All GSM Phones Open To Attack, Tracking 119
Trailrunner7 writes "A pair of security researchers has discovered a number of new attack vectors that give them the ability not only to locate any GSM mobile handset anywhere in the world, but also to find the name of the subscriber associated with virtually any cellular phone number, raising serious privacy and security concerns for customers of all of the major mobile providers. The research builds upon earlier work on geolocation of GSM handsets and exposes a number of fundamental weaknesses in the architecture of mobile providers' networks. However, these are not software or hardware vulnerabilities that can be patched or mitigated with workarounds. Rather, they are features and functionality built into the networks and back-end systems that Bailey and DePetrillo have found ways to abuse in order to discover information that most cell users assume is private and known only to the cell provider."
Cue the standard industry response in 321.... (Score:5, Insightful)
Because you just couldn't allow these methods to remain hidden, you are now responsible for any attacks that take place as a result.
We take our customers security very seriously. As an example, we've ensured these holes have stayed well hidden. Now, you've ruined that. You idiot.
Re:Scary shit (Score:5, Insightful)
Raise your hand if you think this wasn't already known to and in use by one or more government agencies.
Re:Sounds like a lot of BS (Score:1, Insightful)
Clearly, you weren't at Source Boston or Quahogcon over the last week to see it in action. Thanks for the FUD.
Re:Sounds like a lot of BS (Score:3, Insightful)
Their sensational claim is that they are able to "also find the name of the subscriber associated with virtually any cellular phone number". This is a strong claim and it is a false one. They can find the name of the subscriber if such a CallerID database exists for the network in question and is available for access. This is simply not the case for many many networks around the world, so they are far from beeing able to do this for "virtually any cellular phone number". Also it is not very surprising that you can make a lookup if such a lookup service is available.
Re:I told you they've been tracking me (Score:5, Insightful)
Let this be a lesson to all you would-be "in-the-know"ers out there. Tin foil hats do not cut it anymore. As soon as that became public knowledge, they started putting carbon-nano-fiber-tube-microphones inside any and all newly manufactured tin foil. Here is what you have to do:
Step 1: Throw away your cell phone. That thing is useless.
Step 2: Steal a friend's cell phone. Put tape over any cameras, and take out the battery, and for good measure, disassemble the audio input.
Step 3: Grab a Pickaxe if you have one, but if not, don't sweat it. Don't go out and buy one, that will only leave a trail for them to find you.
Step 4: Start driving to the mountains. Your newly acquired cell phone will let you know once you are out of the 3G network, secretly known as the Government Geological Guidance network. They will think it is your friend visitting the mountains. Only then will you know that they cannot track you.
Step 5: If you don't have a pickaxe, fashion one out of stone and wood. Start mining. Keep going until you get a rather large amount of Nickel. You can go into town to eat and make shipments of nickel. You'll need about 1.6 KG if you're about 6 feet tall.
Step 6: Go and take your nickel to the local blacksmith. He can be trusted, he didn't upgrade like the rest of the world. Have him help you smelt the Nickel. Submerge yourself in liquid Nickel in order to create a faraday cage around yourself.
And there you go, they won't be able to track you anymore.