3G and 4G USB Modems Are Security Threat, Black Hat Presenter Says

alphadogg writes "The vast majority of 3G and 4G USB modems handed out by mobile operators to their customers are manufactured by a handful of companies and run insecure software, according to two security researchers from Russia. Researchers Nikita Tarakanov and Oleg Kupreev analyzed the security of 3G/4G USB modems obtained from Russian operators for the past several months. Their findings were presented this week at the Black Hat Europe 2013 security conference in Amsterdam. Most 3G/4G modems used in Russia, Europe, and probably elsewhere in the world, are made by Chinese hardware manufacturers Huawei and ZTE, and are branded with the mobile operators' logos and trademarks, Tarakanov said. Because of this, even if the research was done primarily on Huawei modems from Russian operators, the results should be relevant in other parts of the world as well, he said."

No suprise here

[fustakrakich]

Mandated backdoors aren't very well hidden. The only alternative for the authorities is to arrest the people who uncover them. Soon the 'blackhats' will have to meet in secret to protect themselves.

Tarakanov said that they weren't able to test baseband attacks against the Qualcomm chips found inside the modems because it's illegal in Russia to operate your own GSM base station if you're not an intelligence agency or a telecom operator. "We'll probably have to move to another country for a few months to do it," he said.