Ph0wned: Phreaking in the 21st Century

Presented at ShmooCon I (2005), Feb. 5, 2005, 11 a.m. (60 minutes)

The days of nefarious phone phreaks "were" over, but with the new age of Voice-Over-IP networks provides a new vector for security, abuse, and identity theft. While many have not seen the impact, IP Telephony is trivial to exploit and the results can be startling.

This presentation provides a basic understanding of the SIP protocol, as well as STUN, Outbound Proxy usage, and VoIP infrastructure. Strengths and weaknesses are discussed, with a focus on computer security, as well as the impact on consumers and law enforcement.

The presentation includes demonstrations of VoIP "spoofing" and the impacts of systems that rely on reverse lookups for access validation, as well as re-routing calls, unblocking caller-id, anonymous calling, identity theft, and phone spam.


Presenters:

  • Lucky225
    Lucky225 is a 21-year old telephone enthusiast who has been playing in the world of telephony since a very young age. He has presented at several conferences, including Defcon and HOPE, and has written for various magazines, including 2600, <BR> and Von Magazine. He co-hosts an internet streaming radio show called "Default Radio". He is an active member of the DDP (Digital Dawg Pound), a hacking group that produces many projects such as the Binary Revolution at www.binrev.com
  • Lance James - CTO, Secure Science Corporation
    Lance James is the Chief Technology Officer of Secure Science Corporation, a company dedicated to providing advanced technology solutions to security. He frequently lectures at Colleges throughout the San Diego area on "Security & Cryptography in Data Communications", and is currently writing "Eye Own You", a book focusing on the security implications of Neurotech. In addition, he is the creator of InvisibleNet, a distributed pseudonymous framework for real-time communication on the internet. On his off-time, he breaks stuff and plays music.

Links:

Similar Presentations: