Alert icon
We're changing our privacy policy. This stuff matters.  Learn more  Dismiss

27c3: SMS-o-Death (en)

Sign in or sign up now!
Alert icon
Upgrade to the latest Flash Player for improved playback performance. Upgrade now or more info.
2,139
Loading...
Alert icon
Sign in or sign up now!
Alert icon

Uploaded by on Jan 7, 2011

Speakers: Collin Mulliner, Nico Golde

From analyzing to attacking mobile phones on a large scale.

Smart phones, everybody has a smart phone! No! Just about 16% of all mobile phones are smart phones! Feature phones are the most common type of mobile phone in the world. Some time ago we decided to investigate the security of feature phones. In this talk we show how we analyzed feature phones for SMS security issues. We show our results and the kind of attacks that are possible with our bugs.

This talk is about security analysis of a class of mobile phone the so-called "feature phones". We show how we analyzed these type of phones for SMS security issues and what kind of problems to overcome in the process. We show results for the major mobile phone manufacturers in the world. Everyone of them has problems. Finally we show what kind of global scale attacks one can carry out with these kind of bugs. The attacks range from interrupting phone calls, to disconnecting people from the network, and sometimes even bricking phones remotely.

The talk is structured in the following way: * Introduction to the Topic * Problem Description * The Analysis (major part of the talk) * Analysis Results * A look at the Operator Network * Attacks based on our Results * Conclusions

Speakers: Bruce Dang, Peter Ferrie

There has been many publications on the topic of Stuxnet and its "sophistication" in the mainstream press. However, there is not a complete publication which explains all of the technical vulnerability details and how they were discovered. In this talk, you will get a first-hand account of the entire story.

We will discuss various techniques used in analyzing Stuxnet. First, we will share several tricks that were used to quickly identify the vulnerabilities. Second, we describe the thought processes that went into debugging and triaging the vulnerabilities themselves. Finally, we show some tips that you can use if you feel like decompiling stuff for fun :).

For more information visit:http://bit.ly/27c3_information

To download the video visit: http://bit.ly/27c3_videos

Category:

Science & Technology

Tags:

License:

Standard YouTube License

  • likes, 0 dislikes

Link to this comment:

Share to:
see all

All Comments (2)

Sign In or Sign Up now to post a comment!

  • @warkaj This confirms it - 1:06 - "So as you know mobile phone security is like a really really hot research topic. Everybody's doing it...." : P

    DJCritterH 11 months ago

  • ya! learn about sms mit Bruno!

    warkaj 1 year ago

Loading...

Alert icon
0 / 00Unsaved Playlist Return to active list
    1. Your queue is empty. Add videos to your queue using this button:
      or sign in to load a different list.
    Loading...Loading...Saving...
    • Clear all videos from this list
    • Learn more