----- Forwarded message from ianG <iang@iang.org> ----- Date: Wed, 03 Sep 2014 09:57:16 +0100 From: ianG <iang@iang.org> To: Cryptography Mailing List <cryptography@metzdowd.com> Subject: [Cryptography] stories from the real life MITM book Message-ID: <5406D7EC.2030603@iang.org> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 Evidence of MITMs is so rare it has to be trumpeted. Snippets only. http://www.popsci.com/article/technology/mysterious-phony-cell-towers-could-... http://venturebeat.com/2014/09/02/who-is-putting-up-interceptor-cell-towers-... To show what the CryptoPhone can do that less expensive competitors cannot, he points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone. (The map below is from August.) Interceptors look to a typical phone like an ordinary tower. Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device. http://venturebeat.com/2014/09/02/who-is-putting-up-interceptor-cell-towers-... Who is putting up ‘interceptor’ cell towers? The mystery deepens The discovery “appears to confirm real-world use of techniques that have been highlighted by researchers for years,” said Stephen Ellis, manager of cyber threat intelligence at security firm iSIGHT Partners. While noting that his company “cannot confirm the accuracy of this reporting without further information,” Ellis told us that iSIGHT is “highly confident that we have observed real-world use of this technique in support of another of its uses – cyber crime [for] financial gain.” “We have observed and reported on cases in other parts of the world where actors are known to have set up fake base stations to send spoofed SMS messages,” Ellis said, “possibly to send spam or to direct unsuspecting victims to malicious websites.” The Federal Communications Commission (FCC) announced last month that it is launching an investigation into the use of cell network interceptors by criminal gangs and foreign intelligence. We asked Goldsmith if he could be mistaken about the towers. Perhaps they are just commercial ones that seem unusual? “We can definitely tell” that they’re non-network towers, he said, by analysis of the infrastructure. These phony towers, without names as normal towers have, insist to your phone that they must handle the call and then trick the phone into turning off its normal encryption. Such a tower tells you that “none of your towers are currently available,” Goldsmith told us. It says, “‘I’m your tower.’ “If you wanted to listen to a phone call,” he said, “this would be the easy way.” _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography ----- End forwarded message -----