Femtocell flaw leaves Verizon subscribers' Wi-Fi and mobile wide open Security researchers have demonstrated a flaw in femtocells that allows them to be used for eavesdropping on cellphone, email, and internet traffic. The hack was demonstrated on Verizon hardware, and the telco giant has issued an update to patch the vulnerability, but up to 30 other network carriers use systems with software …
It appears that for the attack to work, you need to have physical control of the femtocell, or at least access to the LAN it is connected to; and it has to be within range of the phone you want to monitor.
If you are required to update the firmware to stop the attack, then people who want to perform the attack will choose not to apply the update. Other people who have a femtocell at home and don't plan to perform the attack won't bother, because the fact that others don't have physical access to the femtocell or router means they don't have to worry about attacks, and if attackers do manage to find another way into their LAN, they have more pressing problems to deal with.
According to what I heard on the radio, the update was pushed out automatically by Verizon. The researchers wanted to see a more thorough fix, which would require a hardware update.
The biggest problem is not hacking someone else's femtocell, but deploying your own femtocell for snooping other people's live phone conversations, like what people used to do with scanners before cell phones went to digital.
Actually, the way the vast majority of wireless carriers operate, there is an update, you SHALL receive that update.
I fail to see why the wireless vendor can't push an update to nvram, then apply it to flash. Especially considering that most devices that have ram of any sort have ram in excess. Be it NV or non-nvram. Add to that that many hardware drivers for PC's and other hardware have options to install as needed software at a driver level, it's far from undoable involuntarily.
Well, until they get caught, then it's, "Oh! You did it for *my* security, OK, rape is cool now. Or something.
"
"This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people,"
Ordinary people rarely attack ordinary people, the NSA however..."
The NSA attacks *all* when observing. What happens next is limited within the US due to posse comitatus, very slightly, due to congressional action over the past decade.
WAR IS PEACE
This exploit might not be the way the NSA engages in broad data collection. It might be more prevalent amongst normal people trying to slurp data from other normal people. But I assure you, that IF you were a high value target, the NSA would have no qualms about using this attack vector to gather your data. It might even be preferred to the more exotic techniques available to them for precisely the reason that it doesn't immediately point a finger at them.
The great thing about a femtocell is that the carrier is always in control, those not responding to updates via the controller's push management will simply be de-authorised.
Further, in the current generation you only manage to attach to a femto if there is absolutely NO macro network coverage, so as a general rule its easy to get off one but really hard to get onto one , even if its your own and you are in the same room with it, the netowrk will only use it as a last resort , never a first choice
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
