Slashdot Mirror
Researchers Find 36 New Security Flaws In LTE Protocol (zdnet.com)
An anonymous reader quotes a report from ZDNet: A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world. The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic. They were discovered by a four-person research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), and documented in a research paper they intend to present at the IEEE Symposium on Security and Privacy in late May 2019.
The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past. They discovered this sheer number of flaws by using a technique known as fuzzing --a code testing method that inputs a large quantity of random data into an application and analyzes the output for abnormalities, which, in turn, give developers a hint about the presence of possible bugs. The resulting vulnerabilities, see image below or this Google Docs sheet, were located in both the design and implementation of the LTE standard among the different carriers and device vendors. The KAIST team said it notified both the 3GPP (industry body behind LTE standard) and the GSMA (industry body that represents mobile operators), but also the corresponding baseband chipset vendors and network equipment vendors on whose hardware they performed the LTEFuzz tests.
The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past. They discovered this sheer number of flaws by using a technique known as fuzzing --a code testing method that inputs a large quantity of random data into an application and analyzes the output for abnormalities, which, in turn, give developers a hint about the presence of possible bugs. The resulting vulnerabilities, see image below or this Google Docs sheet, were located in both the design and implementation of the LTE standard among the different carriers and device vendors. The KAIST team said it notified both the 3GPP (industry body behind LTE standard) and the GSMA (industry body that represents mobile operators), but also the corresponding baseband chipset vendors and network equipment vendors on whose hardware they performed the LTEFuzz tests.
"Eventually, it turned out LTE was more flaw than protocol".
"There is more worth loving than we have strength to love." - Brian Jay Stanley
You just don't matter in this case either.
Well, Im find as I dont use LTE I am using 5G E from AT&T
You folks stuck with 4G LTE are screwed now!
Good to know that Ajit Pai is working hard -
The FCC Has Fined Robocallers $208 Million. It’s Collected $6,790
https://www.foxnews.com/tech/the-fcc-has-fined-robocallers-208-million-its-collected-6790
https://www.wsj.com/articles/the-fcc-has-fined-robocallers-208-million-its-collected-6-790-11553770803
My pal Bruno could easily deliver 60% of the balance due within a month.
Just give him a list of the guilty and the amounts they owe.
And he won't make a single robocall.
Because lazy.
You check the fucking input. This should be drummed into their heads. Alternatively, let their bank accounts be managed by banks with similar mentalities.
Okay, so are these flaws in the protocol proper or in the implementations?
If the former, who the fuck let these clowns "design" this thing?
More responses along these lines please!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Boffing and fucking are the same thing, douchebag.
But you're a class A idiot asshole motherfucker who whines just because you lost.
I will fuck your asshole, bitch. Hard. You will scream.
Okay, so are these flaws in the protocol proper or in the implementations?
Although I posted in jest, this is a really good question...
I would argue that it's hard to really say something is purely an "implementation bug" in a system where the protocol is so complex, many implementation flaws are pretty much inevitable.
Designing a spec at the level of LTE though, I'm not sure it's really possible to design without a lot of complexity though, so in reality although I joke I personally cut the protocol designers a lot of slack as they are doing a hard job, and LTE seems to have worked out pretty well despite flaws.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
DoS attacks against a single basestation are meaningless to protect against at the protocal level. A malicious transmitter could simple transmit garbage over the full band at full power near the basestation, blocking all proper traffic, anyway.
Asians are short. So their eyes are closer to the code than most other nationalities. Caucasians are too tall and gangly. Their eyes are too far away from the code to perform a proper review.
Ahh, but have you done studies that record set monitor height by race? If not I'm not sure you could consistently determine distance to code. You'd also have to record screen to eye distance factoring in the spacing from eye to screen in addition to height, the amount of lean-in by race, and average font size to determine comprehensibility to distance ratios.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
51 vulns? So what? I mean, it's not like someone could use this to exploit millions upon millions of handheld computers, right? right? guys? -_-
Anons need not reply. Questions end with a question mark.
The article mixes up bugs in the standard with bugs in software. Fuzzing is a technique used to attack specific software implementations not standards. It looks like they did both, but the article mixes up terms.
Asians are short. So their eyes are closer to the code than most other nationalities. Caucasians are too tall and gangly. Their eyes are too far away from the code to perform a proper review.
All LTE's bug are HUAWEI'S faults !
Blame HUAWEI for the bugs !!!
The telco boys have historically tended to put too much complexity in what they create. The internet and ethernet boys tended to go for too little, then try and "fix it in software, later", that really doesn't work too well either.
But I'd think that with the fifth generation, positioning itself in name already for the long run, giving themselves a greenfield yet again, they'd learned to find some sort of middle way. Complexity in the right places, no complexity where it doesn't need to be. And, yeah, a solid understanding of just how to make protocols robust and with as few holes as possible. There's no shortage of examples how not to do it, so plenty of study material available.
Turns out their contribution is yet another example of how not to do it. They can go join the W3C already, sheesh.