SlideShare una empresa de Scribd logo

festival ICT 2013: Mobile Network Security: stato dell’arte e oltre

festival ICT 2016
festival ICT 2016
Tecnología
1 de 36
Descargar para leer sin conexión
Mobile Network Security: stato dell’arte ed oltre Festival Della Tecnologia ICT Milano, 18.09.2013 Version: 1.0 Author: L. Bongiorni Responsible: L. Bongiorni Date: 18.09.2013 Confidentiality Class: Public
© 2013 SEC Consult– All rights reserved SEC Consult– Who we are Canada India Singapore SEC Consult Office SEC Consult Headquarter Other SEC Consult Clients Lithuania Germany Austria Central and Easter Europe •  Leading international application security consultancy •  Founded 2002 •  Headquarters near Vienna, Austria •  Delivery Centers in Austria, Germany, Lithuania and Singapore •  Strong customer base in Central and Eastern Europe •  Increasing customer base of clients with global business (esp. out of Top-10 US and European software vendors) •  35+ application security experts •  Industry focus banks, software vendors, government USA 2
© 2013 SEC Consult– All rights reserved 3 Luca Bongiorni ü  Security Consultant ü  Telco Enthusiast ü  Interests: break stuff , lockpicking & collect PayPhones Work at . . . ! !a company Who am I
© 2013 SEC Consult– All rights reserved La Rete GSM 4 A tutt'oggi, sebbene progettualmente datato (1987), lo standard di radio- comunicazione cellulare più diffuso al mondo è il GSM (Global System for Mobile Communications), esso conta, infatti, oltre 4.4 miliardi di utenti in più di 200 stati. Esso ha garantito negli anni, la possibilità di comunicare mantenendo un'efficiente mobilità, grazie la quale è massivamente utilizzato non solo dalla gente comune, ma anche da criminali ed organizzazioni terroristiche.
© 2013 SEC Consult– All rights reserved Negli ultimi 5 anni un gran numero di Progetti OpenSource ed Attacchi Pratici sono stati resi pubblici… GSM + OpenSource == FUN Um Passive Sniffing A5/1 Cracking Um Active MITM RachDoS IMSI-Detach GPRS Sniffing 5
© 2013 SEC Consult– All rights reserved •  IMSI-Catcher: • Known Victim Mode (Italia) • GPRS & Data Connections •  GPRS Passive Sniffing: • XXXXX (EU Nation 1) • Wind (Italia) • XXXXX (EU Nation 2) •  What’s Next?! • GSM-R (Catching & DoSsing) Alcuni Casi di Studio… 6
© 2013 SEC Consult– All rights reserved 7 Vulnerabilità Architetturali Sfruttate •  No Mutua Autenticazione o  La rete autentica la MS e non viceversa • Mobilità degli utenti o  Il segnale più forte vince (Cell Selection e Reselection) o  Location Update forzato (if LACPLMN != LACIMSI-Catcher then swtich to IMSI-Catcher) • La Cifratura è Opzionale o  A5/0 No Encryption
© 2013 SEC Consult– All rights reserved Prototipo Lab’s Configuration IMSI-Catcher: Il Prototipo 8
© 2013 SEC Consult– All rights reserved Location Disclosure Catch-and-Relay CallerID vittima Lista Città ed IMSI Local Area Known Victim Mode (Italia) 9
© 2013 SEC Consult– All rights reserved 10 Known Victim Mode (Italia): Location Disclosure
© 2013 SEC Consult– All rights reserved + CRO = 63 (max) + T3212 = 0 11 Known Victim Mode (Italia): Catch & Relay
© 2013 SEC Consult– All rights reserved • Spoofing CallerID • Intercettazione Chiamate ed SMS in uscita • Dirottamento Chiamate d’Emergenza Qualche Risultato… 12
© 2013 SEC Consult– All rights reserved What happens if we JAM the UMTS & LTE frequencies?! Le GSM: “Welcome back my dear” Le UE: “Nice to meet you again sir GSM” 13 Interoperabilità con UMTS & LTE
© 2013 SEC Consult– All rights reserved 14
© 2013 SEC Consult– All rights reserved E’ una Picocella commerciale sviluppata da ip.Access 100% compatibile con OpenBSC (software OpenSource) GPRS [the newest one, also EDGE] Encryption A5/1 – A5/2IP connection PoE powered PCS band (1900 MHz) Welcome home IMSI-Catcher 2.0 15
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Attacchi Man-In-The-Middle verso interessanti ME! • Video Poker • Point-Of-Sale • Smart Meters • SCADA Remote Stations • Mobile HotSpots A quale scopo?! Principalmente tutti gli attacchi disponibili tramite TCP/IP! •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 16
© 2013 SEC Consult– All rights reserved Esempio: Point-Of-Sale 2G (test preliminare) 17
