Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Wireless Networking China Communications Security United States

Bruce Schneier on 5G Security (schneier.com) 33

Bruce Schneier comments on the issues surrounding 5G security: [...] Keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. Neither is banning Chinese microchips, software, or programmers. Security vulnerabilities in the standards, the protocols and software for 5G, ensure that vulnerabilities will remain, regardless of who provides the hardware and software. These insecurities are a result of market forces that prioritize costs over security and of governments, including the United States, that want to preserve the option of surveillance in 5G networks. If the United States is serious about tackling the national security threats related to an insecure 5G network, it needs to rethink the extent to which it values corporate profits and government espionage over security. To be sure, there are significant security improvements in 5G over 4G in encryption, authentication, integrity protection, privacy, and network availability. But the enhancements aren't enough. The 5G security problems are threefold.

First, the standards are simply too complex to implement securely. This is true for all software, but the 5G protocols offer particular difficulties. Because of how it is designed, the system blurs the wireless portion of the network connecting phones with base stations and the core portion that routes data around the world. Additionally, much of the network is virtualized, meaning that it will rely on software running on dynamically configurable hardware. This design dramatically increases the points vulnerable to attack, as does the expected massive increase in both things connected to the network and the data flying about it. Second, there's so much backward compatibility built into the 5G network that older vulnerabilities remain. 5G is an evolution of the decade-old 4G network, and most networks will mix generations. Without the ability to do a clean break from 4G to 5G, it will simply be impossible to improve security in some areas. Attackers may be able to force 5G systems to use more vulnerable 4G protocols, for example, and 5G networks will inherit many existing problems. Third, the 5G standards committees missed many opportunities to improve security. Many of the new security features in 5G are optional, and network operators can choose not to implement them. The same happened with 4G; operators even ignored security features defined as mandatory in the standard because implementing them was expensive. But even worse, for 5G, development, performance, cost, and time to market were all prioritized over security, which was treated as an afterthought.

This discussion has been archived. No new comments can be posted.

Bruce Schneier on 5G Security

Comments Filter:
  • Yeah, but... (Score:3, Interesting)

    by Anonymous Coward on Thursday January 16, 2020 @11:54AM (#59626834)

    What about 3G? LTE? How do they compare with 4G and 5G in regards to security?

    • Re:Yeah, but... (Score:4, Insightful)

      by Opportunist ( 166417 ) on Thursday January 16, 2020 @12:16PM (#59626894)

      Mostly like MD5 compares to SHA1. Even more insecure, but do you really care whether you open the door or the barn door to your house?

      The point is that just because something is "more secure" doesn't mean it's secure enough. Security is an effort/reward game, how much do you try to secure with how much effort? Your home computer is probably less secure than the average server at your local bank, do you think your computer is more at risk to be hacked?

    • LTE compares favorably to 4G due to it having more characters. Unless you care for short names, then 4G takes the biscuit. Otherwise, they are the same thing. Unless you are in marketing, then it depends on who's making money, you or the competition.
  • by Opportunist ( 166417 ) on Thursday January 16, 2020 @12:16PM (#59626896)

    Perish the thought, that has NEVER happened before!

  • What? (Score:4, Interesting)

    by thegarbz ( 1787294 ) on Thursday January 16, 2020 @12:21PM (#59626912)

    Since when has security ever been a priority for mobile standards? Hell 5G has already been broken, even before being rolled out.

  • With as insecure as data is pretty much everywhere you look, I'm starting to wonder if they even want data to be secure.
    Is there some way they're making money off data breaches? Are companies somehow quietly profiting from it? May sound outlandish but it would be a better explanation than 'humans are just plain stupid'. The level of 'stupid' required otherwise would contradict our ability to have any sort of actual civilization.
    • The concept of a "network" is antithetical to security. A network is for sharing information between endpoints, not hiding it. There is a trade off between security and cost. Does it really matter if a 5G connection is 100% "secure"? Probably not.

      • by Rick Schumann ( 4662797 ) on Thursday January 16, 2020 @12:36PM (#59626966) Journal
        That's fine and dandy for someone like you to spout off with until you're the one who gets their identity stolen and/or bank accounts drained because some asshole pwned your phone via a wireless network that's like a collander security-wise.
      • by hey! ( 33014 )

        I actually think that's not true. While connecting two end point necessarily creates the possibility of an attack, there's no fundamental reason why a network can't be acceptably safe in practical terms.

        What makes the problem hard is that security is not something that can be evaluated with a functional test. A system has to be critically evaluated by people with special expertise, and that *doesn't* happen, there's no way a user can know that hasn't happened until he's caught up in some kind of giant dat

        • by Archtech ( 159117 ) on Thursday January 16, 2020 @03:15PM (#59627510)

          "Secure web servers are the equivalent of heavy armored cars. The problem is, they are being used to transfer rolls of coins and checks written in crayon by people on park benches to merchants doing business in cardboard boxes from beneath highway bridges. Further, the roads are subject to random detours, anyone with a screwdriver can control the traffic lights, and there are no police".

