General Musing

blaze your trail

Posts Tagged ‘gsm

6 Months of Security Links #2011

leave a comment »

I’m a regular curator of daily links, and like to give overviews of my collection of curated links and posts. This is partly as there are some good sources and articles in here and as I am working on a research project which I started based on a number of books I read.

I’m sure you’ll find something interesting in the items below – there are some gems in the list – and I dare to hazard the guess you might learn something you wanted to know. 🙂

Read the rest of this entry »

Advertisements

Written by Daniël W. Crompton (webhat)

July 15, 2011 at 4:10 pm

Posted in tagging

Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

USSD – A Mobile Payment Solution? #mobile

with one comment

Somebody send me a nice demo which Barcleys in India is implementing or has implemented using Unstructured Supplementary Service Data.

USSD is part of the GSM standard which tends more towards a real-time messaging service, unlike SMS no data is stored on the mobile or network. All the data still goes over the same channel over the GSM network, and thus is still inherently insecure, due to the fundamental flaws in the GSM encryption methodology.

One of the advantages over SMS is that nothing sits in between to store messages, so they must be answered immediately. The back end application is responsible for the message handling, as it is completely session oriented. There is both a push and pull method, which means communication is initiated from the mobile or network. IMHO this still leaves it susceptible to a man-in-the-middle attack.

Do banks consider this acceptable risk? Or do they just not know the whole truth?

Technorati technorati tags: , , , , , ,

Written by Daniël W. Crompton (webhat)

August 1, 2008 at 1:15 pm

Posted in mobile, network, risk, security

Tagged with , , , , , ,

Citizen Engineer – True Love #hack

leave a comment »

I just finished watching Citizen Engineer, I’m in love. No honest, there is just something about a girl and her soldering iron. There are two things which are discussed in this first episode Phones

  1. SIM Card Hacking
  2. Payphone Hacking

The first subject is handled a little too fast for my liking and doesn’t cover all the interesting parts, although it is mostly left up the the viewer to try it themselves. Payphone Hacking is covered in depth, it’s divided into 3 sections:

  • Hooking the Payphone up to VoIP
  • Fixing the Payphone so it accepts quarters
  • Creating a system which can be bypassed with a Redbox

It’s geeky, but it’s fun!

Technorati technorati tags: , , , ,

Written by Daniël W. Crompton (webhat)

July 28, 2008 at 7:27 pm

Posted in security, sip, telecom

Tagged with , , , ,

Reserve Bank of India halts mobile payments #risk

with one comment

I mentioned the insecurity of mobile payment systems before in Rabobank has insecure SMS banking. Apparently the RBI has the same reservations I do. In the article RBI puts a temporary halt on Mobile Payment Services explains.

They haven’t stopped regular services such as requesting bank balance, but they have halted signing off on permitting projects to go life until the final guidelines have been issued, micropayments and larger transactions.

From the draft guidelines:

It is suggested that the banks issue a new mobile pin (mPIN). […] Banks and the various service providers involved in the m-banking should comply with the following security principles and practices with respect to mPIN : […]
Protect the mPIN using end to end encryption

They don’t seem to require One Time Passwords, which I would certainly have as a requirement, and I hope they don’t consider A5 to be end-to-end encryption. Nokia and Visa already started working on a secure payment system in 2007 using RFID.1

Technorati technorati tags: , , , ,

Written by Daniël W. Crompton (webhat)

July 26, 2008 at 5:53 pm

Rabobank has insecure SMS banking

with 4 comments

The Rabobank has a new service called Rabo SMS Betalen, the purse can be accessed by SMS.

  1. Alice sends a message to 6689 with the phone number and amount in the body, either +316-<number> or 06-<number>

    0612345678 15 Thanks for the money, Bob.

  2. Alice receives a confirmation SMS from 6689 with an OTP (One Time Password)
  3. Alice sends the OTP back by SMS to 6689 confirm the transaction
  4. Bob, the recipient, receives a confirmation SMS from 6689 that money has been transferred from Alice’s phone number

There are a number of issues with this, primarily that it is possible to perform a man-in-the-middle attack on this system with less than $1000 worth of equipment.

From GSM Security:

GSM uses several cryptographic algorithms for security. The A5/1 and A5/2 stream ciphers are used for ensuring over-the-air voice privacy. A5/1 was developed first and is a stronger algorithm used within Europe and the United States; A5/2 is weaker and used in other countries. Serious weaknesses have been found in both algorithms: it is possible to break A5/2 in real-time with a ciphertext-only attack, and in February 2008, Pico Computing, Inc revealed its ability and plans to commercialize FPGAs that allow A5/1 to be broken with a rainbow table attack. The system supports multiple algorithms so operators may replace that cipher with a stronger one.

I wonder who sold them this idea?
Technorati technorati tags: , , , , ,

Written by Daniël W. Crompton (webhat)

July 9, 2008 at 12:20 pm

Posted in finance, risk

Tagged with , , , , ,

%d bloggers like this: