Friday, July 03 2009
I guess it is time again for a news update. I actually wanted to write
one for June but I somehow forgot.
Let's start with the most recent stuff. Charlie Miller partially disclosed
what we are going to talk about at Black Hat at the end of the month. Sadly some reporter over hyped his story. This sucked btw! Here are the original (over hyped) and
the actual facts stories.
The HAR2009 program is out and there will
be some mobile phone security related talks. Public transport SMS ticket hacking seems to talk
about how to hack a SMS-based ticketing systems. cracking a5 gsm encryption will do a state
of the art talk. There will also be a OpenBSC talk that will show how to build and run a GSM
network based on opensource software an hardware everybody can buy. All in
all HAR seems to be quite some fun. Sadly I wont be able to go due to time
conflicts.
Fun find on BugTraq: Multiple Flaws in Huawei D100. The Huawei D100 is a
small home 3G router (product page) that seems to be given out by some ISPs.
A personal side note: I now own/have-full-access-to a BS-11 Abis GSM base station and will soon start to play around with it. Happy happy fun fun.
Thursday, June 18 2009
I've been waiting for quite some time to publish the full details of the iPhone Safari Phone-auto-Dial vulnerability. But since Apple included it again in the just published security fixes for iPhone OS 3.0 I decided to finally
go ahead and publish the details. The examples in the advisory show only the original bug also we found some
variations of it, we didn't put any examples in the advisory.
iPhone Safari Phone Auto-dial Vulnerability also see my iPhone page.
I'm also credited, together with many others, for reporting the issue that Mail loads remote images when
displaying HTML emails. The problem is actually a little bit bigger since also iframes are loaded. I actually
showed them a demo where I can start QuickTime from Mail without user interaction. Do I need to say more?
The second advisory is about the Nokia 6212 classic an Near Field Communication mobile phone. I did a
full disclosure of the bugs at 25C3 in late December 2008 but I never published an actual advisory. I do this now.
Nokia 6212 Classic URI Spoofing and DoS vulnerabilities also see my NFC page.
Thursday, June 11 2009
Sunday, May 24 2009
First of all conferences. EUSecWest
is taking place the coming week in London. It will feature multiple mobile
security related presentations. First Charlie Miller and Vincent Iozzo each
have a iPhone related talk. Second Petr Matousek will speak about
rootkits on Windows Mobile/Embedded and third Ralf-Philipp Weinmann will
talk about DECT decryption. Looks like EUSecWest will be an interesting place
to be this coming week.
Right after EUSecWest PH-Neutral is
taking place in Berlin where I will be showing of a small side project on
mobile phones and web usage. Many other interesting talks will be held as usual.
Black Hat USA started to announce the speaker lineup for this year and yes
I'm one of the speakers. Together with Charlie Miller we will talk about
SMS Fuzzing. So far Black Hat seems to become very strong on mobile phone
security this year. Jesse Burns will talk about Android, Zane Lackey and Luis Miras will also have a talk on SMS but from the description they took a different angle than Charlie and myself. John Hering from Flexilis also seems to have
gotten accepted with a mobile phone related talk that sounds very interesting Is your phone pwned? Auditing, attacking, and defending mobile devices. Last but not least Charlie Miller and Vincent Iozzo will do an iPhone talk. I actually hope for more
mobile phone related talks, lets wait and see.
The Nokia 1100 story is getting more and more annoying. In this article it is reported that this company called Ultrascan
replicated the SMS interception. No technical details of course. So now I'm looking for people who are interested in the topic and who would also like to
understand this and possibly replicate it.
See you at PH-Neutral this weekend!
Update:
So it seems Google/HTC pushes Android security updates without publishing a
change log. WTF?!? Any rumors about what this is about?
Wednesday, April 29 2009
just a quickie, the slides from BlackHat Europe are up for a few days. Here are the
slides for Hijacking Mobile Data Connections and for Passports Reloaded Goes Mobile (clone a RFID passport using an NFC mobile phone). So far Charlie Miller and Vincenzo Iozzo only put up
a whitepaper of their OS X and iPhone talk.
If you can understand German (spoken word) you might want to listen to
Chaosradio Express episode 120
which is about OpenBSC and generally about building GSM networks or actually the software to run a network in your cellar/garage.
In the last week there was a short buzz about a old Nokia phone (Nokia 1100) that could be reprogrammed to sniff SMS messages. The story really sounds
like a hoax since the whole subscriber ID stuff is handled through the SIM
card rather then through the phone itself. There are not many details just the
story. F-Secure has something in their blog about this too.
Yesterday the new Android version cupcake was released for developer phones,
get your cupcake while its still warm :-) Get it from here.
Btw the Technology Review article citing me is only in the next issue (06.2009).
Monday, April 27 2009
starting May I'll be a PhD student at TU-Berlin / T-Labs. I'll be working in the area of Security in Telecommunications with Prof. Jean-Pierre Seifert. I'll basically do the research I've been
doing already: I'll break smart phones and try to make them more secure in
the process. Because of this I'll also move to Berlin shortly.
Saturday, April 18 2009
so I've been using my Android phone (ADP1) as my primary phone
for a week now here some things I have noticed.
Good
Keyboard is really good for writing emails (the current version of K-9 is actually usable)
IM always on, works really nice, this is what I want.
Bad
Maps is not as good as on the iPhone.
Headset is to big and ugly, sometimes function is not everything.
Can't use headset while charging (e.g. while you sit on the train).
Stuff that needs to change or need to exist (also 3rd party stuff)
Headset use while charging!
Headset that has a smaller mic and button (like the one from the iPhone) or
headset adapter for the iPhone headset (mic and button need to work!).
K-9 mail should not download the attachments by default.
I want sync without Google or any 3rd party. I know about Funambol, does it work well? I want to import vCards/.vcf files, I have tried ImportContacts but it couldn't import my test contact.
So far I don't really miss my iPhone but rather have cool new features that I didn't have with the iPhone.