          - Professor Gene Spafford

    • I've observed that the people who understand security don't understand how to talk to executives, the technical people don't speak that language. On the other side, the executives (money people) don't know how to talk to security people - they don't know wtf ECC curves are etc. Heck, neither group is particularly good at understanding and discussing risk management, which should be the meeting place for these two groups. The security people and the money people can't talk to each other effectively, so a l

  • "First, the standards are simply too complex to implement securely."
    Translate to: This is already expensive any additional expense will hit projected profit margins.Which will affect our Share Value on the Stock Market.

    America is lagging in many business sectors not because we are too expensive to product, but we are expensive and produce bad quality products.

    Why do I drive a Toyota vs a Ford? Because the Toyota has a better track record for quality.

    We are willing to pay for quality. So even if American Pro

    • What does this have to do with America? This is a global standard.

      • He did answer that with his Toyota vs Ford comparison tbh. And is it really a global standard in it's pure sense?
        It would mean that products from certain countries wouldnt come with a certain reputation attached.
        Japanese car, Indian car, British car, Chinese car, German car, Italian car. I would find it very odd indeed if you were to tell me that they all evoked the same image in your mind.
  • Limiting Scope (Score:5, Informative)

    by ketso ( 1001027 ) on Thursday January 16, 2020 @01:15PM (#59627102)
    I have been working in the cellular industry for 10+ years and have implemented security algorithms both on the UE (SIM card) and network side. Having seen how things are done, especially in contrast to where we are with security on the web, I have a very low opinion of the current state of affairs.
    That said, I don't think it's realistic to expect mobile operators or the 3GPP (standards body writing the spec) to come up with a bulletproof security scheme. I think the more realistic approach is to improve security to a point where:
    a) subscribers and operators don't lose money to fraud (i.e., people can't use someone else's subscription);
    b) denial-of-service attacks on the network are difficult to carry out (i.e., legitimate users can't be stopped from using the network).
    This could be trivially done by well established security techniques long implemented in the Internet world (PKI, key exchange protocols, etc.) There are massive challenges for national security with jamming, physical and cyber attacks on infrastructure, etc., but this is well outside the scope of subscriber security.

    Most importantly, developers who build services on top of the network must be told in no uncertain terms, that their communication is, by design, INSECURE. Just like with any other means of Internet access, everyone should expects their packets to be visible to others, and should also be prepared for some level of tampering. This is how all of the Internet works, and our expectations should be no different for cellular. Once this is understood, we're back to solving problems in the Internet world, which are still very difficult, but are much more familiar.
    • by Agripa ( 139780 )

      Most importantly, developers who build services on top of the network must be told in no uncertain terms, that their communication is, by design, INSECURE. Just like with any other means of Internet access, everyone should expects their packets to be visible to others, and should also be prepared for some level of tampering. This is how all of the Internet works, and our expectations should be no different for cellular. Once this is understood, we're back to solving problems in the Internet world, which are still very difficult, but are much more familiar.

      That would defeat the purpose of telling developers (and users) that the network is secure so that they make their applications insecure allowing ubiquitous surveillance. It is not enough that the network is insecure; people also need to believe it is secure.

  • Convenience/Profit > Security
  • If this is true that 5G is just an evolution of 4G and therefore inherits the security problems instead of fixing them then a clean break makes sense. It's not like cell phone service providers didn't have to deal with a transition of different protocols before. This will no doubt be more expensive but if 5G is as broken as people claim (as I recall power consumption on 5G devices has been a big problem) then this will be even more expensive to fix later.

    I do like the idea of separating the security from

  • by VeryFluffyBunny ( 5037285 ) on Thursday January 16, 2020 @03:47PM (#59627600)
    ...they don't care. Just look at the Equifax debacle. Their share price went up as a result. What kind of incentive is that for security? The EU's got the right idea with those hefty GDPR fines.
  • by engineer37 ( 6205042 ) on Thursday January 16, 2020 @04:25PM (#59627712)
    Have you ever tried to write the software that does all the bare metal cell communication stuff? If you have then I'm sure you know it's a living nightmare. That applies to a lot of the computer industry today, unfortunately. It's not a 5G specific problem. It's a 4G problem and a 3G problem, and a cell phone problem, and a drivers problem... The so called "standards" for everything from blutooth to interacting bare metal with graphics cards are so ridiculously insanely over complicated that it has become like a tower of babel. It's bags of cats all the way down.
  • You need well defined security perimeters. I need to know that I can trust data A and not trust data B. If data C is based on data A it is trusted. If 99% of the time it is only based on A but 1% of the time it is based on B then it isn't trusted. If I can't figure out all the cases were C comes from or if at some point later in the standard the assumptions based on were C originates changes then I don't have security. What I really don't want is a game of wack-a-mole. Where we have something complica
  • do their good works if telco security is a real thing?
  • Either the NSA has turned over a new leaf, or all their bitching and moaning about Huawei is simply because the NSA doesn't have a guarantee of implants in their gear. It looks like the UK may defect from Five Eyes on this one.

    They"ve even got nutballs who failed 7th-grade science afraid that 5G is going to give them cancer, slowing down local permitting enough to allow the "cooperating entities" enough time to get their gear finished.

Time is the most valuable thing a man can spend. -- Theophrastus

Working...