Is Your TimeSpace Safe? - Time and Position Spoofing Opensourcely

Presented at Black Hat Europe 2015, Unknown date/time (Unknown duration)

We have found a way to produce GPS spoofing with an extremely low cost SDR device and both iPhone and Apple Watch could be affected. (Tech details have already been submitted to Apple Product Security Team. ) The map apps of iOS and Android can be cheated too, and you can even produce an Uber position spoofing, which make LBS apps vulnerable. Futhermore, the time information of smart devices could be easily cheated, since those devices rely heavily on GPS based timing or NTP service (also based on GPS timing). Additionally, we will examine other common positioning methods used by smart devices, such as iBeacon/BLE/WiFi. We will give a demo on how we collect WiFi Access Point SSID data, and then make a fake WiFi environment to cheat WiFi positioning system of Android. In the end, we will also give some suggestions in order to prevent such spoofing.


Presenters:

  • Aimin Pan - Mobile Security of Alibaba
    Aimin Pan is the chief architect of the mobile security division within the Alibaba Corporation. He has written and translated many books, including "Understanding the Windows Kernel"(Chinese edition, 2010) and "COM Principles and Applications"(Chinese edition, 1999). Before joining Alibaba, he worked at Peking University (Beijing), Microsoft Research Asia, and Shanda Innovations. Aimin has published more than 30 academic papers, filed 10 USA patents. In recent years, his research focuses on mobile operating systems and security.
  • Shuhua Chen - Mobile Security of Alibaba
    Shuhua Chen is the Director of the mobile security division within the Alibaba Corporation. He focuses on finding new technology and new business model to help the industry solve security problems easily.
  • Wang Kang - Mobile Security of Alibaba Group
    Wang Kang is a Security Specialist of the Mobile Security team of Alibaba Group. He is a contributor of Linux Kernel. (TDD-LTE USB Dongle support) as well as a Founder of the Tsinghua University Network Administrators (http://tuna.tsinghua.edu.cn).

Links:

Similar Presentations: