Slashdot Mirror
A New Attack Allows Intercepting Or Blocking Of Every LTE Phone Call And Text (theregister.co.uk)
All LTE networks and devices are vulnerable to a new attack demonstrated at the Ruxon security conference in Melbourne. mask.of.sanity shared this article from The Register:
It exploits LTE fall-back mechanisms designed to ensure continuity of phone services in the event of emergency situations that trigger base station overloads... The attacks work through a series of messages sent between malicious base stations spun up by attackers and targeted phones. It results in attackers gaining a man-in-the-middle position from where they can listen to calls or read SMS, or force phones back to 2G GSM networks where only voice and basic data services are available...
[Researcher Wanqiao] Zhang says the attacks are possible because LTE networks allow users to be handed over to underused base stations in the event of natural disasters to ensure connectivity. "You can create a denial of service attack against cellphones by forcing phones into fake networks with no services," Zhang told the conference. "You can make malicious calls and SMS and...eavesdrop on all voice and data traffic."
[Researcher Wanqiao] Zhang says the attacks are possible because LTE networks allow users to be handed over to underused base stations in the event of natural disasters to ensure connectivity. "You can create a denial of service attack against cellphones by forcing phones into fake networks with no services," Zhang told the conference. "You can make malicious calls and SMS and...eavesdrop on all voice and data traffic."
We need END-to-END security. Now.
So often it seems that falling back to an older, less secure system or protocol is a method to circumvent newer, safer technologies (POODLE springs to mind as an example)...
Shouldn't there be an accepted practice of NOT being backwards compatible with a system that's known to be insecure? Cuz like, what's the point otherwise? At the very least perhaps new systems like TLS or systems that rely on older hash functions could have a scheduled phase-out of backwards compatibility built-right into the spec.
(okay I'm talking out of my ass here.. someone please school me on how this is already being done.)
No industry reach-out and responsible disclosure after the time needed for them to contemplate and execute a change across a 100K+-node base station network?
This is why we can't have nice things.
I disagree. If people would make their shit secure in the first place, it wouldn't be a problem.
Maybe if we had more exposure of 0-day flaws and associated attacks, people would work a little harder to creating flaws to begin with.
It depends why any telco issue exists and is fixed or not fixed.
Greek wiretapping case 2004–05
https://en.wikipedia.org/wiki/...–05
SISMI-Telecom scandal
https://en.wikipedia.org/wiki/...
or why "Fake Mobile Phone Towers Operating In The UK"
http://news.sky.com/story/fake...
Domestic spying is now "Benign Information Gathering"
Just because it's possible, doesn't mean it can be done.
This attack breaks multiple laws, and regulations.
As noted in another post. The equipment to do this is expensive.
It's not a targeted attack. There's no way to pin an individual, they might just get lucky and get through on the real cell.
Just alarmist ranting, for now.
You just broke 2FA.
So T-Mobile customers shouldn't notice any interruption in service.
On the other hand, corporations don't give two shits about security until it hits them where it hurts, in the pocket book. Without disclosures like this, security is treated as an add-on insurance expense if it's considered at all.
I'm pretty sure I saw this exact same presentation at DEFCON a few months ago.
This sounds like a national security issue that any country should look into. Can be used to disseminate false information prior to an invasion?
This is why using Signal is critically important.
This is not new - it was at Defcon in august.
Isn't this pretty much what a Stingray does? Or does Stingray use weaknesses deliberately built into the networks?
As a slashdotter the only person I'd ever have to call or text is mom, and I can just yell upstairs for that!
software upgrades could be automated...
Subject should be 'thanks Ericsson (3GPP)' for a useless feature because the core network can't handle the call volume in natural disasters anyway
Ya'see, I'm getting sick and tired of hearing this goddamn argument over and over again. "Just make it secure in the first place", like technical security is just a magical flip of a switch. "Oh, Yeah, I downloaded and installed the SECURE library into my app, things are PERFECT now!"
Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow. This is true of both software and non-software technical systems. This is true of both open and closed source software. This research that happened is EXACTLY what we need to ensure security, having people willing to disclose vulnerabilities to the general masses, because similar exploits may exist in other implementations. The alternative is selling exploits on the black market. Which would you honestly prefer?
I'd guess this is how the stingray cell phone snooping devices have been working all along.
