PROVIDER OF INSECURE FEMTOCELLS Vodafone has mobilised its tax-avoiding troops after our earlier story and has fired over a statement.
In its statement, the big red quote mark tells us that it found a vulnerability in its "Suresignal" hardware and patched in early 2010.
However The Hacker's Choice had begun work on this project in August 2009 and notified Vodafone about its findings that Autumn, months before Vodafone admits it fixed the problem. This makes Vodafone look especially tardy in its 'discovery' and subsequent fix of the issue. It could also mean that countless users might have been attacked.
But even with Vodafone's fix, femotcells that had already been hardware hacked with their code tweaked wouldn't be automatically updated. This would mean that femotocells belonging to Joe Public would be more secure, though we doubt by much, but rogue cells belonging to hackers would still be able to gather subscriber information and make calls via these compromised accounts.
However, in another statement given to users of the Vodafone Eforum, it assured users that they would not be affected by rogue cells, because it was blocking all Suresignal hardware that wasn't running the latest version of the firmware.
THC told The INQUIRER that claims this solved the problems were untrue. Indeed, the respondent told us that it would easy to spoof the firmware version using the "same mechanism [as] the playstation network" attack. He went on to say, "You can even tweak your femto to download updates but not install them", so Vodafone can't tell what devices are compromised based on which don't download the update.
The argument of THC and other interested groups seems to be that these femotcells are insecure by their very nature. Any piece of hardware you give to customers that can access the core network is liable for hackery and subsequent security breaches. THC told Vodafone about these vulnerabilities long before it made the information public.
The group is now concerned that Vodafone is telling people its femotcells are secure and there's no chance customers can accidentally log on to a compromised cell. From what we have been told, this is not the case, and customers could still have their accounts compromised in this way, either by mischievous hackers, cyber crackers or criminals in the pay of certain unscrupulous newspapers.
We'll leave you with the pretty terrific point that THC made to us via email earlier today: "Think of what you can do if you place such a device in the British Parliament. That's what Murdoch should have been using :-)". µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted