A modified phone can block all calls and SMS in a cell
By making simple changes to a regular Motorola phone, researchers from Berlin were able to block calls and text messages for people in the same location area. Their method works in 2G networks, which are the most common in the world, writes MIT Technology Review.
The attack is to modify the firmware, which can deceive the network of delivery of incoming calls and SMS. In theory, a single phone can block a service for all subscribers of a base station, says Jean-Pierre Seifert, head of the research group at the Technical University of Berlin. Seifert and colleagues presented their report at the Usenix Security Symposium in Washington last week. Below you can see a video demonstrating the experiment:
')
Seyfert and colleagues changed the firmware of the baseband processor, which is responsible for communicating directly with the transmitting station. In a normal situation, when calling or SMS, a cell “polls” the connected devices to search for the one to which they are intended. And only one phone answers, in fact, saying “This is me,” explains Seifert. The actual call or message comes to him. A modified firmware can answer any call and do it faster than the victim. When polling, she will say “This is me,” and the subscriber will never receive a call.
The group of researchers, however, never intercepted calls or SMS in reality, she was able to hack the process of polling devices and test it on their own numbers. According to the assumptions, in their location area for the complete shutdown of the country's third mobile operator E-Plus, only 11 modified phones will suffice. “All of them will listen to network requests and answer“ It's me, ”no one will receive any calls or SMS,” says Seyfert. “The response of the operators is illegal,” he continues. “However, the good old days in which you could assume that all phones are trustworthy and follow the protocol are over.”
The basis for the work was the leaked several years ago firmware for the baseband – processors of individual phones. This allowed scientists to understand how the algorithm works and “improve” it.
Researcher Jung-Min Park of Virginia Tech notes that although the attack requires some deep knowledge, being implemented "it can be repeated by any engineer if you have access to the right hardware and software."
It should be noted that although many operators already use 3G and 4G services, GSM networks of the second generation remain the most common in the world. About 4 billion people use them to make calls, and operators use them for machine-to-machine applications. It is possible to fix the vulnerability, but this will require changes in the GSM protocol. “Protection is expensive,” said Victor Bal from Microsoft. "I can only assume that mobile operators do not want to invest in it without an immediate threat."
The attack is to modify the firmware, which can deceive the network of delivery of incoming calls and SMS. In theory, a single phone can block a service for all subscribers of a base station, says Jean-Pierre Seifert, head of the research group at the Technical University of Berlin. Seifert and colleagues presented their report at the Usenix Security Symposium in Washington last week. Below you can see a video demonstrating the experiment:
')
Seyfert and colleagues changed the firmware of the baseband processor, which is responsible for communicating directly with the transmitting station. In a normal situation, when calling or SMS, a cell “polls” the connected devices to search for the one to which they are intended. And only one phone answers, in fact, saying “This is me,” explains Seifert. The actual call or message comes to him. A modified firmware can answer any call and do it faster than the victim. When polling, she will say “This is me,” and the subscriber will never receive a call.
The group of researchers, however, never intercepted calls or SMS in reality, she was able to hack the process of polling devices and test it on their own numbers. According to the assumptions, in their location area for the complete shutdown of the country's third mobile operator E-Plus, only 11 modified phones will suffice. “All of them will listen to network requests and answer“ It's me, ”no one will receive any calls or SMS,” says Seyfert. “The response of the operators is illegal,” he continues. “However, the good old days in which you could assume that all phones are trustworthy and follow the protocol are over.”
The basis for the work was the leaked several years ago firmware for the baseband – processors of individual phones. This allowed scientists to understand how the algorithm works and “improve” it.
Researcher Jung-Min Park of Virginia Tech notes that although the attack requires some deep knowledge, being implemented "it can be repeated by any engineer if you have access to the right hardware and software."
It should be noted that although many operators already use 3G and 4G services, GSM networks of the second generation remain the most common in the world. About 4 billion people use them to make calls, and operators use them for machine-to-machine applications. It is possible to fix the vulnerability, but this will require changes in the GSM protocol. “Protection is expensive,” said Victor Bal from Microsoft. "I can only assume that mobile operators do not want to invest in it without an immediate threat."
Source: https://habr.com/ru/post/191514/
All Articles