Vodafone Femtocells Rooted, Secret Keys Exposed

AmiMoJo writes "Hackers have discovered the root password for Vodafone femtocells, devices that provide the user with a mobile phone signal piggybacked onto their home broadband. The root password was 'newsys.' Once root access is obtained, phones can be forced to connect to the cell and private keys captured, allowing the user to spoof the victim's phone and potentially make calls or send texts on their account, not to mention eavesdrop."

Femtocells: the next big thing!

[MyFirstNameIsPaul]

Wait, we're still explaining to people on Slashdot what the function of one is?

Re:Femtocells: the next big thing!

[EdIII]

Wait, we're still explaining to people on Slashdot what the function of one is?

The function of a femtocell is to expand the cellular range of a provider, while providing revenue to the provider instead of being an expense. Additionally, the bandwidth consumed is not on their network (cellular network), but on the customers bandwidth.

In the US at least this is abhorrent because the people, through government, granted them so many easements and right of ways, financial incentives, tax breaks, etc.

Despite how much has been given to them they continue to raise prices, encourage "mystery fees", enjoy near infinite profit margins on txt messages, etc. and do not contribute nearly enough to their infrastructures. At just what point are the American People (I don't know how this situation relates to EU), going to get compensated or some sort of benefit from all of "help" we gave the carriers to create the infrastructure?

When the bandwidth runs out and starts costing more... then it becomes issues about piracy and other bullshit that gets us all arguing about Net Neutrality.

The reason why Netflix is such a big deal is because not everyone in a neighborhood can actually be using all of their bandwidth at once. Netflix, regardless of CDNs, causes problems for them.

It is related, because it is all related to the costs of bandwidth and infrastructure.

A femtocell explained more simply is a big FUCK YOU to the consumer by the wireless carriers.

I might be more amenable to it if they leased it and gave me a discount for running one on my bandwidth.

Re:Femtocells: the next big thing!

[EdIII]

Ohhhh, and to add insult to injury in this case the dipshits who configured the femtocells setup a 6 character password.

Seriously?

So now every femtocell they charged a consumer for to get, so they could get better reception and download speeds of their own bandwidth is not only exposing themselves to danger, but the femtocell itself can be used to wreak havoc on the cellular customers in general.

I hate to admit this, but part of me wants to laugh hysterically. The only option is to no longer accept connection from the femtocells and refund all the money, or deliver new femtocells to the existing owners.

Either way, Vodafone is going to get bent over for a jolly good time. They deserve it.

old news

[shortscruffydave]

this was fixed in 2010... http://www.theregister.co.uk/2011/07/14/voda_dismisses_femtocell_base_station_hack/

Re:old news

[EdZ]

They 'fixed' it by changing the default password, not by preventing the devices from sniffing and decrypting data from passers by. Break the new password, and the attack still works as before.

Re:old news

[naranek]

So I guess the old root password was 'sys'

Re:old news

[kyz]

http://thcorg.blogspot.com/2011/07/vodafone-hacked-root-password-published.html

"What we have seen is that Vodafone fixed the way THC gained administrator access to the femto.

This of course does not fix the core of the problem: The femto transfers key material from the core network right down to the femto."

Re:old news

[Dunbal]

nope, that was too short. So it was "sys123".

Re:old news

[Rich0]

This of course does not fix the core of the problem: The femto transfers key material from the core network right down to the femto."

I'd say the core of the problem is that authentication credentials ever leave the phone in the first place. Didn't they ever hear of RSA/etc?

I just don't get it - why doesn't ANYBODY use asymmetric crypto for authentication. And when they do something remotely clever, why don't they ever use a proven off-the-shelf cryptosystem to do it? DRM may be mathematically impossible to achieve, but authentication is something that is completely achievable with the right key infrastructure. And they obviously have the key infrastructure already since symmetric crypto doesn't work without it either...

Re:old news

[Timmmm]

Because authentication is done on the SIM card. When GSM was created I doubt they were capable of public key cryptography.

Re:old news

[Rich0]

Sure, but there was no reason that this couldn't have been upgraded ages ago. Support both protocols in parallel for a few years until tower software is updated.

Instead, we're going to hit a wall at some point when GSM is completely cracked, and suffer with a ton of issues as a result.

I would say the problem is the market, but even the NPV of a hit that big is large today. The real problem is that nobody holds managers accountable for the real consequences of failing to take action over the long term. Sure, you can fire them, but you can't take back the money you paid them for years beforehand.

