SlideShare ist ein Scribd-Unternehmen logo

Phone Hacking: A lucrative, but largely hidden history

Als PPTX, PDF herunterladen
David Rogers
David Rogers

This talk explains some of the things that have been going on in the mobile phone hacking world for a number of years. SIM unlocking and other types of hacking associated with it have been extremely lucrative for many embedded systems hackers, but the topic has never really been covered by the media, whilst things like "carding" have been because of its illegality. Some of the artificial protection mechanisms such as SIMlock have actually driven hacking research, with end users actively seeking to remove the locks and pay people to do it. This hacking community has steadily evolved and merged into the rooting and jailbreaking scene, where again ordinary end users are more than willing to stump up cash to break the mechanisms to free their device, whilst unwittingly driving mobile phone theft. The ultimate result is an arms race between the hacking community and the device security engineers. A race of engineering wit and skill, combined with some war-like strategy and tactics.

Geräte & HardwareTechnologie
1 von 25
Mobile Phone Hacking: A lucrative, but largely hidden history DC4420 David Rogers 27th May 2014 Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved. http://www.mobilephonesecurity.org
Car Radio Hacking – 1990s / 2000s  PIN locks to deter and remove value of theft  Hacking tools reset / calculate / remove security codes Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Some Phone Terms: SIMlock & IMEI  SIMlock: – used to secure the device to a particular network during the period of the subsidy, can be unlocked with CK codes by calling operator – Different variants of locks – Recent court case in the US over legality (and lots of other previous fights)  IMEI : – the International Mobile Equipment Identity number – unique to each device – can be blocked if device is stolen  Other interesting information on device that would be hacked – E.g. to change language packs, phone lock removal, text etc.  Big battle between mobile industry and hacking groups between c.1999 and now – has evolved to jailbreak / root community Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
‘Unlocking’ and IMEI changing  What is ‘unlocking? – SIMlocks – Most hacking used to be aimed at the SIMlock area  The security area in the handset would protect all sensitive data – including IMEI and SIMlock  What is a dirty hack? – Hacks targeted against the security area would often cause corruption to data – including the IMEI. – Data such as RF calibration settings would often be wiped out  Hacking tools usually dual-use (SIMlock and IMEI) – Causes problems in countries where IMEI changing is illegal – difficult and costly to get direct proof Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
INTERNET Historic Criminal Structure EMBEDDED HACKER HACKING GROUP INTERNET SHOP SHOP OR STALL REPAIR CENTRE APPLICATION HACKER ORGANISED CRIME RE-SELLER END-USERTHIEF DRUG DEALER MASS THEFT SUBSCRIPTION FRAUD STREET CRIME BLACK MARKET EXPORTER (UNLOCKING / IMEI CHANGING) EBAY COUNTERFEITING IP THEFT ‘USER’ CRIMES MURDER ETC. Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
INTERNET EMBEDDED HACKER HACKING GROUP INTERNET SHOP SHOP OR STALL REPAIR CENTRE APPLICATION HACKER ORGANISED CRIME RE-SELLER FREE SOFTWARE END-USERTHIEF DRUG DEALER VALUE METHOD £10 - £30 CASH DEBIT / CREDIT CARD £50 - £500 WESTERN UNION PAYPAL POSTAL ORDER £500 - £5000 WESTERN UNION £5000+ WESTERN UNION Mobile Phone Security - David Rogers Historic Financial Structure Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Examples of Hacking Hardware  Standard service repair equipment – Fraudulent purchasing of manufacturer’s equipment  Mass produced hardware by hacking groups – Griffin Box – UFS-3 (Twister) – Blazer – Clips  Evolution – New equipment was constantly developed as new models were released – New technologies and hardware security to ensure revenue Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Mass Manufacture of Hacking Hardware Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Examples of Hacking Hardware (2) • Most hacks steal their solutions from already existing hacks — May seem to be 22 hacks available – just old hacks re-packaged. — Different front-end to software — Different hardware — the ‘golden’ part of the source code is from 1 hack • Lots of ‘ghost’ hacks that are aimed at defrauding people — same in 2012 with jailbreaking on iOS6 Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Hardware Hacking Methods  EEPROM cloning or ‘Chipping’ – Old method – Copied EEPROM with basic equipment – Main aim to put EEPROM with no SIMlock on – Result: IMEI number was cloned  PIC’s (Programmable Integrated Circuits) – Execute small sequences of commands – Placed in-line to ‘snatch’ or modify data  Flash device hot-swapping (almost impossible now)  Exploitation of boundary scan ports  External clips and dongles  Note: less economical than software hacks Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