Now, at least we understand the technical means by how they work.
My UID is prime and so is this number: 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0.
Umm...are you sure? I saw this girl talk in Las Vegas a few months ago at Defcon. This isn't new. This is a known exploit.
How about a DDOS against these pigfuckers!
"What is deemed secure"? If it's not secure tomorrow, then it's not secure today. Alas, all software is insecure and should not be used where security is needed. Can we outlaw online banking and online stores now please?
Minimum jail time 15 years for running such an establishment.
You think protocols like this are insecure by accident?
That in a group of hundreds of the smartest engineers in the world, come together to design the latest app/framework/protocol, not a single one of them piped up "hey guys, what happens if this fallback mode we're adding is triggered by an adversary? how can we prevent or mitigate that to make sure our users aren't at risk?"
Experience would surely lead you to the conclusion that 'flaws' like this are intentional.
Some software can be proven secure. Look at sel4. It's just that software engineers take shortcuts. If you design an aircraft wing you have to prove that it can take the load with math and physics. When we write software we assume it's good enough because we "tested it thoroughly". I guess it's time to start treating software engineering like real engineerings. Hold them accountable and teach them how to prove things secure before they are allowed to use technology. I feel like most software engineering are simply stumbling around in the dark when it comes to security.
In the case of mobile networks, "make it secure in the first place" is valid criticism. These standards are made to be breakable. Just take a look at the cryptographic options, for example in 2G: There's a null-cipher in there, a cipher with laughable key length and a cipher that had not been tried and tested. About the only part with decent protection is that the cards can't be cloned (except by the network operator). The handsets have no way of authenticating the base stations. The phone system backend basically relies on the honor system. The list goes on and on. Maybe it's unrealistic to ask that it should be made secure in the first place. But they could at least try.
You are right on the principle of course, but in this case we should consider that LTE is not THAT old, and that basic security features in communication includes establishing identity of the communication party (in this case the tower) and raising hell when something is wrong. Our browsers have done it for ages, with varying levels of success, but mobile phones do not even try. And I am not even talking about lack of end-to-end encryption yet. At the time these risks and the potential solutions where well known, the GSM networks where already being exploited. Yet the choice was made to not include some basic protections, like end-to-end encryption, and user notification when the connection was fishy.
It is quite simply hard not to conclude that end-user security is not that high on the priority lists of Telecom standards organizations, equipment manufacturers, telco's and governments.
No industry reach-out and responsible disclosure after the time needed for them to contemplate and execute a change across a 100K+-node base station network?
This is why we can't have nice things.
If it is known by white hats then it is known by black hats.
Anyone who wants to exploit this already have the knowledge and is doing so.
The only reason to stay quiet is to let someone save face.
Also, experience tells us that companies prefers to not to jack shit before they absolutely have to. Things doesn't get fixed until the problem becomes public knowledge.
GSM was full of holes and worthless and now its direct descendant LTE has similar holes. WHAT A SURPRISE.
And of course the industry rubbed their hands about the GSM issues and they will do so again about LTE. Everyone has spent too much money on this shit to go back now and fix it.
Apple had some major issues with their early iPhone security because they were of course GSM-only for a long time and any competitor who wanted to listen in on test calls or record everything only needed to setup a GSM eavesdropping station, would would fit in a briefcase and could be run from a car in the parking lot, and they'd have the whole thing. I have no doubt that happened. And now, it will with LTE too.
The presentation was by a woman, too. The world has changed, basement dwellers.
Sig for hire.
Which would you honestly prefer?
And which would the government prefer?
If only it were that easy. So much of security is a case of people abusing behavior of a complex system. Its difficult to image how some of these complex interactions might be exploited ahead of time.
This is a case where for the most part the system is working as designed. A high amount of traffic is detected so the system pushes the devices to fall back on legacy resources so the system of call handling over all can continue to function. It just so happens the high traffic isn't a bunch of devices all wanting voice and data at one but a basically a DOS attack. There isn't much you can do about DOS attacks on over the air media. If someone wants to jam a signal they can. This is basically that but they happen to be doing some protocol participation as well.
Availability is part of security, should the system just fall over under high load instead? Would that be 'more secure' in your estimation or less?
Honestly what should probably happen is the handset should ask.. "LTE fallback requested, voice and data privacy not assured, do you wish to proceed?" Now you are back to a human problem where they have to make a judgement call. They also have to be savvy about the situation, and ask themselves is this likely happening because of some congestion event or is this an attempt to MITM me?
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
I disagree. If people would make their shit secure in the first place, it wouldn't be a problem.
A typical LTE connection will have multiple levels of security including private encrypted identification tokens, security on SIM cards, Air interface protection, and security in the backhaul. This is protected by no less than 7 different cryptographic keys in the process.
But yes the standard was designed without any security in mind. What were these "experts" thinking and why didn't they consult A.Coward here who has the answer to everything.
It's worse than this. LTE downgrade attacks have been known about for many years. The lack of mitigation against such attacks is also the reasons stingrays work so well. If devices could authenticate the basestation and prevent downgrades to weak encryption schemes like was suggested in ... I think I heard about this personally 3 years ago the first time... then neither stingrays nor this current attack would be an issue.
That's a good point, but in this case i think you need to consider that these fallback modes have always been exploited and therefore putting one in is almost always a bad idea, and at least has to be done with great care. This was not done with great care.
Actually it might have been. We know that the NSA would run around and make suggestions to weaken standards, or to complicate them so that vulnerabilities would creep in. We know they had a lot to do with how IPSec has a mode with NO encryption at all for instance. Same kind of attack, btw. Make the client do something downgraded and useless and of course don't bother telling the user about it when it happens. You know, like GSM phones are supposed to by specification warn end users when their calls are unencrypted because the base station set it that way and yet somehow no carriers' phones anywhere actually do this. I wonder why that is.
In other words, I don't believe this is a new attack. It may be newly discovered by someone not associated with the evils that are law enforcement and intelligence these days, but it's likely not new and even more likely has been exploited for years by people who designed it or 'suggested' for it to be insecure on purpose.
He mans the interceptor attacks the police have been using for years now? Who knew?
Seriously though... how much did the research cost to discover what mainstream news has been saying repeatedly?
Well, for a lot of uses, slap-dash is "good enough". I don't really need my $30/month prepay service that I use to get phone calls from my wife telling me to pick up laundry detergent to be bulletproof - it just needs to work well enough that I get by another month without getting too pissed off. If they went all space shuttle control software on my phone and the network, it probably would all drift outside of my price range. I suspect for high-security applications, there are already bolt-on solutions that let you securely communicate with your basement email server.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
This isn't something that can eavesdrop on LTE calls, it just forces the phone off of LTE back onto older more insecure air interfaces. But it does make sense now why no phone I've ever owned allows me to force LTE-only mode (without resorting to rooting, jailbreaking, or other hacking), they need to make sure the TLAs can backdoor us onto their stingrays at any given moment.
This mentality is the result of the never-ending push to get new products to market, not with the difficulty of securing a product/technology in the first place. Hardware and software are insecure not because of some *inherent* insecurity, but because consumers demand (nay, *expect*) new products that they can consume. That consumerist conditioning drives ever-greater insecurity since, as products develop with respect to processing power, storage, and sensor capabilities, the insecurities are pushed to the back-burner, and their resolution is given lower priority than rounded corners or a sharper screen.
People get exactly what they ask for, and get to suffer the consequences for it.
"Proving" something assumes your proof is correct. Turtles all the way down.
Ya'see, I'm getting sick and tired of hearing this goddamn argument over and over again. "Just make it secure in the first place", like technical security is just a magical flip of a switch. "Oh, Yeah, I downloaded and installed the SECURE library into my app, things are PERFECT now!"
Actually, when it comes mobile phone networks, it is (or was) a case of flipping a magical switch. Cell phone standards were deliberately crippled, security-wise:
A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. It was used for export instead of the relatively stronger (but still weak) A5/1.
* https://en.wikipedia.org/wiki/A5/2
Later they went with A5/3 (aka KASUMI) instead of the more secure MISTY1, or even AES (which was already available by then):
* https://en.wikipedia.org/wiki/MISTY1
And as many problems as SSL/TLS has had, if the cell industry had used it instead of the mess that they're currently using, things wouldn't be as bad as they are now. And the mobile phone operators have a lot easier in some regards: with TLS you have to have the garbage that is CAs to build trust, while with SIM cards you have a pre-existing cert/key distribution system You'd think they'd be able to leverage that to build a robust network.
