Dailydave mailing list archives
Re: Seeking more info on: Devastating mobile attack under spotlight
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 28 Nov 2006 18:37:13 -0600 (CST)
On Tue, 28 Nov 2006, liquidfish wrote:
The following whitepaper written by the OTA Flash Forum details some of the security considerations made for FOTA and is often used as a reference by designers of FOTA systems http://www.otaflashforum.org/documents/downloads/OTAFFwhitepaperSecurity.pdfIf you run a CDMA network on a Motorolla cell phone, and a GSM network ona Nokia, you will talk to them differently.Yes but that's like comparing layer(s) 2/3 protocol(s) with the application layer protocol (FOTA) that is being used to upgrade the phones.
It is still application specific (each phone stands on its own). Not to mention software specific with different version for each model. Each phone released has some.. 7 versions out there (could be dozens, I didn't count), not to mention country/lanugauge specific versions. Even if there is a vulnrability in FOTA as you specify, which actually, as unlikely it it would be, would affect "every" cell phone, it would still be crazy to exploit and THEN per phone. Unrelated to the process (which doesn't change, it can run on the Internet - and it does. It's a whole different level). It's crazy security, and THEN it is closed source and secret. :P (/cynical) So, unless you somehow make yourself appear to be the operator or somehow create a man in the middle situation (same as being the operator), both impossible [1], this won't happen. The guy found one vulnerability for one version (which I doubt due to the "all statement" the guy made. If true anyway, it's cool, but it's simply impossible [2] beyond that (single implementation attack). There is crazy security invested in this. You can go and read about it online. Everything is breakable, but give me a break. Gadi. 1 - Nothing is ever impossible. Let's say VERY VERY VERY hard to virtually impossible. 2 - If you have the resources of a country and can put the equivalent of hundreds of people on it, you may be able to achieve it. If you are a country, you can also introduce a backdoor if the vendor agrees/is forced, but good luck on that. Is your opponent the NSA/equivalent? _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Seeking more info on: Devastating mobile attack under spotlight, (continued)
- Re: Seeking more info on: Devastating mobile attack under spotlight Paul Wouters (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Robert Clark (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight liquidfish (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Dave Korn (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Robert Clark (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Nicolas RUFF (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Roy M. Silvernail (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Gadi Evron (Nov 28)
- Re: Seeking more info on: Devastating mobile attack under spotlight Matt Richard (Nov 28)
- Re: Seeking more info on: Devastating mobile attack under spotlight Gadi Evron (Nov 28)
- Re: Seeking more info on: Devastating mobile attack under spotlight liquidfish (Nov 28)
- Re: Seeking more info on: Devastating mobile attack under spotlight Gadi Evron (Nov 29)
- Re: Seeking more info on: Devastating mobile attack under spotlight liquidfish (Nov 29)
- Re: Seeking more info on: Devastating mobile attack under spotlight Roy M. Silvernail (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Paul Wouters (Nov 27)
- Re: Seeking more info on: Devastating mobile attack under spotlight Nicolas RUFF (Nov 28)
- Re: Seeking more info on: Devastating mobile attack under spotlight Gadi Evron (Nov 29)