Stories
Slash Boxes
Comments

SoylentNews is people

4G LTE Pried Open To Reveal A Slew Of New Protocol-Level Attacks

posted by Fnord666 on Tuesday March 06 2018, @03:44PM   Printer-friendly
from the good-protocols-gone-bad dept.

Arthur T Knackerbracket has found the following story:

A group of American university researchers have broken key 4G LTE protocols to generate fake messages, snoop on users, and forge user location data.

Those working on the coming 5G protocols should take note: the vulnerabilities are most worrying because they're written into the LTE protocols, and could therefore have an industry-wide impact.

Identified by Purdue University's Syed Rafiul Hussain, Shagufta Mehnaz and Elisa Bertino with the University of Iowa's Omar Chowdhury, the protocol procedures affected are:

  • Attach – the procedure that associates a subscriber device with the network (for example, when you switch the phone on);
  • Detach – occurs when you switch your device off, or if the network disconnects from the device (for example because of poor signal quality, or because the phone can't authenticate to the network); and
  • Paging – this protocol is part of call setup, to force the device to re-acquire system information, and in emergency warning applications.

The researchers' paper (PDF) describes an attack tool called LTEInspector, which the researchers said found exploitable vulnerabilities that resulted in "10 new attacks and nine prior attacks” (detecting old vulnerabilities helped the researchers validate that the new vulns were genuine).

Original Submission

 
This discussion has been archived. No new comments can be posted.
4G LTE Pried Open To Reveal A Slew Of New Protocol-Level Attacks | Log In/Create an Account | Top | 26 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by DannyB on Wednesday March 07 2018, @03:52PM

    by DannyB (5839) Subscriber Badge on Wednesday March 07 2018, @03:52PM (#649029) Journal

    Theory 1: Law enforcement has no idea how it works. (And remember, it's SECRET!) To law enforcement it is just a black box. Even if it uses stolen keys / credentials, law enforcement would be blissfully unaware. And, this would perfectly explain why no Stingray case will ever see a courtroom.

    You make a good point I had not considered about NSL's to force production of anything, even source code, or whatever it takes, to implement Stingray.

    You're probably right about incompetence rather than malice. Under theory 2, I think it would simply be incompetence. But I'm very open to it being malice if there is any evidence. I would not be one bit surprised if that were proven true.

    --
    The lower I set my standards the more accomplishments I have.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2