It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Millions of Sim cards are 'vulnerable to hack attack'
page: 18
share:
Millions of Sim cards are 'vulnerable to hack attack'
www.bbc.co.uk
(visit the link for the full news article)
A flaw with mobile phones' Sim card technology is putting millions of people at risk of being spied on and robbed, according to a leading security expert.
Related News Links:
srlabs.de..." target="_blank" class="postlink">https:
Well Chaps and Chapesses,
This is my first post, so please be gentle with me!
According to the BBC, our mobile phone data may be at significant risk of theft, by hackers using a flaw in the security used by within the sim card itself.
The hack is initiated by the hacker sending a text in binary to the phone. When the text program is executed, it allows the hacker to upload additional malware written in Java to the phone.
In addition to allowing the theft of data, the hack may also permit, criminals and dare I say others to listen into your calls. In addition, the malware maybe used to track the phones location. Apparently, the digital signature is in about 75% of cases the phone will recognise the signature as fake and cut communication.
It kind of makes you think, how long the security services have known of this flaw and have utilised it. It also makes me wonder if these "back doors" are being identified by private concerns, how many others are there in the other devices we use in our everyday life.
www.bbc.co.uk
(visit the link for the full news article)
This is my first post, so please be gentle with me!
According to the BBC, our mobile phone data may be at significant risk of theft, by hackers using a flaw in the security used by within the sim card itself.
The hack is initiated by the hacker sending a text in binary to the phone. When the text program is executed, it allows the hacker to upload additional malware written in Java to the phone.
In addition to allowing the theft of data, the hack may also permit, criminals and dare I say others to listen into your calls. In addition, the malware maybe used to track the phones location. Apparently, the digital signature is in about 75% of cases the phone will recognise the signature as fake and cut communication.
It kind of makes you think, how long the security services have known of this flaw and have utilised it. It also makes me wonder if these "back doors" are being identified by private concerns, how many others are there in the other devices we use in our everyday life.
www.bbc.co.uk
(visit the link for the full news article)
reply to post by thefifthcat
Everything that is technologically incorporated in everyday life is vulnerable to hack attacks. Nothing is impervious. So sit back, relax. Put your feet up and enjoy the funny pages.
Everything that is technologically incorporated in everyday life is vulnerable to hack attacks. Nothing is impervious. So sit back, relax. Put your feet up and enjoy the funny pages.
reply to post by thefifthcat
It was built like it from the start.
The only problem now is that "bad people" are exploiting too =/
It was built like it from the start.
The only problem now is that "bad people" are exploiting too =/
Well, the NSA already has all of this info on you anyway...
Can't see how a hacker having it would be much worse.
eta: BTW this is also why I am happy NFC tech is so behind in the US, I don't need my smartphone being my wallet as well.
Can't see how a hacker having it would be much worse.
eta: BTW this is also why I am happy NFC tech is so behind in the US, I don't need my smartphone being my wallet as well.
edit on 22-7-2013 by
benrl because: (no reason given)
reply to post by benrl
I'd forgotten about Near Field. There have been spates of NFC cards being scanned and charged, when people have passed scanners with the card in their wallet and pocket. I think it is a technological advance which is open to abuse.
I'd forgotten about Near Field. There have been spates of NFC cards being scanned and charged, when people have passed scanners with the card in their wallet and pocket. I think it is a technological advance which is open to abuse.
Originally posted by thefifthcat
reply to post by benrl
I'd forgotten about Near Field. There have been spates of NFC cards being scanned and charged, when people have passed scanners with the card in their wallet and pocket. I think it is a technological advance which is open to abuse.
Yea, and that would be the only way for them to steal money with this method, by gaining root access through the sim vulnerability to NFC information.
Unless people are worried about cell charges, cause the other thing would be cloning the sim.
Your best way to stay safe and secure is buying the cheapest mobile phone you can possibly find like one that costs £10 and comes with a £5 top up
voucher they are perfect for criminals becouse the police can not trace your signal and pin point you the phone is too poor of quality to be
compatible with all the latest spy technology but also good for people who are paranoid and think people are spying on them.
no worries
Everything connected to the web is at risk
stop living in fear,. and drink the cool aid
Everything connected to the web is at risk
stop living in fear,. and drink the cool aid
Then why does the source say:
Originally posted by XLR8R
reply to post by thefifthcat
Everything that is technologically incorporated in everyday life is vulnerable to hack attacks. Nothing is impervious.
That implies 7 out of 8 sim cards are not vulnerable to this attack, which is far from everything. Therefore there does seem to be a flaw with that 1 out of 8 sim cards.
Mr Nohl said one in eight Sim cards might be vulnerable
Good job on your first thread! plenty of comments to give your perspective and discussion points.
Originally posted by thefifthcat
This is my first post, so please be gentle with me!
The biggest mistake most seem to make is not using search or using too many search terms when doing so, and not finding the material was already posted. In addition to search, I also look in the forum post list at the first page to see if the topic appears there but didn't show up in search, as it only takes a few seconds to do that.
reply to post by thefifthcat
So java is it android then? I know some of the sim card specs allowed a small java applet to run on the sim card or something…
So java is it android then? I know some of the sim card specs allowed a small java applet to run on the sim card or something…
reply to post by Arbitrageur
Well, the public wouldn't like it very much if he were to say; "Every sim card is possibly vulnerable to attack" now would they? All tech is hackable. All of them in one way shape or form, bar none.
Well, the public wouldn't like it very much if he were to say; "Every sim card is possibly vulnerable to attack" now would they? All tech is hackable. All of them in one way shape or form, bar none.
edit on 23-7-2013 by XLR8R because: (no reason given)
reply to post by thefifthcat
i'm going to have to look into this, that just doesn't make sense. Are phones scanning text messages for code and arbitrarily running it? And how exactly are you initiating this without the user becoming aware, I sure as heck know when I get an SMS text.
nothing you can't protect yourself against with the right know how, but yeah, I'm sure like many security holes, this bug has made the rounds through intelligence agencies.
The hack is initiated by the hacker sending a text in binary to the phone. When the text program is executed, it allows the hacker to upload additional malware written in Java to the phone.
i'm going to have to look into this, that just doesn't make sense. Are phones scanning text messages for code and arbitrarily running it? And how exactly are you initiating this without the user becoming aware, I sure as heck know when I get an SMS text.
nothing you can't protect yourself against with the right know how, but yeah, I'm sure like many security holes, this bug has made the rounds through intelligence agencies.
reply to post by SupersonicSerpent
the only reason those are harder to track is because of the "burner" nature of them, basically single use phones. You can be tracked to an alarming accuracy from the towers and networks you connect to, which all phones do regardless of how "smart" they are.
In fact, if you are using burner phones and consistent in your locations, they can interpolate that it's you from past usage.
There is no way to avoid spying 100% if you are using someone elses network, and you will always be using someone elses network. You can make it harder though. You can use apps instead of SMS and cell, apps that can offer end to end encryption.
Sure, they still get your traffic, but they might never be able to decrypt it. They are collecting far too much data to be concerned with breaking encryption on joe blows traffic. Unless you were a direct target, encryption alone should save you some hassle.
That's why as soon as this NSA story broke big, major credit card companies added VPNs to their list of stuff you can't buy, VISA and Mastercard as far as I know, but probably others. That's why when you talk about large p2p or voip systems that offer encryption, you see the NSA making direct deals with them, because it's too costly to dump resources into breaking encryption.
If you want to be secure, get an android phone, install either a rom you hand build, or cyanogen mod, this alone replaces most of the bloat and spyware added by the telco and manufacturer. Then pay for an encypted SIP service that is not within the united states.
You are still tracked, but not directly, and it's not easy for them to force offshore companies to hand your data over.
Your best way to stay safe and secure is buying the cheapest mobile phone you can possibly find like one that costs £10 and comes with a £5 top up voucher they are perfect for criminals becouse the police can not trace your signal and pin point you the phone is too poor of quality to be compatible with all the latest spy technology but also good for people who are paranoid and think people are spying on them.
the only reason those are harder to track is because of the "burner" nature of them, basically single use phones. You can be tracked to an alarming accuracy from the towers and networks you connect to, which all phones do regardless of how "smart" they are.
In fact, if you are using burner phones and consistent in your locations, they can interpolate that it's you from past usage.
There is no way to avoid spying 100% if you are using someone elses network, and you will always be using someone elses network. You can make it harder though. You can use apps instead of SMS and cell, apps that can offer end to end encryption.
Sure, they still get your traffic, but they might never be able to decrypt it. They are collecting far too much data to be concerned with breaking encryption on joe blows traffic. Unless you were a direct target, encryption alone should save you some hassle.
That's why as soon as this NSA story broke big, major credit card companies added VPNs to their list of stuff you can't buy, VISA and Mastercard as far as I know, but probably others. That's why when you talk about large p2p or voip systems that offer encryption, you see the NSA making direct deals with them, because it's too costly to dump resources into breaking encryption.
If you want to be secure, get an android phone, install either a rom you hand build, or cyanogen mod, this alone replaces most of the bloat and spyware added by the telco and manufacturer. Then pay for an encypted SIP service that is not within the united states.
You are still tracked, but not directly, and it's not easy for them to force offshore companies to hand your data over.
I don't have a cell phone or an iPod or a tablet only this computer in Mum's basement. Know, it's not becuase I can't afford better.
Darryl Forests
It's becusae she can't afford better.
Darryl Forests
It's becusae she can't afford better.
Where is the source explaining the vulnerability on the rest of the sim cards?
Originally posted by XLR8R
reply to post by Arbitrageur
Well, the public wouldn't like it very much if he were to say; "Every sim card is possibly vulnerable to attack" now would they? All tech is hackable. All of them in one way shape or form, bar none.
Without that it sounds like you're making stuff up. This is a very specific vulnerability and as far as I can tell, not all sim cards have this vulnerability.
reply to post by Arbitrageur
It's just common sense. If you know anything about today's technology you know there are ways to circumvent any safeguards put in place. That's just the way it is. If it can interact with other hardware then there's potential vulnerability.
It's just common sense. If you know anything about today's technology you know there are ways to circumvent any safeguards put in place. That's just the way it is. If it can interact with other hardware then there's potential vulnerability.
new topics
-
President-elect TRUMP Picks MATT GAETZ for his ATTORNEY GENERAL - High Level PANIC Ensues.
2024 Elections: 1 hours ago -
Mike Tyson returns 11-15-24
World Sports: 5 hours ago -
HHS Spent Hundreds of Millions of Dollars on DEI Initiatives Under Biden, Watchdog Finds
US Political Madness: 7 hours ago -
Breaking: FBI Agents Raid Polymarket CEO After Betting Site Predicts Trump Win
General Conspiracies: 7 hours ago -
The Guardian quits Elon Musk's X social media platform
Mainstream News: 8 hours ago -
Thune selected as Senate Republican Leader
US Political Madness: 10 hours ago -
Band of Brothers 2001 Classic
Television: 10 hours ago -
US warship Edsall Lost after Pearl Harbor Attack Found 80 Years Later ... by Accident
Mainstream News: 11 hours ago
top topics
-
Breaking: FBI Agents Raid Polymarket CEO After Betting Site Predicts Trump Win
General Conspiracies: 7 hours ago, 18 flags -
How can you defend yourself when the police will not tell you what you did?
Posse Comitatus: 17 hours ago, 17 flags -
The Guardian quits Elon Musk's X social media platform
Mainstream News: 8 hours ago, 15 flags -
Thune selected as Senate Republican Leader
US Political Madness: 10 hours ago, 13 flags -
US warship Edsall Lost after Pearl Harbor Attack Found 80 Years Later ... by Accident
Mainstream News: 11 hours ago, 13 flags -
HHS Spent Hundreds of Millions of Dollars on DEI Initiatives Under Biden, Watchdog Finds
US Political Madness: 7 hours ago, 11 flags -
Band of Brothers 2001 Classic
Television: 10 hours ago, 7 flags -
WATCH LIVE: US Congress hearing on UFOs, unidentified anomalous phenomena
Aliens and UFOs: 13 hours ago, 7 flags -
President-elect TRUMP Picks MATT GAETZ for his ATTORNEY GENERAL - High Level PANIC Ensues.
2024 Elections: 1 hours ago, 6 flags -
Worlds Behind You…
Short Stories: 13 hours ago, 4 flags
active topics
-
President-elect TRUMP Picks MATT GAETZ for his ATTORNEY GENERAL - High Level PANIC Ensues.
2024 Elections • 9 • : rickymouse -
Trump picks Gov. Kristi Noem to serve as homeland security secretary
2024 Elections • 39 • : Lumenari -
President-Elect DONALD TRUMP's 2nd-Term Administration Takes Shape.
Political Ideology • 167 • : KrustyKrab -
Band of Brothers 2001 Classic
Television • 3 • : RickyD -
Election statistics question
2024 Elections • 23 • : chr0naut -
WATCH LIVE: US Congress hearing on UFOs, unidentified anomalous phenomena
Aliens and UFOs • 31 • : WeMustCare -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 3257 • : Crazierfox -
Mike Tyson returns 11-15-24
World Sports • 8 • : grey580 -
Breaking: FBI Agents Raid Polymarket CEO After Betting Site Predicts Trump Win
General Conspiracies • 17 • : peter_kandra -
New York State Government Kills Peanut the Squirrel and Fred the Raccoon
US Political Madness • 69 • : xuenchen
8