Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Seeking more info on: Devastating mobile attack under spotlight

From: Nicolas RUFF <nruff () security-labs org>
Date: Tue, 28 Nov 2006 15:49:54 +0100
There is no one vulnerability which will affect all these mobile
phones. Non.


The vulnerability is not related to the phone model or version.

The vulnerability is related to the SIM card itself. All of them are
"SIM toolkit" compliant nowadays.

http://www.gemplus.com/techno/stk/



While the data networks may not be very secure despite being controlled
networks, there is crazy security done designed for the latest
protocols. Also, the SIM card is also very secure.


Where did you get that from ... ?

AFAIK, there is at least one backdoor in SIM cards, that do allow data
recovery without knowing the PIN code (and this is not the PUK code). Of
course this has been designed for law enforcement people. Do you think
it's in the manual ?

Regards,
- Nicolas RUFF
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: