Loading...

DeepSec 2010: All your baseband are belong to us by Ralf Philipp Weinmann

20,857 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on May 10, 2012

All your baseband are belong to us

Ralf Philipp Weinmann, University of Luxembourg
Attack scenarios against mobile phones have thus far concentrated on the application processor. While code running on these processors are getting hardened by vendors as can be seen in the case of Apple's iPhoneOS -- the current release uses data execution prevention and code signing, the GSM stack running on the baseband processor is neglected. The advent of several open-source solutions for running GSM base stations is a game-changer: Malicious base stations are not within the attack model that was assumed assumed by the GSM MoU and baseband vendors. This paper explores the viability of attacks against the baseband processor of GSM cellular phones and shows first practical results that enable code exeuction on them. It will include a demo of a practical exploitation of a remote memory corruption on the iPhone4.
Ralf-Philipp Weinmann is a cryptologist at day, and a reverse-engineer at night. He has studied and obtained his Ph.D. at the Technical University of Darmstadt and currently is a postdoctoral researcher in the LACS laboratory of the University of Luxembourg.

DeepSec 2010

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...