From joakim@aronius.se Fri Jul 6 02:30:34 2018 From: Joakim Aronius To: cypherpunks-legacy@lists.cpunks.org Subject: Re: 4g hack Date: Fri, 06 Jul 2018 02:30:34 +0000 Message-ID: <172289085137.3849117.3130171212156968971.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1785349970751468600==" --===============1785349970751468600== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable * Christopher Morrow (morrowc.lists(a)gmail.com) wrote: > On Thu, Aug 11, 2011 at 2:32 AM, Charles N Wyble > wrote: > > http://seclists.org/fulldisclosure/2011/Aug/76 > > > > Wondering what folks think about this? If this was true then we just > > entered a whole new era of mass WAN exploitation. > > >=20 > This isn't really all that new is it? haven't people been able to buy > 3g/pcs/etc antennae and such off ebay for a while and intercept > conversations/data/etc for a long time? GSM was 'hacked' (decrypted > via some rainbow tables) several years ago as well. >=20 > If you ship it over the air and there isn't a reasonable encryption > scheme in place, don't you expect it to be seen? GSM and GPRS are vulnerable to MitM due to lack of two factor authentication = etc. WCDMA (3G) and LTE (4G) should be safe as they have much better security= . Not sure about 3GPP2 (CDMA) or WiMAX systems, perhaps early version of CDMA= has similar problems as GSM. But saying that '4G' is vulnerable is a pretty = broad statement as it consists of at least LTE and WiMAX, and some US operato= rs also refer to their WCDMA HSPA as 4G. There is also a difference between '= the standard has security flaws' and 'the operator has deployed an insecure n= etwork' as operators might run their network with security features turned of= f. Anyway, the paranoid should turn of GSM and run WCDMA instead. /Joakim=20 ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============1785349970751468600==--