Read us also on TG Daily in a few hours' time
|
|
|
Vodafone root password is revealed
PHONE HACKED INDIVIDUALS MIGHT have to take some responsibility for having their voicemail accessed. After all, if you don't change the PIN from 1234, or whatever your operator's default is, then you aren't really being careful enough, are you? But it seems that Vodafone has an even less impressive grasp of security.
The Hacker's Choice reports that using one of Vodafone's own femtocells it was able to reverse engineer the hardware to achieve some impressive, if potentially illegal results. First, it was able to remove the restriction on who can use the device, switching it from a personal cell tower to a normal, albeit small, cell tower. Doing this allows you to gather data from Vodafone handsets and opens the way for some even more alarming hacks.
In the second part of the exploit, the femotocell is used to get access to Vodafone's core network. As a result, it's possible to access other customers' information. Some code tweaks and updates to the femtocell's Linux OS allows you listen in on phone calls and make calls at another subscriber's cost.
You'd also be given unrestricted access to call an exploited user's voicemail and bypass the security. Nice work Vodafone, fail to pay £6bn in taxes, then let any hacker in the land listen to our calls and voicemails.
The technical document, now available for all to read, explains that it's also possible to remove the hardware that Vodafone uses to determine your location. Additionally, you can boost the transmission power of the femtocell and allow anyone to use the device, rather than just those that are registered with Vodafone. This will allow you to listen in to people's phone calls, which is possibly the most severe security concern.
To really stick it to Vodafone, you can also create an OpenVPN tunnel back to the UK while you're abroad. This allows you to use the hacked femtocell to provide a Vodafone cell tower in a foreign land. That in turn means no roaming charges, and all you'll need is a laptop and some local internet access.
Hilariously, the root password on the femtocell turns out to be "newsys". Brilliant. There are toddlers on this planet who have a better grasp of security than one of the world's biggest mobile mobile phone companies. Hell, Betsy at our local Tesco has a more secure password for her Myspace account. If Vodafone had just managed to switch the 'e' for a '3', we could have given it a little more credit. µ
Share this:
Share
Phonephreaking is back, and with a vengeance!
ISP still use WEP for Wifi protection!!
Sorry to say, but ISP are the worst people when it comes to security.
There should be a law to forbid WEP being possible in devices to protect everybody from lazy providers!!
They were obviously being sarcastic.
From the THC site:
"2009-AUG-28 Started private femto wiki.
2010-JUL-14 Project stopped. To much fun with other things.
2011-JUN-08 De-classified private wiki and copied content into this wiki. Enjoy.
2011-JUL-13 Publicly announced"
From Vodafone:
"The claims regarding Vodafone Sure Signal, which is a signal booster used indoors, relate to a vulnerability that was detected at the start of 2010.
A security patch was issued a few weeks later automatically to all Sure Signal boxes.
As a result, Vodafone Sure Signal customers do not need to take any action to secure their device."
Looks like THC's information got outdated by events while they were sitting on it.
Nice pun that "terrorist off the hook" :)
nice call, you got a line on humor and just got them out of the cell and at this rate they'll be roaming free soon ;P
"use the hacked femtocell to provide a Vodafone cell tower in a foreign land"
I don't see why you need to hack the femtocell to do this. The femtocell plugs into your local network. How can Vodafone tell what I'm tunnelling to where?
posted by : bob, 14 July 2011
I think you misunderstood. You can't do it as you said because there is no way to tunnel mobile traffic from foreign land back to UK (your mobile phone connects to the foreign network). What you need is the femto cell tower with you carry to the foreign land to act as a access point. This case you need to hack into the femto cell and configure it to tunnel the traffic and act as a bridge for your phone, which is using its signal.
But remind me, what do Tesco phones run on really?
"use the hacked femtocell to provide a Vodafone cell tower in a foreign land"
I don't see why you need to hack the femtocell to do this. The femtocell plugs into your local network. How can Vodafone tell what I'm tunnelling to where?
The biggest implication of this, which pertains possibly (probably?) to more than Vodafone's network, is that cell location for calls can easily be faked.
This effectively means that a less than squeaky clean state security service could have easily altered cell location information, which has previously been assumed as being top class evidence.
Scary, scary stuff.
It would take a real gambler to also bet against the chance that various hacks across the UK have already exploited this.
Was GSM ever really safe in the first place? What are the chances MI5 (and then ex-MI5 security pundits) did not know this trick? Fairly low I expect.
Sick.
All password guessing and bruting software that are worth spit will guess 1337 sp34k BS.
If you think "acc355" is more secure than "access" you need to lay off the drugs.