Rogue Femtocells & Fembots

<risque>You’ve been warned – Rating PG</risque>

There’s nothing worse than meeting a nice girl at a club and discovering she’s a Fembot! Sure, we’re savvy, mighty warrior men on the prowl… We won’t be deceived by the common transvestite or guy masquerading as a woman! But this is going to far – I mean, what if the chick has no appendage, if you get my meaning?

As technology experts and mighty cyberninjas (my apologies to the pirates), we’re used to checking for malware on our smartphones. We won’t get fooled by that phishing e-mail. Evil Twin hotspots? No problem, we setup a proxy SSL tunnel and could care less who’s eavesdropping.

But a new security threat for mobile networks is on the horizon – the rogue femtocell. (I like the sound of that word for some reason… I spent all my $1 bills at the femtocell last night!) According Dr. Björn Rupp, Managing Director of Gesellschaft für Sichere Mobile Kommunikation (GSMK) CryptoPhone mbH, (God bless you, do you need a tissue?) advances in technology have enabled criminal gangs to deploy low-cost tools to create rogue cell phone systems to conduct industrial espionage, identity theft, etc. Where it once took $50,000 in hardware, now a Linux workstation can run software to emulate the GSM cells. Decrypting GSM encryption algorithms by exploiting the latest cryptographic advances, while not trivial, is possible using a code book. This exploit was first published in December by Karsten Nohl at the Chaos Communication Congress in Berlin. In addition research published from Rutgers University demonstrates how to turn devices into “remotely-activated bugging or tracking systems.”

The good news is that GSM is an older technology (2G networks) and most femtocells today are 3G, which require two-way authentication between the handset and the network. 2G networks only authenticate in one direction – the SIM sends the ID to the network, real or fake.  So are hacked cellular codes really something to worry about?  My guess is probably not…

But your phone has WiFI, right?  And you automatically connect at your carrier’s hot spot?  Most phones do this automatically to help you cut down on cellular minutes or other costs.  You may not even know you’re on a WiFi network.  Get your Twitter feed updates automatically?  How about that Facebook photo you just uploaded?  If these automatic WiFi connections are unencrypted your passwords are being shot through the airwaves and anyone with Kismet or another tool can sniff the airwaves.  Like most people, you probably use the same password in multiple locations and could be putting more than just your online accounts at risk.  This isn’t hypothetical.  I’ve had friends who have had this happen to them.

As smartphones transition from being phones to full fledged mobile computers, the compromise vectors will continue to grow.  And the Fear, Uncertainty and Doubt (FUD) will continue to be splashed about by the media.  I wish the media would focus on the real threats and not the sensational ones.

In the mean time, you can find me hanging out at the local femtocell, with wads of $1 bills in my pocket, ready to tuck into a Fembot’s g-string.

Share and Enjoy:
  • Print
  • Digg
  • del.icio.us
  • Facebook
  • Twitter
March 5th, 2010 in Uncategorized | tags: , ,

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Leave a comment

Your comment