In-line PIC Between SIM and Device Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Software Hacking Methods  Direct change – Breaking a programming algorithm – Finding the correct test interface protocol command • Still used(!) serial communications / USB monitoring equipment  Modifying binary files (software download files) – Inserting jump code – Hijacking other functions in the code to subvert security – Taking advantage of software design flaws  Abuse of boundary scan to monitor phone processes  ‘Dumping’ to logs of data from secure areas  Brute force cracking of algorithms  Theft of information from Design Centres / Factories / Service Centres  “Voodoo Galaxy SIII SIM unlock” tool required device to be rooted… Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Typical (Old) Software Hack Methodology MARKETING LAUNCH AT TRADE SHOW PHONE RELEASED TO MARKET RESEARCH THEFT OF EARLY MODEL NETWORK OPERATOR SAMPLES MANUFACTURER HACKER OPEN SOURCE INFO AND HACKING TOOLS TIMESCALE 0 MONTHS 6 - 12 MONTHS HACKING SOLUTION DISTRIBUTE APPLICATION PROTECT APPLICATION APPLICATION PROTECTION TOOLS PRODUCT SECURITY DETECTION Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Use of Hardware Clips – 5 Second Unlocking!  Simple to use, takes it’s power from the handset  Contains a Programmable Integrated Circuit  Bombards the handset with commands in a repetitive sequence  The handset eventually gives up and resets itself – unfortunately resetting the SIMlock!  This type of attack was used on many different makes of handsets  Clips have now evolved and the term is usually used in reference to dongles Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
“Logs”  Used as a method of continually generating revenue for the real hackers and re-sellers at the top of the food chain – a historical issues for hackers  Original concept by 3 Nokia hackers and dealers from Serbia: – George, Boban (Slobodan Andrics) and Dejan (Dejan Kaljevic)  How do logs work? – Encrypted by hackers to avoid cracking by other hackers – An example: • Crack the master security locks -> generate an encrypted log of security area information -> close the security lock on the handset again!  ‘Logs’ will be available only if the hacking solution is two part – ‘Dumb’ client application to communicate with handset – Data is sent to hacker / re-seller – Corresponding data to unlock / change IMEI received from hacker / re- seller Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
 Some manufacturers and ODMs used symmetric algorithms based on the IMEI number to generate CK codes – Broken and every possible iteration for each IMEI available  Later versions cracked the factory / service tools because they were leaked rather than cracking the handset  Down to poor manufacturer security and breaking principle of no stored, shared secrets! CK Algorithm Breaches Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
De-capping and Focused Ion Beam Equipment Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Newer Hardware and System Level Attacks  George Hotz – original iPhone jailbreak – Used hardware flaw to XOR data address and insert jump code to empty memory where he could execute his own bootloader – Allegedly assisted by European Infineon hacking teams  Rooting – Various methods, exploiting vulnerabilities – Usually used as a staging area for other attacks (e.g. malware) – Examples: • RageAgainstTheCage, uboot, zergRush, gingerbreak • Other private exploits – Some manufacturers providing it as a service in order to prevent people hacking  Legal battles around this area (e.g. US copyright office 2010, 2012) – OK to remove SIMlocks and root devices Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Newer Motivations  Main targets / motivations recently have been:  Rooting / jailbreak device – for piracy / other apps / custom OS / spyware  SIM unlocking – break out of subsidy (cheap device) / fraud / export of stolen devices  IMEI changing – re-enable stolen handsets in same country  Launchpad attacks – spyware / malware / anti-theft tools / in- app billing  Fixing issues – e.g. old SIMlocked device, can’t contact operator Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
2002 2003 2004 2005 2006 2007 2008 2009 2010/11 2012 EICTA / GSMA 9 Principles OMTP Trusted Environment: OMTP TR0 OMTP Advanced Trusted Environment: OMTP TR1 TCG MPWG Specification GSMA Pay-Buy-Mobile FragmentedSecurity Handset Embedded Security Evolution (to 2012) Google / Apple Proprietary hardware security features Banking / film industry requirements WAC RIM / Nokia proprietary security features webinos Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Evad3rs, i0n1c, geohot, RedSn0w – iOS6 & iOS7  iOS6 hack “used more zero-days than stuxnet”*  Millions of downloads – huge market  Evasi0n iOS7 jailbreak rushed out due to competition (and 7.1 release), packaged with Chinese app store (Taig) – Rumoured to be $1million – Rumours of dirty tricks / questionable sources for some holes – Strategic and tactical thinking, all ‘untethered’  Some holes allegedly held back by various teams for future cracks on iOS8  Teams still reverse and hack each others tools (like SIMlock)  George Hotz tried to sell to a Chinese team (via a broker) for $350,000 – Audio clip released with negotiation discussions * Ref: http://www.forbes.com/sites /andygreenberg/2013/02/05 /inside-evasi0n-the-most- elaborate-jailbreak-to-ever- hack-your-iphone/ Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
May 2014 – Root Bounty for Verizon & AT&T Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Kill Switch / Anti-Theft Mechanism Targeting?  Obvious this would happen Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved. Car Radio Hacking - 2014
Questions? david.rogers {@} copperhorse.co.uk @drogersuk Mobile Systems Security course: http://www.cs.ox.ac.uk/softeng/subjects/MSS.html Mobile Security: A Guide for Users: http://www.lulu.com/gb/en/shop/david-rogers/mobile-security-a- guide-for-users/paperback/product-21197551.html Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved. http://www.mobilephonesecurity.org

Empfohlen

Mobile Hacking
Mobile HackingMobile Hacking
Mobile HackingNovizul Evendi
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Sina Manavi
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile AppsSophos Benelux
 
Owasp top 10
Owasp top 10 Owasp top 10
Owasp top 10 veerababu penugonda(Mr-IoT)
 
OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017TecsyntSolutions
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Boosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeBoosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeNational Retail Federation
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 

Empfohlen

Mobile Hacking
Mobile HackingMobile Hacking
Mobile HackingNovizul Evendi
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Sina Manavi
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile AppsSophos Benelux
 
Owasp top 10
Owasp top 10 Owasp top 10
Owasp top 10 veerababu penugonda(Mr-IoT)
 
OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017TecsyntSolutions
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Boosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeBoosting IoT Protection: An Enterprise Risk Imperative
Boosting IoT Protection: An Enterprise Risk ImperativeNational Retail Federation
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014n|u - The Open Security Community
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
The Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationThe Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationVeridium
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
OWASP Top 10 for Mobile
OWASP Top 10 for MobileOWASP Top 10 for Mobile
OWASP Top 10 for MobileAppvigil - Mobile App Security Scanner
 
Ethical Hacking Tools
Ethical Hacking ToolsEthical Hacking Tools
Ethical Hacking ToolsMultisoft Virtual Academy
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sPatrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Securing Online Transactions and Customer Data
Securing Online Transactions and Customer DataSecuring Online Transactions and Customer Data
Securing Online Transactions and Customer DataNational Retail Federation
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in ActionSatnam Singh
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingRavi Sankar
 
OWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-DiveOWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-DivePrathan Phongthiproek
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M SecurityYu-Hsin Hung
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksSantosh Satam
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damentalSatria Ady Pradana
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
SpeakInPrivate Phones - Introduction
SpeakInPrivate Phones - Introduction SpeakInPrivate Phones - Introduction
SpeakInPrivate Phones - Introduction Speakinprivate
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authenticationhon1nbo
 
UplinQ - the future of mobile security
UplinQ - the future of mobile securityUplinQ - the future of mobile security
UplinQ - the future of mobile securitySatya Harish
 
The Future Mobile Security
The Future Mobile Security The Future Mobile Security
The Future Mobile Security Qualcomm Developer Network
 

Weitere ähnliche Inhalte

Was ist angesagt?

Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
The Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationThe Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationVeridium
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
Securing Online Transactions and Customer Data
Securing Online Transactions and Customer DataSecuring Online Transactions and Customer Data
Securing Online Transactions and Customer DataNational Retail Federation
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in ActionSatnam Singh
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingRavi Sankar
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksSantosh Satam
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Abhinav Biswas
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
SpeakInPrivate Phones - Introduction
SpeakInPrivate Phones - Introduction SpeakInPrivate Phones - Introduction
SpeakInPrivate Phones - Introduction Speakinprivate
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authenticationhon1nbo
 

Was ist angesagt? (20)

Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014Owasp Mobile Top 10 – 2014
Owasp Mobile Top 10 – 2014
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
The Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric AuthenticationThe Password Is Dead: An Argument for Multifactor Biometric Authentication
The Password Is Dead: An Argument for Multifactor Biometric Authentication
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
OWASP Top 10 for Mobile
OWASP Top 10 for MobileOWASP Top 10 for Mobile
OWASP Top 10 for Mobile
 
Ethical Hacking Tools
Ethical Hacking ToolsEthical Hacking Tools
Ethical Hacking Tools
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
Securing Online Transactions and Customer Data
Securing Online Transactions and Customer DataSecuring Online Transactions and Customer Data
Securing Online Transactions and Customer Data
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in Action
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical Hacking
 
OWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-DiveOWASP Mobile Top 10 Deep-Dive
OWASP Mobile Top 10 Deep-Dive
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 Risks
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
Smart Defense: Strategic Approach to fight contemporary Security, Privacy & A...
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
SpeakInPrivate Phones - Introduction
SpeakInPrivate Phones - Introduction SpeakInPrivate Phones - Introduction
SpeakInPrivate Phones - Introduction
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authentication
 

Ähnlich wie Phone Hacking: A lucrative, but largely hidden history

UplinQ - the future of mobile security
UplinQ - the future of mobile securityUplinQ - the future of mobile security
UplinQ - the future of mobile securitySatya Harish
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksRohan Fernandes
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesTyler Shields
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyMichael Davis
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityVitor Domingos
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDavid Rogers
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobileshome
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...viaForensics
 
Android phone identifiers and eavesdropping audio
Android phone identifiers and eavesdropping audioAndroid phone identifiers and eavesdropping audio
Android phone identifiers and eavesdropping audioAndy Lee
 
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsThreat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsEric Vétillard
 
Security & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things WebinarSecurity & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things WebinarForgeRock
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...Cellebrite
 
Make Mobilization Work - Properly Implementing Mobile Security
Make Mobilization Work - Properly Implementing Mobile SecurityMake Mobilization Work - Properly Implementing Mobile Security
Make Mobilization Work - Properly Implementing Mobile SecurityMichael Davis
 
Cell phone cloning
Cell phone cloningCell phone cloning
Cell phone cloningGudia Khan
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile AppsDenim Group
 
Connected Silicon Security Challenges and Framework - Tyfone - Siva Narendra
Connected Silicon Security Challenges and Framework - Tyfone - Siva NarendraConnected Silicon Security Challenges and Framework - Tyfone - Siva Narendra
Connected Silicon Security Challenges and Framework - Tyfone - Siva NarendraTyfone, Inc.
 
Security Best Practices for Mobile Development
Security Best Practices for Mobile DevelopmentSecurity Best Practices for Mobile Development
Security Best Practices for Mobile DevelopmentSalesforce Developers
 

Ähnlich wie Phone Hacking: A lucrative, but largely hidden history (20)

UplinQ - the future of mobile security
UplinQ - the future of mobile securityUplinQ - the future of mobile security
UplinQ - the future of mobile security
 
The Future Mobile Security
The Future Mobile Security The Future Mobile Security
The Future Mobile Security
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacks
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
 
ISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and PrivacyISACA CACS 2012 - Mobile Device Security and Privacy
ISACA CACS 2012 - Mobile Device Security and Privacy
 
Confraria Security & IT - Mobile Security
Confraria Security & IT - Mobile SecurityConfraria Security & IT - Mobile Security
Confraria Security & IT - Mobile Security
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobiles
 
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
Why mobile-should-stop-worrying-learn-love-root-andrew-hoog-viaforensics-rsa-...
 