Re:Streisand

[rbrausse]

nope, not Streisand - afaik Vodafone isn't trying to suppress this information.

S.I. preffix's

[rossdee]

Don't you think that the marketing guys are overdoing it with all these S.I. preffix's

You couldn't even see a femtocell (10 to the minus 15) in an electron microscope

Re:S.I. preffix's

[Rich0]

The base unit is parsec, you insensitive clod!

Re:S.I. preffix's

[Megane]

I think they should start using S.I. prefixes on reward points. They could call them "atto-boys".

Re:S.I. preffix's

[Neil+Boekend]

The base unit should be "distance light travels in vacuum in 1 cycle of radiation corresponding to the transition between two energy levels of the cesium-133 atom"
This is the distance light travels in 1/9,192,631,770 second. Light travels at 299 792 458 m/s, so this is 299,792,458 / 9,192,631,770 = 0.0326122557174941 m (=1.28394708 inch).
That would be a distance that's based on the constants in physics.
However, if we can't convince the USA to switch to the metric system, how can we ever hope to force the complete world to switch?

Re:S.I. preffix's

[Neil+Boekend]

I stand corrected.
However we should invent new SI prefixes, as the current (yotta = 10^24) isn't going to cut it (Planck length is around 1.616252x10^-35 m). To represent something in human scale we'd need a simple word for 10^11 yotta Planck lengths. Maybe terra-yotta Planck lengths? with 10^36 it should be close enough to fit.

Re:S.I. preffix's

[VortexCortex]

However, if we can't convince the USA to switch to the metric system, how can we ever hope to force the complete world to switch?

The USA does use the metric system. Their military, scientists and medical practitioners do. (Hint: "Click = Kilometer")

It's only the general populous that is forced into using antiquated and difficult to convert between standards by the USA's school system, and thus parents as well (being that they were taught to use those units too).

FTWA

According to the American Central Intelligence Agency's Factbook, the International System of Units is the official system of measurement for all nations in the world except for Burma, Liberia and the United States.

It seems the USA is deliberately hindering the populous with their obsolete units of measure. Considering that it is the corporations that control Capitalist America via limitless campaign contributions and lobyists, I think it's safe to say they have an interest in keeping the people of America confused; If it was easy to convert between units the people would be better equipped to be more intelligent shoppers -- "This is $3.99 per pound, but the no-name store-brand is $7.89 for 40oz -- I bet the products are made in the same plant; How much of what dollar ounce pound?! [conversion error -- select familiar name brand to continue shopping]"

Note: Tinfoil hats can not be made from Aluminum Foil; They've made fools of us all!

Re:S.I. preffix's

[cayenne8]

It's only the general populous that is forced into using antiquated and difficult to convert between standards by the USA's school system, and thus parents as well (being that they were taught to use those units too).

I wouldn't term it as forced.

For the most part...the avg US citizen can't really see any major benefit to their day to day lives switching over vs the bit of upheaval and increased monetary costs it would encounter forcing us to change to metric for everything in our ever day lives.

I mean, we're a large country, and the majority of us rarely find need or opportunity to interact with those outside the US that use metric measurements.

I've used metric when I was in college (chemistry, etc)...but honestly, I don't see any benefit it would give me to switch everything over.

At my age..the biggest PITA would be temperature. I know innately how to dress when I hear on the morning weather forecast that the high will be 50F or 90F.

I have no idea without having to look things up on how I'd dress at 20C or 50C.....those values hold no intrinsic meaning to me on how hot or cold things are....just by way of growing up with it and living in a culture with F as the measurement of temperature.

But, no one is forcing us to keep our measurements....we just don't have any compelling reason in every day normal life to want to change. Just be 'be like everyone else' isn't a good enough reason (like jumping off a bridge).

Vodafone = Bad

[improfane]

I can't say I am surprised.

Vodafone are a terrible company. They are one of the most expensive in the UK. They gouge me. I am changing as soon as I can. They claim to offer unlimited texts but if you send a text that is bigger than 160 characters, they charge you. They also don't pay taxes in the UK, they owe 4.8 billion in taxes but our government decided 'to let it go'.

Now in the UK we're facing cuts to public services, education, electricity rises. I'm not bitter. Vodafone is a bad business. You should change from them and warn people of the same. Didn't they have something to do with Egypt censorship too?

Their website is also littered with Java exceptions.

Vodafone = Incompetent

Re:Vodafone = Bad

[Inda]

" if you send a text that is bigger than 160 characters, they charge you."

How does that work?

My phone automatically chops messages up into 160 char parts, one SMS message per part. It's not a modern phone either.

Just curious.

I use Tesco, btw. I can't fault them.

Re:Vodafone = Bad

[NJRoadfan]

Its likely that the phone is sending the longer messages as MMS or EMS, which is likely NOT covered by the "unlimited text messages" plan.

Re:Vodafone = Bad

[improfane]

My phone chops it up into small messages but the 'unlimited' only applies to the first message. I get charged a for additional texts if my message spans more than one. It's a money grab because if I break the text manually into two separate texts, I do not get charged.

This happens on my old W595 (supports MMS) and my current Nokia 1661 (no MMS, no 3G).

Re:Vodafone = Bad

[Timmmm]

Yeah Android had (maybe still has) a bug where texts longer than 3*160 are sent as an MMS.

Re:Vodafone = Bad

[improfane]

My Nokkia 1661 does not support MMS.

Vodafone treat multipart text messages as separate texts on the server side to rip people off. Especially when you consider that it does not charge if you break up a text manually by yourself.

Re:Vodafone = Bad

[mikael_j]

That seems weird, the common way to do it is to have an ID imbedded in the message so that the receiving device can tell which messages are actually parts of the same longer message.

The biggest problem with this scheme is when a device receives only part of the message, all phones seem to handle this differently. Some show what they got after a while, others simply chuck it, others still will hang on to the data just in case a matching ID shows up later (which can lead to hilarity since the IDs are far from unique).

Re:Streisand

vodafone guys are on summer vacation, they're not trying to do anything. it's a MASSIVE cock up. you could in theory&practice buy one of those boxes, do a little work on it and go anywhere in the world to steal anyones (who's phone was willing to roam) imsi numbers and call with them as if they were roaming in uk. if they change the authentications they have to replace every friggin femto cell they've sold. and they must do that. and they're fucked as far as knowing who has done this or not.

The root password is "newsys"?

[Sparx139]

Isn't that kind of insecure? As in, the sort of thing that you would slap people for setting a root password as?

Not a big thing...

[SonOfSengaya]

... if you read Harald Welte's blog: http://laforge.gnumonks.org/weblog/2011/07/14/#20110714-vodafone_femtocell_thc

Re:Streisand

[migla]

nope, not Streisand - afaik Vodafone isn't trying to suppress this information.

That's what they want you to think. They're going for a reverse double anti-streisand. It's a smokescreen. A double-bluff. It's an XK-Red-27 technique.

Re:Streisand

[DeathToBill]

if they change the authentications they have to replace every friggin femto cell they've sold.

Yes, or they could remotely patch the firmware. Which they've done.

You get full marks for logic and grammar.

Re:Streisand

[rbrausse]

according to this press release they reacted. Last year. with an update.

even THC's wikipage claims that the project was enden mid-2010 because of "too much fun with other things". This hack is very interesting, but more for historical reasons and not because everyone is now vulnerable

End-to-end

[bWareiWare.co.uk]

Why dose having root on any cell, let alone a femtocell give you the ability to impersonate and eavesdrop? They should be simply forwarding the encrypted streams to/from Vodaphone they have no need to interpret or modify them. In fact it would have been trivial to design a phone system where even the operators can't eavesdrop, encrypting each call with the receiver's public key. The first time you rang a new number you would have to trust you were getting the correct public-key, but any abuse would be easy to detect and prove. This would mean that voice-mail etc. was only accessible with the original SIM, but that may not be too much of a compromise! You could still require that any phone connecting to the network submits its private keys to law enforcement.

Re:End-to-end

Are you crazy? Vodafone is notorious for enabling easy and unquestioned access to law enforcement. Any form of encryption would make it harder for them to hand over your data.

Re:End-to-end

[drolli]

It would not be legally trivial, for a number of reasons.

Re:End-to-end

[kyz]

Cell networks have the same need for time-critical end-to-end delivery as fixed line networks, and thus have a very similar architecture. They don't look anything like IP networks.

Cell sites place calls on behalf of the mobile, and talk with other cell sites to handover calls in progress as the mobile passes through. They have to be trusted to do that.

GSM encryption works on the basis that the company who issued the SIM card also knows the secret keys inside the SIM card. That way, both ends can synchronise encryption/decryption, even if packets are lost and not re-transmitted. Public-key encryption almost invariably uses a block cipher that can't do that. What use is that to a phone network?

Re:End-to-end

[bWareiWare.co.uk]

As you say the cells need to be trusted with the routing and hand-off. Obviously the cell can always block/drop/throttle calls but that don't mean you should trust them with everything.
To place a call on behalf of a mobile should require a time-limited signed token from the mobile's SIM. Once the call is established it makes no difference if you are routing an unencrypted voice codec or some encrypted data.
Public-key encryption could simply be used for the initial A5/1 initialization key, the voice data itself can still use a stream cipher.

Re:End-to-end

[Rich0]

Mod parent up - either symmetric or public-key encryption requires authentication with some trusted server (is the phone's account activated, etc), and if the central server can hold a copy of a symmetric key it can hold a copy of a public key.

There is also no need to escrow private keys - the network already needs access to the clear voice conversation and dialing info just to complete the call, and that is all the FBI needs. There is no need to be able to clone phones. Plus, if you wanted to clone a phone just assign a new key and have the central server give a positive authentication for either one (ie you manipulate the central database).

As with most things crypto, the GSM creators decided to re-invent the wheel, and the only reason it works is that hackers just haven't quite caught up yet. Once rogue base stations are seeded all over the place, cloned SIM cards will be sold on every street corner in New York, and once again we'll be punching in PINs or whatever to make phone calls as an almost-effective stop gap until the whole system is torn down and replaced.

Nice password

[popo]

A 6 digit, all alpha, all lowercase password, made from real words.

While it's entirely possible the password would have been hacked if the password was 16 alpha-numeric-punc chars, it's hard to by sympathetic to Vodaphone when they're this sloppy.

Slap anyone that sets a root password

[GroovinWithMrBloe]

In embedded devices like these, there is no reason to use a root password. The devices should be locked down completely with a process to update them with signed firmware.

If they need some form of remote access, they should at the very least use SSH PKI.

Oblig

[ThatsNotPudding]

'Can everyone hear me now?'

Thanks for the shitty blog link, slashdot!

[Megaweapon]

Their blog archive goes all the way back to July 2011!

Re:Streisand

[flux]

This will help, but from the security POV, only the devices which have not been rooted; after that, incoming firmwares could be intercepted and applied either not at all or only partially.

I suppose they could have sign the firmware for the boot loader to check, but given the root password 'newsys', this doen't seem to go with their style..

Re:Streisand

[postbigbang]

TFA didn't have any proof of this; is there another link that shows that they did indeed patch the firmware? Can it be remotely updated in a forced push? That would be unusual. Often they're user-driven push routines.

Re:Streisand

[cbiltcliffe]

Yes, or they could remotely patch the firmware. Which they've done.

No, no, no...all you need to do is add a HOSTS file, and everything will be 100% secure until the end of the universe!!

hehehe.

Re:Streisand

[RobbieThe1st]

_ I've seen enough APK posts to find that funny. :P

Asset # + Default password

[sgt+scrub]

I worked for a company that made a security device with a default password for updates. The password was changed, post build, using the asset (serial) number of the device, a label added to the bottom of the device after install, with the default password added to the end of the string. This ensured that every device had a semi-unique password that required physical access to the device for anyone to figure out the first part of the manufacturer password. Not being a dumb ass company, that was not sufficient for them. Why? Despite the fact that the asset number was alpha numeric, all one needed to do is look at two devices to see the sequence (nn-cc-nnnn-cc-nnnnn). From there, generating nn-cc-nnnn-cc-nnnnn sequences in front of a properly guessed default password would allow brute force attacks. Anyway, the simple answer to the problem is to have a good enough UNIQUE default password then force the buyer to enter a password before the device would work.

Written Design Plan for Femtocell?

[BoRegardless]

How could a major project at a major public company start without addressing security?

Re:Streisand

[cayenne8]

Hmm...might be a good time to go out and buy one of these things....for *ahem* research.

:)

Re:Streisand

[Jeremiah+Cornelius]

newsys.

Ferchrissake! plaintext, all lowercase. Not even a long, machine generated key!

It looks like the credentials for the dev lab were never updated.

six-character passwords considered harmful

[adavies42]

why does anyone ship anything with a six-character password? why does any website allow them? eight is barely sufficient given recent gpu-based attacks, and i seriously doubt people who have trouble remembering eight characters have any less trouble with six.

Re:Cbiltcliffe's "Greatest-Hits" Part #1 (lol, not

[WrongSizeGlass]

Umm, is there a way to modify my HOSTS file so I don't ever have to see your ramblings again? 'Cuz that would be a good reason to modify my HOSTS file.

Re:RobbieThe1st - R U A sockpuppet of cbiltcliffe'

[cbiltcliffe]

Wow! Watch the spittle fly!!!