This is a very specific vulnerability and as far as I can tell, not all sim cards have this vulnerability.



posted on Jul, 24 2013 @ 12:03 PM
link   
reply to post by Arbitrageur
 


It's just common sense. If you know anything about today's technology you know there are ways to circumvent any safeguards put in place. That's just the way it is. If it can interact with other hardware then there's potential vulnerability.



new topics

top topics



 
8

log in

join