 |  |  |  |  |
5G is arriving half-baked on security
| |||||||||
|
5G is arriving half-baked on security
| | |||||||
 |
 |
| | Thread Tools |
6th August 2019, 09:27
| #1 |
| [M] Reviewer  Join Date: May 2010 Location: Romania
Posts: 148,802
 |  5G is arriving half-baked on security They are the telecom equivalent of Steve Irwin to a Stingray While high-speed 5G mobile data networks have already started rolling out in some cities, insecurity experts are concerned that the standard might not be up-to-snuff on security. At the Black Hat security conference in Las Vegas, a group of network communication security researchers will present findings on flaws in the 5G protections meant to thwart the surveillance devices known as stingrays. Also called "IMSI catchers" after the international mobile subscriber identity number attached to every cell phone, stingrays masquerade as legitimate cell towers. Once they trick a device into connecting to it, a stingray uses the IMSI or other identifiers to track the device, and even listen in on phone calls. Ravishankar Borgaonkar, a research scientist at the Norwegian tech analysis firm SINTEF Digital, told Wired that 5G was developed to fix the issues that allow fake base station attacks and while it fixed some problems it does not give full protection against these phoney base station attacks. The researchers found enough lapses in this setup to sneak a pair of 5G stingray attacks through. When a device "registers" with a new cell tower to get connectivity, it transmits identifying data about itself. As with the current 4G standard, 5G doesn't encrypt that data. As a result, the researchers found that they could collect this information with a stingray, and potentially use it to identify and track devices in each area. The researchers found that they could use that unencrypted data to determine things like which devices are smartphones, tablets, cars, vending machines, sensors, and so on. They can identify a device's manufacturer, the hardware components inside it, its specific model and operating system, and even what specific operating system version an iOS device is running. That information could allow attackers to identify and locate devices, particularly in a situation where they already have a target or are looking for a less common model. It turns out that the same exposure that leaks details about a device also creates the opportunity for a man-in-the-middle, like a stingray, to manipulate that data. https://fudzilla.com/news/network/49...ed-on-security |
|  |
|
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| BreadBot delivers freshly baked bread every six minutes | Stefan Mileschin | WebNews | 0 | 7th January 2019 05:34 |
| Nintendo's solution for online voice chat feels half-baked | Stefan Mileschin | WebNews | 0 | 21st July 2017 08:26 |
| USB-C is half-baked claims Microsoft | Stefan Mileschin | WebNews | 0 | 12th May 2017 08:47 |
| This attack alarm is baked into a ring | Stefan Mileschin | WebNews | 0 | 13th March 2017 06:33 |
| Microsoft's answer to Twitch is baked into Windows 10 | Stefan Mileschin | WebNews | 0 | 28th October 2016 06:21 |
| Google baked its AI 'Assistant' into the new Pixel phones | Stefan Mileschin | WebNews | 0 | 8th October 2016 13:12 |
| Amazon's new game engine comes with Twitch baked in | Stefan Mileschin | WebNews | 0 | 10th February 2016 08:36 |
| The Pax 2 vaporizer makes its predecessor look half-baked | Stefan Mileschin | WebNews | 0 | 21st April 2015 06:10 |
| Google+ gets baked-in YouTube functionality, seeks your +1s | Stefan Mileschin | WebNews | 0 | 4th November 2011 06:58 |
| Bread: The Half-Baked Truth Revealed | jmke | WebNews | 9 | 17th May 2006 15:10 |
| Thread Tools | |
| |
