We know that mobile networks can — and do — attack us on many fronts. As this talk will show, even 3G is attackable. It’s high time that we upgrade from complaining to self-defense.
Modern phones include all components necessary to block — or at least make visible — a large range of attacks including IMSI catchers, SIM exploits, and SMS attacks. The possibility of other attacks, such as passive intercept, can be inferred from measurements that normally remain hidden in a phone’s baseband.
This talk details how these secrets were unlocked through reverse-engineering of the most widely deployed baseband family. We release tools that block or alert users to many common attacks.
We also introduce and demonstrate new attack scenarios — hybrids between local and interconnect abuse — including the passive intercept and decryption of 3G traffic.