So while struggling to write my latest paper on mobile communication technology and the associated vulnerabilities found at the various layers of the network stack, I found this odd little graphic and thought: gee, this really sums up how I feel right now…
Of course it doesn’t make writing about 3G network implementation mistakes (Man-in-the-middle attacks on UMTS) any easier, but it did waste some time.
2009/06/05: Update: Ok, so the paper has been submitted. Now I’m a bit humbled, as I thought 3G mobile network connections were somehow sacred .. and somewhat ‘safe’ from hacking efforts. Alas, what a foolish concept. 3G (or UMTS) is no more immune to hacking than any other network technology that we currently use. UMTS is apparently vulnerable to (trivial?) man-in-the-middle attacks due to the carrier implementation of our shiny new 3G networks. Of course pure UMTS (3G) data networks would be best, however there is this entire encompassing 2G GSM network that includes base stations and controller infrastructure. Our friends K. Kotapati and associates outline some serious issues in A Taxonomy of Cyber Attacks on 3G Networks. Unfortunately telecom carriers are not going to replace all the 2G infrastructure until absolutely necessary – this opens the vulnerability of 3G equipment (like our new iPhone 3G’s) as they roam onto 2G GSM networks until it has been replaced by all 3G UMTS (or various CDMA varients). Basically 2G base stations are not expected to protect the integrity of signaling messages and are subject to spoofing and manipulation by malicious parties. So someone can impersonate a 2G base station and force your shiny new 3G handset to operate in clear-text .. enabling subscriber information theft and eavesdropping on any non-SSL protected transactions. Hmm. Holy cr@p. Considering a friend of mine has demonstrated this in Calgary in January 2009, this is a bit too close to home for comfort. So if your phone indicates it’s on the EDGE network (E) vs (3G) .. I’d think about turning the power off or at least enclosing your precious iPhone (or Storm) in tin foil .. until you can get back on a 3G network segment.
Wow. So much for the new mcommerce, eh?