LTE 4G Networks Put Androids At Risk of Overbilling and Phone Number Spoofing

An anonymous reader writes: Carnegie Mellon University's CERT security vulnerabilities database has issued an alert regarding the current status of LTE (Long-Term Evolution) mobile networks, which are plagued by four vulnerabilities that allow attackers to spoof phone numbers, overbill clients, create DoS (Denial of Service) states on the phone and network, and even obtain free data transfers without being charged. The vulnerabilities were discovered by 8 scientists which documented them in their research.

To Be Honest

I have for a while now been tempted to leave Android and I've decided to do so on November 15, which is the day AT&T releases the new Windows Phone 950. Call me mad, but I'm tired of the Android shenanigans, the balkanization between carriers, and even devices within a single carrier. I've got a Nexus 6 at the moment, and it still does not have Marshmallow. I want to wait for the OTA rather than flash it myself, but come November 15, this device is gone.

Hmmm ...

[gstoddart]

So, if it's us who can get ripped off, they'll do nothing to fix this. If it's them who can get ripped off, they'll try to get lawmakers to outlaw that so they don't have to do anything to fix it.

Should we continue to expect telcos to be inept and indifferent to this, and not give a crap if their customers are getting ripped off?

Re:Let me guess.

[GrumpySteen]

Let me guess... you didn't read the paper. Oh look, my guess was right while yours were not.

To be fair, that wasn't actually a guess. Every assumption you made was wrong, so it's pretty obvious that you didn't bother looking at the paper to see if you were even close to correct.

Hardly need spoofing in Canada

[ramriot]

The security issues are not even needed to get over-billed in Canada. With stock Android 5.1 or above (including the latest Marshmallow), use on either of the two main budget carriers can result in roaming data charges even when roaming data is disabled.

In seams, because of a programming decision as to how Android tells if it is roaming inside of a shared NVNO region and the odd decision of these two carriers to mimic in network names when using partner carriers the phone will ignore the users selection to not use roaming data and thus incur charges in the range of $1/MB.

Re:Android wins on openness and marketshare

[BronsCon]

But they run. Or so I hear.

Meanwhile, Nexus devices are guaranteed support for 3 years from first sale or 18mo from the final date of sale on Google Play, whichever is longer. I keep seeing claims from iPhone users that "my 4 year old phone has the latest updates" while pointing out the 18mo EOL. It universally turns out that they have the model that was released 4 years prior and not an older model they simply bought 4 years ago, and that model is still being sold. What they fail to recognize is that software support for iOS devices stops the moment Apple stops selling the device (even when carriers may continue selling them for up to a year). Well, that and the fact that, while they might be running the most recent version of iOS, they only get the most recent features on the most recent devices (I'm glaring at iOS9 for the omission of splitscreening on the iPad Air [which I own], which is more than capable of supporting it; and the sad excuse that was given for Siri only being included in iOS for the 4s when it ran just gone on the 3gs as an app before Apple bought the company).

Android, and I mean true android (read: Nexus devices), on the other hand, only leaves out features that require hardware not present in the device. And, with Google's commitment to supporting the devices for a minimum of 18 months Google stops selling them, even with carriers selling the devices for up to a year after that, Nexus devices have support for at least 6 months after their last date of sale. Contrasted with iOS devices, which are still sold for up to a year after software support has ended, well, it's not hard to see why some of us prefer Android (again, Nexus).

Re:That's

[BronsCon]

Apple made the claim that iOS is not affected, but these are all carrier-side vulnerabilities that only require the app have the ability to send raw packets to the internet, which can certainly be done from iOS, as well as Windows. It's how VoIP apps work.