Android phone identifiers and eavesdropping audio
Android phone identifiers and eavesdropping audioAndroid phone identifiers and eavesdropping audio
Android phone identifiers and eavesdropping audio
 
Threat Modeling for the Internet of Things
Threat Modeling for the Internet of ThingsThreat Modeling for the Internet of Things
Threat Modeling for the Internet of Things
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
 
Security & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things WebinarSecurity & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things Webinar
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
Extracting and Decoding Smartphone and Tablet Evidence with the UFED Series: ...
 
Make Mobilization Work - Properly Implementing Mobile Security
Make Mobilization Work - Properly Implementing Mobile SecurityMake Mobilization Work - Properly Implementing Mobile Security
Make Mobilization Work - Properly Implementing Mobile Security
 
Cell phone cloning
Cell phone cloningCell phone cloning
Cell phone cloning
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile Apps
 
Connected Silicon Security Challenges and Framework - Tyfone - Siva Narendra
Connected Silicon Security Challenges and Framework - Tyfone - Siva NarendraConnected Silicon Security Challenges and Framework - Tyfone - Siva Narendra
Connected Silicon Security Challenges and Framework - Tyfone - Siva Narendra
 
Security Best Practices for Mobile Development
Security Best Practices for Mobile DevelopmentSecurity Best Practices for Mobile Development
Security Best Practices for Mobile Development
 

Kürzlich hochgeladen

the cOMPUTER SYSTEM - computer hardware servicing.pptx
the cOMPUTER SYSTEM - computer hardware servicing.pptxthe cOMPUTER SYSTEM - computer hardware servicing.pptx
the cOMPUTER SYSTEM - computer hardware servicing.pptxLeaMaePahinagGarciaV
 
1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree
1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree
1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degreeyuu sss
 
Call Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile serviceCall Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile servicerehmti665
 
专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degreeyuu sss
 
NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...
NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...
NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...Amil baba
 
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfPresentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfchapmanellie27
 
Gaya Call Girls #9907093804 Contact Number Escorts Service Gaya
Gaya Call Girls #9907093804 Contact Number Escorts Service GayaGaya Call Girls #9907093804 Contact Number Escorts Service Gaya
Gaya Call Girls #9907093804 Contact Number Escorts Service Gayasrsj9000
 
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls DubaiDubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubaikojalkojal131
 
毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...
毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...
毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...ttt fff
 
vip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Book
vip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Bookvip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Book
vip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Bookmanojkuma9823
 
办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一
办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一
办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一diploma 1
 
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一ss ss
 
Hifi Babe North Delhi Call Girl Service Fun Tonight
Hifi Babe North Delhi Call Girl Service Fun TonightHifi Babe North Delhi Call Girl Service Fun Tonight
Hifi Babe North Delhi Call Girl Service Fun TonightKomal Khan
 
Call Girls In Munirka>༒9599632723 Incall_OutCall Available
Call Girls In Munirka>༒9599632723 Incall_OutCall AvailableCall Girls In Munirka>༒9599632723 Incall_OutCall Available
Call Girls In Munirka>༒9599632723 Incall_OutCall AvailableCall Girls in Delhi
 
Vip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Vip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesVip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Vip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best Servicesnajka9823
 
Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作
Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作
Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作f3774p8b
 
专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degreeyuu sss
 

Kürzlich hochgeladen (20)

the cOMPUTER SYSTEM - computer hardware servicing.pptx
the cOMPUTER SYSTEM - computer hardware servicing.pptxthe cOMPUTER SYSTEM - computer hardware servicing.pptx
the cOMPUTER SYSTEM - computer hardware servicing.pptx
 
1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree
1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree
1:1原版定制美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实留信入库#永久存档#真实可查#diploma#degree
 
Call Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile serviceCall Girls Delhi {Rohini} 9711199012 high profile service
Call Girls Delhi {Rohini} 9711199012 high profile service
 
young call girls in Gtb Nagar,🔝 9953056974 🔝 escort Service
young call girls in Gtb Nagar,🔝 9953056974 🔝 escort Serviceyoung call girls in Gtb Nagar,🔝 9953056974 🔝 escort Service
young call girls in Gtb Nagar,🔝 9953056974 🔝 escort Service
 
专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国旧金山艺术学院毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
 
NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...
NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...
NO1 WorldWide kala jadu Love Marriage Black Magic Punjab Powerful Black Magic...
 
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvfPresentation.pptxjnfoigneoifnvoeifnvklfnvf
Presentation.pptxjnfoigneoifnvoeifnvklfnvf
 
Gaya Call Girls #9907093804 Contact Number Escorts Service Gaya
Gaya Call Girls #9907093804 Contact Number Escorts Service GayaGaya Call Girls #9907093804 Contact Number Escorts Service Gaya
Gaya Call Girls #9907093804 Contact Number Escorts Service Gaya
 
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls DubaiDubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
 
毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...
毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...
毕业文凭制作#回国入职#diploma#degree美国威斯康星大学麦迪逊分校毕业证成绩单pdf电子版制作修改#毕业文凭制作#回国入职#diploma#d...
 
vip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Book
vip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Bookvip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Book
vip Krishna Nagar Call Girls 9999965857 Call or WhatsApp Now Book
 
办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一
办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一
办理(CSU毕业证书)澳洲查理斯特大学毕业证成绩单原版一比一
 
young call girls in Khanpur,🔝 9953056974 🔝 escort Service
young call girls in Khanpur,🔝 9953056974 🔝 escort Serviceyoung call girls in Khanpur,🔝 9953056974 🔝 escort Service
young call girls in Khanpur,🔝 9953056974 🔝 escort Service
 
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
定制(RHUL学位证)伦敦大学皇家霍洛威学院毕业证成绩单原版一比一
 
CIVIL ENGINEERING
CIVIL ENGINEERINGCIVIL ENGINEERING
CIVIL ENGINEERING
 
Hifi Babe North Delhi Call Girl Service Fun Tonight
Hifi Babe North Delhi Call Girl Service Fun TonightHifi Babe North Delhi Call Girl Service Fun Tonight
Hifi Babe North Delhi Call Girl Service Fun Tonight
 
Call Girls In Munirka>༒9599632723 Incall_OutCall Available
Call Girls In Munirka>༒9599632723 Incall_OutCall AvailableCall Girls In Munirka>༒9599632723 Incall_OutCall Available
Call Girls In Munirka>༒9599632723 Incall_OutCall Available
 
Vip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Vip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best ServicesVip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best Services
Vip Udupi Call Girls 7001305949 WhatsApp Number 24x7 Best Services
 
Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作
Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作
Erfurt FH学位证,埃尔福特应用技术大学毕业证书1:1制作
 
专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
专业一比一美国加州州立大学东湾分校毕业证成绩单pdf电子版制作修改#真实工艺展示#真实防伪#diploma#degree
 

Phone Hacking: A lucrative, but largely hidden history

  • 1. Mobile Phone Hacking: A lucrative, but largely hidden history DC4420 David Rogers 27th May 2014 Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved. http://www.mobilephonesecurity.org
  • 2. Car Radio Hacking – 1990s / 2000s  PIN locks to deter and remove value of theft  Hacking tools reset / calculate / remove security codes Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 3. Some Phone Terms: SIMlock & IMEI  SIMlock: – used to secure the device to a particular network during the period of the subsidy, can be unlocked with CK codes by calling operator – Different variants of locks – Recent court case in the US over legality (and lots of other previous fights)  IMEI : – the International Mobile Equipment Identity number – unique to each device – can be blocked if device is stolen  Other interesting information on device that would be hacked – E.g. to change language packs, phone lock removal, text etc.  Big battle between mobile industry and hacking groups between c.1999 and now – has evolved to jailbreak / root community Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 4. ‘Unlocking’ and IMEI changing  What is ‘unlocking? – SIMlocks – Most hacking used to be aimed at the SIMlock area  The security area in the handset would protect all sensitive data – including IMEI and SIMlock  What is a dirty hack? – Hacks targeted against the security area would often cause corruption to data – including the IMEI. – Data such as RF calibration settings would often be wiped out  Hacking tools usually dual-use (SIMlock and IMEI) – Causes problems in countries where IMEI changing is illegal – difficult and costly to get direct proof Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 5. INTERNET Historic Criminal Structure EMBEDDED HACKER HACKING GROUP INTERNET SHOP SHOP OR STALL REPAIR CENTRE APPLICATION HACKER ORGANISED CRIME RE-SELLER END-USERTHIEF DRUG DEALER MASS THEFT SUBSCRIPTION FRAUD STREET CRIME BLACK MARKET EXPORTER (UNLOCKING / IMEI CHANGING) EBAY COUNTERFEITING IP THEFT ‘USER’ CRIMES MURDER ETC. Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 6. INTERNET EMBEDDED HACKER HACKING GROUP INTERNET SHOP SHOP OR STALL REPAIR CENTRE APPLICATION HACKER ORGANISED CRIME RE-SELLER FREE SOFTWARE END-USERTHIEF DRUG DEALER VALUE METHOD £10 - £30 CASH DEBIT / CREDIT CARD £50 - £500 WESTERN UNION PAYPAL POSTAL ORDER £500 - £5000 WESTERN UNION £5000+ WESTERN UNION Mobile Phone Security - David Rogers Historic Financial Structure Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 7. Examples of Hacking Hardware  Standard service repair equipment – Fraudulent purchasing of manufacturer’s equipment  Mass produced hardware by hacking groups – Griffin Box – UFS-3 (Twister) – Blazer – Clips  Evolution – New equipment was constantly developed as new models were released – New technologies and hardware security to ensure revenue Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 8. Mass Manufacture of Hacking Hardware Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 9. Examples of Hacking Hardware (2) • Most hacks steal their solutions from already existing hacks — May seem to be 22 hacks available – just old hacks re-packaged. — Different front-end to software — Different hardware — the ‘golden’ part of the source code is from 1 hack • Lots of ‘ghost’ hacks that are aimed at defrauding people — same in 2012 with jailbreaking on iOS6 Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 10. Hardware Hacking Methods  EEPROM cloning or ‘Chipping’ – Old method – Copied EEPROM with basic equipment – Main aim to put EEPROM with no SIMlock on – Result: IMEI number was cloned  PIC’s (Programmable Integrated Circuits) – Execute small sequences of commands – Placed in-line to ‘snatch’ or modify data  Flash device hot-swapping (almost impossible now)  Exploitation of boundary scan ports  External clips and dongles  Note: less economical than software hacks Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 11. In-line PIC Between SIM and Device Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 12. Software Hacking Methods  Direct change – Breaking a programming algorithm – Finding the correct test interface protocol command • Still used(!) serial communications / USB monitoring equipment  Modifying binary files (software download files) – Inserting jump code – Hijacking other functions in the code to subvert security – Taking advantage of software design flaws  Abuse of boundary scan to monitor phone processes  ‘Dumping’ to logs of data from secure areas  Brute force cracking of algorithms  Theft of information from Design Centres / Factories / Service Centres  “Voodoo Galaxy SIII SIM unlock” tool required device to be rooted… Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 13. Typical (Old) Software Hack Methodology MARKETING LAUNCH AT TRADE SHOW PHONE RELEASED TO MARKET RESEARCH THEFT OF EARLY MODEL NETWORK OPERATOR SAMPLES MANUFACTURER HACKER OPEN SOURCE INFO AND HACKING TOOLS TIMESCALE 0 MONTHS 6 - 12 MONTHS HACKING SOLUTION DISTRIBUTE APPLICATION PROTECT APPLICATION APPLICATION PROTECTION TOOLS PRODUCT SECURITY DETECTION Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 14. Use of Hardware Clips – 5 Second Unlocking!  