So while there are many places where security is hard, the cell phone industry seems to have screwed the pooch when it comes to keeping over-the-air signals safe from attackers. I've dealt with SS7, and can understand the back-end stuff being convoluted, but there isn't as much of an excuse for the radio component of their network.
Yet another illustration that those who absolutely need to keep their communications intact need to have amateur radio for backup when the purposes are non-commercial.
1. For local communication, use VHF/UHF, possibly in conjunction with repeaters.
2. For longer distances, use the appropriate HF bands or, in some cases VHF/UHF satellite communications.
The advantage of both is that the link depends only on equipment at each end. It doesn't depend on a complex and vulnerable infrastructure.
I prefer black market sales.
Of course, I am also rooting for the EMP too.
In this case, the solution is already available. When a new tower is spun up, to flag it as "unsafe" until a valid tower says otherwise.
I have a good idea where all the towers are in my city, if a new one was spun up, I'd know about it fairly quickly. And there are projects that have very detailed information on existing towers. The problem with this kind of attack, is that it is very short lived because it would be easy to triangulate where the bad tower/Node actually is.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Couldn't this be solved by most networks updating their phones with a big ol' whitelist?
DNSSEC is underused because its root certificate is only 1024-bit RSA. At least that's why DANE support in Chrome is turned off.
Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow.
While I agree with you on this point, you aren't looking far enough at the problem.
The real problem is the number of these devices that never see updates/patches from the vendor. This plays out in two ways. The first being that the vendor never patches anything and the second is while they do, they don't make it simple for the average user to A) find out about the update and B) install it.
The other problem we have is that security is not a selling point for the average user. They pay attention to the bling, so even if there was somewhere you could go to get honest and up to date security reviews on products before you buy them, most people wouldn't. While I am no fan of government regulations (due to how they instituted and implemented in highly politicized manners), this is something where the world could benefit.
In the later regard I view it much like vehicle emissions. The majority of people just don't care and even many of the ones that do don't understand how wrong they are on the facts. As such it is valuable for governments to step in with clear and impartial (it's Monday, everyone needs a good laugh to start the week) requirements that manufactures must meet before their cars can be sold.
Something similar should be in place for network connected devices to force companies to be better actors. Otherwise, as in every other industry to date, corners will be cut on consumer/environmental safety since such enhancements will generate little if any revenue. It should not be left to the person that can't figure out how to connect their cable router who is also the same person that will think an Internet connected TV or fridge with built-in cameras are a good idea...
Come to think of it, I would notice a new tower as well because of my "Llama" app that uses the towers to trigger actions.
But so long as the CIA/NSA/KGB/Verizon or whatever nefarious agency is willing to forward my conversation about milk to the proper wife, I'm good.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
Then why are people setting up man in the middle attacks with ease?
"Just because it's possible, doesn't mean it can be done."
Actually, that is exactly what "possible" means.
You cannot *prove* security. Security is not a set of absolute laws, it is a subjective call. There are of course some *limited* facets that are more concrete (buffer overruns are never good, for example), but security is a big thing that encompasses a lot and in fact two different approaches can both rationally call each other insecure and themselves secure, depending on perspective.
XML is like violence. If it doesn't solve the problem, use more.
I think the point is despite *trying* to design it 'secure it in the first place', there were failures. It's easy to criticize in hindsight, and claim that if they had just secured it *right* in the first place, this wouldn't be a problem, but it is disingenuous to say they didn't even try.
This is the crux of the problem for security. Even if you *try* to do it right, there is every likelihood that you will mess up. Even if you pull in a 'trusted security company' to audit your design, they'll frequently do an inadequate job because they lack expertise in what you are doing to credibly know if it is secure. They'll look for things that vaguely resemble other generic things and sometimes yell loudly about some non-issue that makes no sense in context, and at the same time completely miss glaring security issues.
XML is like violence. If it doesn't solve the problem, use more.
No industry reach-out and responsible disclosure after the time needed for them to contemplate and execute a change across a 100K+-node base station network?
This is why we can't have nice things.
Yeah, let's see if we can get back to analog phones, and back to the era when it would cost gobs of cash to call different area codes, let alone different countries
What arrogance.
Putting a lock on a door indicates it was designed with security in mind, but does not mean it is secure.
has the NSA and FBI not had this technology for years?