Forwarded from Pegasus NSO & other spyware
When You Roam, You’re Not Alone | Lawfare –
A fix is long overdue for one of the most extensive, yet lesser-known surveillance risks of our age: the technical vulnerabilities at the heart of the world’s mobile communications networks
We’ve all been there before: You’re traveling abroad, and as your plane lands and is taxiing to the gate, you reach for your phone, wait for it to connect to the local network, and then you are greeted with a text message: “Welcome abroad, you’re now roaming!” Beyond the exorbitant fees, few of us are likely to give the matter much thought.
However, hidden within this seemingly routine transaction lies one of the most extensive, yet lesser-known surveillance risks of our age: the technical vulnerabilities at the heart of the world’s mobile communications networks.
#Mobile #Network #Cellular #Roaming #Vulnerabilities
A fix is long overdue for one of the most extensive, yet lesser-known surveillance risks of our age: the technical vulnerabilities at the heart of the world’s mobile communications networks
We’ve all been there before: You’re traveling abroad, and as your plane lands and is taxiing to the gate, you reach for your phone, wait for it to connect to the local network, and then you are greeted with a text message: “Welcome abroad, you’re now roaming!” Beyond the exorbitant fees, few of us are likely to give the matter much thought.
However, hidden within this seemingly routine transaction lies one of the most extensive, yet lesser-known surveillance risks of our age: the technical vulnerabilities at the heart of the world’s mobile communications networks.
#Mobile #Network #Cellular #Roaming #Vulnerabilities
Forwarded from Pegasus NSO & other spyware
How Roaming Agreements Enable 5G MitM Attacks | media.ccc.de
Licensed to the public under http://creativecommons.org/licenses/by/4.0
#Cellular #5g #Roaming
End-users in cellular networks are at risk of connecting to fake base stations, and we show that mitigations pushed in 5G are insufficient.
Machine-in-the-Middle (MitM) attackers aim to overhear and manipulate network traffic. The MitM position can also be used as an entry point for baseband exploitation. Proceeding from there, attackers can gain full control of a user’s phone. Standardization bodies pushed many mitigations against MitM into the specification of cellular networks. However, roaming agreements still enable powerful attackers to perform seamless attacks – even in 5G!
In this talk, you’ll learn about the complex nature of cellular roaming and how roaming is implemented in recent smartphones. The specification puts a lot of trust in network operators. This impedes security in real-world deployments. We show that the capabilities of network operators exceed the intended capabilities of lawful interception. If those are abused, end-users have no possibility of noticing the attacks.
Attacks on roaming are challenging to prevent or even detect in practice. The specification needs a major update to make cellular roaming secure. Users at risk should be aware of the current state of the system. We discuss multiple mitigations, including solutions for end-user devices.
Licensed to the public under http://creativecommons.org/licenses/by/4.0
#Cellular #5g #Roaming
media.ccc.de
How Roaming Agreements Enable 5G MitM Attacks
End-users in cellular networks are at risk of connecting to fake base stations, and we show that mitigations pushed in 5G are insufficien...