Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spoken Commands Crash Bank Phone Lines

Posted by samzenpus on Monday September 17, 2012 @02:24AM from the initiate-self-destruct-sequence dept.

mask.of.sanity writes "A security researcher has demonstrated a series of attacks that are capable of disabling touch tone and voice activated phone systems, forcing them to disclose sensitive information. The commands can be keyed in using touchtones or even using the human voice. In one test, a phone system run by an unnamed Indian bank had dumped customer PINs. In another, a buffer overflow was triggered against a back-end database. Other attacks can be used to crash phone systems outright."

1 of 178 comments (clear)

Min score:

Reason:

Sort:

Re:Video of the talk by bouldin · 2012-09-17 02:46 · Score: 5, Informative

There's more detail here, including links to papers: http://voipsecurityblog.typepad.com/marks_voip_security_blog/2012/09/dtmf-telephony-denial-of-service-tdos-issues-for-ivrs.html