Carmen Sandiego is On the Run!

Presented at Black Hat USA 2010, July 29, 2010, 4:45 p.m. (75 minutes)

The global telephone network is often an opaque and muddy environment where many false assumptions of privacy are made by its users. Providers do their best to compartmentalize as much privacy-centric data as possible. However, information must be shared for the sake of network interoperability. The speakers will discuss gaps in privacy protection and how they can be leveraged to expose who you are, your location, and the privacy of those in contact with you.

Demonstrations will reveal how location data can be augmented and used in several fashions. First, the speakers will show how information can be leveraged to develop fairly accurate physical boundaries of a particular mobile switching center and how this information changes over time. Second, the speakers will overlay cellular tower data to depict coverage in a particular mobile switching center. Next, the speakers will demonstrate how to visualize an individual traveling across adjacent mobile switching centers and the cell towers they are likely to associate with. Finally, the speakers will demonstrate how known location values for many subscribers can reveal location information for handsets where location information can't be obtained directly.

Lastly, the speakers will elaborate on mitigation strategies for these attacks at the subscriber level and potential mitigation strategies for the provider level.


Presenters:

Links:

Similar Presentations: