3G Protocol Flaws Allow Hackers to Affordably Track Your Every Move
October 10, 2012 4:00 PM
Flaws can be fixed easily and affordably, say authors of paper
Anonymity, privacy -- these are things we have come to expect when it comes to our cell phones. The last thing people anticipate is for unknown -- possibly malicious -- third parties to able to quickly track our positions every time we place a phone call.
I. Exploiting the 3G Protocol to Track
But that's precisely what security researchers at the
University of Birmingham
(located in the central UK) are
preparing to show off
ACM Conference on Computer and Communications Security
conference in Raleigh, N.C. next week. The demonstrated proof-of-concept attack will no doubt add to the aging
3G communication standard's security woes
The researchers simulated an attacking using affordable off-the-shelf components --
a rooted femtocell
(which broadcast 3G signals) and other affordable components.
The attackers used an off-the-shelf femtocell. [Image Source: 3G.com]
They then conducted two attacks geared at tracking the victim's position. The attacks were conducted in Europe on a number of real-world networks, across various carriers.
The researchers used a so-called "paging attack" -- a denial-of-service (DOS) type attack that involves tricking basestations or mobile devices into an always "ready" state. By sending a TMSI (Temporary Mobile Subscriber Identity) which appeared to
contain a static IMSI
(International Mobile Subscriber Identity), the attacker tricked the victim device into giving up its real IMSI.
That in turn allowed the target to be continuously tracked within a monitored region.
A second route to monitoring was also demonstrated, which used an Authentication and Key Agreement (AKA) protocol attack. The target device returns a Mac error, while the rest of the devices would respond with a different error -- a synchronization error.
The authors write, "The captured authentication request can now be replayed by the adversary each time he wants to check the presence of [a device] in a particular area. In fact, thanks to the error messages, the adversary can distinguish any mobile station from the one the authentication request was originally sent to."
The caveat here is that the attackers first had to indentify example authentication requests by calling the victim's device. But they argue that the flaw could still be abused in certain scenarios, such as if a boss wanted to track employees in a large office building.
The researchers elaborate, "[The employer] would first use the femtocell to sniff a valid authentication request. This could happen in a different area than the monitored one. Then the employer would position the device near the entrance of the building. Movements inside the building could be tracked as well by placing additional devices to cover different areas of the building. If devices with wider area coverage than a femtocell are used, the adversary should use triangulation to obtain finer position data."
II. Fixing the Flaws
So what does all of this mean?? 3G networks -- any 3G network, according to the authors -- are vulnerable to tampering which allows their users to be tracked, due to protocol weaknesses.
The IMSI paging attack flaw seems to be the more dangerous attack as it can be used to track anonymous victims.
Researchers say the flaw can easily be fixed. [Image Source: North Miami Beach FL]
Fortunately, there's a fix to both problems. The fix is to both modify the error messages, and adopt certain protocol changes. Those changes would involve introducing a so-called "unlikability" session key to weed out malicious AKA requests, and to implement IMSI paging procedure fixes to prevent the DOS trickery.
The 3G mobile industry's security watchdog,
, is investigating the proof-of-concept attacks and is considering the proposed fixes, which the authors argue would have a "low... computational and economical cost". Those fixes could (in theory) be rolled out in coming months to prevent attackers from exploiting "in the wild" the soon-to-be-published flaw.
"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer
Britain's Metropolitan Police Tracking Mobile Phones with New Surveillance System
October 31, 2011, 10:04 AM
Attocell Puts An End to International Roaming Rates
January 26, 2011, 9:00 AM
Researchers Crack 3G GSM 128-bit Encryption in Under 2 Hours
January 15, 2010, 3:13 PM
Xiaomi Mi 6 - Flash Sale on April 28 in China
April 26, 2017, 7:45 AM
Apple Watch NikeLab Limited Edition unveiled.
April 22, 2017, 6:20 AM
What is the Apple’s iPhone 8 specifications and release date?
April 14, 2017, 5:43 AM
Xiaomi Mi Pad 3 tablet with Hexa –Core SoC, Android Marshmallow
April 6, 2017, 6:40 AM
Vivo launches V5 Plus IPL edition smartphone
April 4, 2017, 11:10 AM
Samsung S8 and S8 Plus: On Sale April 21 at Major Wireless Dealers
March 30, 2017, 7:35 AM
Most Popular Articles
Surface Pro 5 Rumors - New Release Date and Price
April 22, 2017, 6:45 AM
Motorola Moto G5 Pus – Well Worth Considering Over the Others
April 25, 2017, 7:06 AM
HTC’s newest phone – HTC U 11 coming May 16th
April 24, 2017, 7:21 AM
Apple Watch NikeLab Limited Edition unveiled.
April 22, 2017, 6:20 AM
Meet the Smartphone with four cameras - Alcatel Flashphone
April 5, 2017, 11:20 AM
Latest Blog Posts
Galaxy Note 8 – Available Second Half 2017
Apr 28, 2017, 7:30 AM
Google Android App – Huge improvement on Nighttime Photography
Apr 27, 2017, 7:40 AM
Google Co-Founder, Sergey Brin has an Airship
Apr 26, 2017, 6:43 AM
Samsung Galaxy S8 and S8 Plus – Lots of Glass that Breaks Easily
Apr 25, 2017, 7:20 AM
Samsung Galaxy S8 – Warning for Pet Owners
Apr 24, 2017, 5:59 AM
Sound Bars and the Costs?
Apr 23, 2017, 6:30 AM
Link your Brain to Your Computer – In Four Years…Maybe
Apr 22, 2017, 7:03 AM
Google Home can now identify users by their voice.
Apr 21, 2017, 7:15 AM
Amazon Lex – Now Available for Developers.
Apr 20, 2017, 6:58 AM
You can now use Instagram offline on your Android Smartphone
Apr 19, 2017, 8:00 AM
Now you can livestream to YouTube from your mobile device.
Apr 18, 2017, 8:05 AM
Google Home – Is It a Spy Device?
Apr 17, 2017, 7:30 AM
Apple added to self –driving test permit list
Apr 15, 2017, 6:21 AM
Project Scorpio – Coming on June 11
Apr 14, 2017, 6:20 AM
Looks Like Samsung Has Been Forgiven.
Apr 13, 2017, 6:50 AM
United Airlines - Blasted on China’s Social Network and the Stock Market
Apr 12, 2017, 6:50 AM
Amazon's Third-Party Sellers Hacked
Apr 11, 2017, 6:25 AM
Microsoft Surface Pro5 Details Revealed
Apr 9, 2017, 6:41 AM
Own An Android Phone? Then you could be hacked over Wi-FI
Apr 7, 2017, 6:47 AM
Apple confirms iOS 10.3 bug and its effect on iCloud Services
Apr 6, 2017, 6:30 AM
Apple Rolls Out New Version of Apple Music
Apr 5, 2017, 10:35 AM
Apple in the News
Apr 4, 2017, 9:03 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information