Black Hat USA 2013 Rolls Out SIM Card, Femtocell Hacking Talks

  /     /     /  
Publicated : 22/11/2024   Category : security


Black Hat USA 2013 Rolls Out SIM Card, Femtocell Hacking Talks


Organizers have confirmed some early details on Briefings talks



[NOTE:
Black Hat
and
Dark Reading
are both part of UBM Tech. As the key July 27th-August 1st information security event in Las Vegas approaches, well be sharing information about the show directly from its creators here on Dark Reading.]
As Julys Black Hat US in Las Vegas nears, organizers have confirmed some early details on Briefings talks, revealing brand-new breaking information about subjects as diverse as femtocell hacking, BIOS security, finding and exploiting on-chip debug interfaces, and rooting SIM cards.
First, the National Institute of Standard and Technologies (NIST) 2011 publication of 800-155 one-upped the Trusted Platform Module (TPM) PC client specification by better detailing BIOS content that should be measured to provide an adequate Static Root of Trust for Measurement (SRTM). In
BIOS Security
, John Butterworth, Corey Kallenberg, and Xeno Kovah of MITRE Corp. will show how a laptop (pre-NIST 800-155) SRTM can be manipulated, even with signed updates enabled. The trio will also demonstrate a 51-byte SRTM patch that can trick the TPM into believing the BIOS is pristine. Reflashing the BIOS may not restore the SRTMs integrity; an esoteric technique involving a timing side-channel may be needed for the BIOS to indicate its integrity.
Next up, crypto-infosec researcher Karsten Nohl will present
Rooting SIM Cards
. There are over 7 billion SIMs in active circulation, yet shockingly little is known about their security traits. It is generally believed theyre unbreakable, but this is only because theres a general belief that theyve never been known to be exploited. In his briefing, Nohl will shatter this pretense with confirmation that SIM cards, like any other computing system, are plagued by implementation and configuration bugs.
On-chip debug (OCD) interfaces are very useful, but not always easy to find. They can provide chip-level control of a target device, and are a primary vector to extract program code or data, modify memory contents, or affect device operation on the fly. In
JTAGulator: Assisted discovery of on-chip debug interfaces
, electrical engineer Joe Grand will introduce JTAGulator, a piece of open-source hardware that will help you locate OCD connections without breaking a sweat. Also expect a brief on reverse-engineering methods, the fields prior art, and in-depth info on how OCD interfaces work.
Finally - femtocells are low-power cellular base stations, often offered cheaply by mobile network operators. They use a standard Internet connection to relay CDMA phone call data to the actual cellular network, sort of like a small cell tower, and work seamlessly, so users never even know theyre connected to a femtocell rather than a typical tower. Cellular network authentication isnt easy to break, but Femtocells run Linux inside. In
I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell
iSEC Partners Tom Ritter and Doug DePerry will show you how to completely own a Femtocell, using it to intercept voice/SMS/data, attack the network, and clone a mobile device without physical access.
More information about Black Hat USA 2013, which has a
rapidly growing set of Briefings talks
, as well as a
comprehensive set of 2 and 4-day trainings
, is available now - early, reduced-rated registration
is open
until May 31st.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Black Hat USA 2013 Rolls Out SIM Card, Femtocell Hacking Talks