Simple to use, takes it’s power from the handset  Contains a Programmable Integrated Circuit  Bombards the handset with commands in a repetitive sequence  The handset eventually gives up and resets itself – unfortunately resetting the SIMlock!  This type of attack was used on many different makes of handsets  Clips have now evolved and the term is usually used in reference to dongles Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 15. “Logs”  Used as a method of continually generating revenue for the real hackers and re-sellers at the top of the food chain – a historical issues for hackers  Original concept by 3 Nokia hackers and dealers from Serbia: – George, Boban (Slobodan Andrics) and Dejan (Dejan Kaljevic)  How do logs work? – Encrypted by hackers to avoid cracking by other hackers – An example: • Crack the master security locks -> generate an encrypted log of security area information -> close the security lock on the handset again!  ‘Logs’ will be available only if the hacking solution is two part – ‘Dumb’ client application to communicate with handset – Data is sent to hacker / re-seller – Corresponding data to unlock / change IMEI received from hacker / re- seller Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 16.  Some manufacturers and ODMs used symmetric algorithms based on the IMEI number to generate CK codes – Broken and every possible iteration for each IMEI available  Later versions cracked the factory / service tools because they were leaked rather than cracking the handset  Down to poor manufacturer security and breaking principle of no stored, shared secrets! CK Algorithm Breaches Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 17. De-capping and Focused Ion Beam Equipment Mobile Phone Security - David Rogers Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 18. Newer Hardware and System Level Attacks  George Hotz – original iPhone jailbreak – Used hardware flaw to XOR data address and insert jump code to empty memory where he could execute his own bootloader – Allegedly assisted by European Infineon hacking teams  Rooting – Various methods, exploiting vulnerabilities – Usually used as a staging area for other attacks (e.g. malware) – Examples: • RageAgainstTheCage, uboot, zergRush, gingerbreak • Other private exploits – Some manufacturers providing it as a service in order to prevent people hacking  Legal battles around this area (e.g. US copyright office 2010, 2012) – OK to remove SIMlocks and root devices Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 19. Newer Motivations  Main targets / motivations recently have been:  Rooting / jailbreak device – for piracy / other apps / custom OS / spyware  SIM unlocking – break out of subsidy (cheap device) / fraud / export of stolen devices  IMEI changing – re-enable stolen handsets in same country  Launchpad attacks – spyware / malware / anti-theft tools / in- app billing  Fixing issues – e.g. old SIMlocked device, can’t contact operator Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 20. 2002 2003 2004 2005 2006 2007 2008 2009 2010/11 2012 EICTA / GSMA 9 Principles OMTP Trusted Environment: OMTP TR0 OMTP Advanced Trusted Environment: OMTP TR1 TCG MPWG Specification GSMA Pay-Buy-Mobile FragmentedSecurity Handset Embedded Security Evolution (to 2012) Google / Apple Proprietary hardware security features Banking / film industry requirements WAC RIM / Nokia proprietary security features webinos Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 21. Evad3rs, i0n1c, geohot, RedSn0w – iOS6 & iOS7  iOS6 hack “used more zero-days than stuxnet”*  Millions of downloads – huge market  Evasi0n iOS7 jailbreak rushed out due to competition (and 7.1 release), packaged with Chinese app store (Taig) – Rumoured to be $1million – Rumours of dirty tricks / questionable sources for some holes – Strategic and tactical thinking, all ‘untethered’  Some holes allegedly held back by various teams for future cracks on iOS8  Teams still reverse and hack each others tools (like SIMlock)  George Hotz tried to sell to a Chinese team (via a broker) for $350,000 – Audio clip released with negotiation discussions * Ref: http://www.forbes.com/sites /andygreenberg/2013/02/05 /inside-evasi0n-the-most- elaborate-jailbreak-to-ever- hack-your-iphone/ Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 22. May 2014 – Root Bounty for Verizon & AT&T Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 23. Kill Switch / Anti-Theft Mechanism Targeting?  Obvious this would happen Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved.
  • 24. Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved. Car Radio Hacking - 2014
  • 25. Questions? david.rogers {@} copperhorse.co.uk @drogersuk Mobile Systems Security course: http://www.cs.ox.ac.uk/softeng/subjects/MSS.html Mobile Security: A Guide for Users: http://www.lulu.com/gb/en/shop/david-rogers/mobile-security-a- guide-for-users/paperback/product-21197551.html Copyright © 2014 Copper Horse Solutions Ltd. All rights reserved. http://www.mobilephonesecurity.org