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! • Video Poker•  Point-Of-Sale • Smart Meters • SCADA Remote Stations • Mobile HotSpots A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 18 2G Antenna •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! •  Point-Of-Sale • Smart Meters • SCADA Remote Stations • Mobile HotSpots A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 19 • Video Poker •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! •  Point-Of-Sale • SCADA Remote Stations • Mobile HotSpots A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 20 • Video Poker • Smart Meters •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! IMSI-Catcher 2.0 for Fun & Profit 21 • Smart Meters •  Point-Of-Sale • SCADA Remote Stations • Mobile HotSpots • Alarm Systems • Video Poker •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! IMSI-Catcher 2.0 for Fun & Profit 22 • Smart Meters •  Point-Of-Sale • SCADA Remote Stations • Alarm Systems • Video Poker •  Mobile HotSpots •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
© 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! IMSI-Catcher 2.0 for Fun & Profit 23 • Smart Meters •  Point-Of-Sale • SCADA Remote Stations • Video Poker •  Mobile HotSpots •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?! • Alarm Systems
© 2013 SEC Consult– All rights reserved Catturare ed Intercettare un modem LTE 24
© 2013 SEC Consult– All rights reserved “GPRS Intercept Wardriving phone networks” by Nohl & Melette, 2011 They patched OsmocomBB and developed GPRSDecode to analyze GPRS packets. http://tinyurl.com/gprs-nohl-slides Alcuni Casi di Studio... GPRS Passive Sniffing 25
© 2013 SEC Consult– All rights reserved Col fine di stimolare traffico dati, é stato utilizzato un vecchio modem GPRS Telit MG-10. Come sniffer invece, un Pirelli DP-L10 con un firmware ad-hoc basato su Osmocom-BB. GPRS Passive Sniffing XXXXX (EU Nation 1) 26
© 2013 SEC Consult– All rights reserved 27 GPRS Passive Sniffing Wind (Italia)
© 2013 SEC Consult– All rights reserved 28 GPRS Passive Sniffing Wind (Italia)
© 2013 SEC Consult– All rights reserved 29 GPRS Passive Sniffing Wind (Italia) Analisi del 14/09/2013 del canale ARFCN 983 (222-88 – Wind Italia)
© 2013 SEC Consult– All rights reserved Quale tipologia di sevizio potrebbe utilizzare le reti cellulari come mezzo di comunicazione? GPRS Passive Sniffing: XXXXX (EU Nation 2) 30
© 2013 SEC Consult– All rights reserved “Securing your World. G4S is the world’s leading international security solutions group” From http://www.g4s.com/ GPRS Passive Sniffing: XXXXX (EU Nation 2) 31
© 2013 SEC Consult– All rights reserved What’s Next?: GSM-R Catching 32
© 2013 SEC Consult– All rights reserved 33 What’s Next?: GSM-R DoSsing
© 2013 SEC Consult– All rights reserved Fine 34
© 2013 SEC Consult– All rights reserved Bibliografia & Link 35 http://www.openbts.org http://openbsc.osmocom.org http://bb.osmocom.org https://srlabs.de/gprs http://tinyurl.com/gprs-nohl-slides http://www.youtube.com/watch?v=vqjnhKYEDs0 http://patentscope.wipo.int/search/en/WO2008104739 http://www.tombom.co.uk/blog/?p=262 http://www.etsi.org/deliver/etsi_ts/ 101100_101199/101181/08.05.00_60/ts_101181v080500p.pdf Ringrazio le community di OpenBTS & Osmocom e tutti i ricercatori che hanno reso le reti cellulari piú interessanti!
© 2013 SEC Consult– All rights reserved Contatti Mooslackengasse 17 A-1190 Vienna Austria Tel: +43 (0)1 890 30 43-0 Fax: +43 (0)1 890 30 43-15 Email: office@sec-consult.com www.sec-consult.com Austria Saulėtekio al. 15, LT-10224, Vilnius Lituania Tel: +370 671 84203 Email: l.bongiorni@sec-consult.com Email: office-vilnius@sec-consult.com www.sec-consult.com Lituania 36

Recomendados

LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Siddharth Rao
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherShakacon
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoTPriyanka Aash
 
Ict encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiIct encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiPrivateWave Italia SpA
 
NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)Opposing Force S.r.l.
 
PrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateWave Italia SpA
 
Lte security concepts and design considerations
Lte security concepts and design considerationsLte security concepts and design considerations
Lte security concepts and design considerationsMary McEvoy Carroll
 

Recomendados

LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities
Unblocking Stollen Mobile Phones using SS7-MaP vulnerabilities Siddharth Rao
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherShakacon
 
Exfiltrating Data through IoT
Exfiltrating Data through IoTExfiltrating Data through IoT
Exfiltrating Data through IoTPriyanka Aash
 
Ict encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiIct encryption agt_fabio_pietrosanti
Ict encryption agt_fabio_pietrosantiPrivateWave Italia SpA
 
NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)Opposing Force S.r.l.
 
PrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateGSM - Voice Encryption Technical Overview
PrivateGSM - Voice Encryption Technical OverviewPrivateWave Italia SpA
 
Lte security concepts and design considerations
Lte security concepts and design considerationsLte security concepts and design considerations
Lte security concepts and design considerationsMary McEvoy Carroll
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection SystemLuca Bongiorni
 
Allan Adkins, GNOC Tech I
Allan Adkins, GNOC Tech IAllan Adkins, GNOC Tech I
Allan Adkins, GNOC Tech IAllan Adkins
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90dhape01
 
Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Xura
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Mohamed Tharwat Waheed
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...Xura
 
Practical security testing for lte networks
Practical security testing for lte networksPractical security testing for lte networks
Practical security testing for lte networksPfedya
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceNISIInstituut
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Olga Kochetova
 
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015COIICV
 
Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Antonio Sanz Alcober
 
LoRaWAN Security Webinar
LoRaWAN Security WebinarLoRaWAN Security Webinar
LoRaWAN Security WebinarActility
 
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Mary McEvoy Carroll
 
Cours NFC 2019
Cours NFC 2019Cours NFC 2019
Cours NFC 2019Anne-Marie Lesas
 
Secuvoice SNS - Christoff Erdman
Secuvoice SNS - Christoff ErdmanSecuvoice SNS - Christoff Erdman
Secuvoice SNS - Christoff ErdmanFox-IT
 
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingVi Tính Hoàng Nam
 
Mobile Network Attack Evolution
Mobile Network Attack EvolutionMobile Network Attack Evolution
Mobile Network Attack EvolutionPositive Hack Days
 
[CB16] Keynote: How much security is too much? by Karsten Nohl
[CB16] Keynote: How much security is too much? by Karsten Nohl[CB16] Keynote: How much security is too much? by Karsten Nohl
[CB16] Keynote: How much security is too much? by Karsten NohlCODE BLUE
 
HTTP cookie hijacking in the wild: security and privacy implications
HTTP cookie hijacking in the wild: security and privacy implicationsHTTP cookie hijacking in the wild: security and privacy implications
HTTP cookie hijacking in the wild: security and privacy implicationsPriyanka Aash
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark BasicsYoram Orzach
 
Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkP1Security
 

Más contenido relacionado

La actualidad más candente

iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection SystemLuca Bongiorni
 
Allan Adkins, GNOC Tech I
Allan Adkins, GNOC Tech IAllan Adkins, GNOC Tech I
Allan Adkins, GNOC Tech IAllan Adkins
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90dhape01
 
Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Xura
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Mohamed Tharwat Waheed
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...Xura
 
Practical security testing for lte networks
Practical security testing for lte networksPractical security testing for lte networks
Practical security testing for lte networksPfedya
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceNISIInstituut
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Olga Kochetova
 
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015COIICV
 
Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Antonio Sanz Alcober
 
LoRaWAN Security Webinar
LoRaWAN Security WebinarLoRaWAN Security Webinar
LoRaWAN Security WebinarActility
 
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Mary McEvoy Carroll
 
Secuvoice SNS - Christoff Erdman
Secuvoice SNS - Christoff ErdmanSecuvoice SNS - Christoff Erdman
Secuvoice SNS - Christoff ErdmanFox-IT
 

La actualidad más candente (15)

iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
 
Allan Adkins, GNOC Tech I
Allan Adkins, GNOC Tech IAllan Adkins, GNOC Tech I
Allan Adkins, GNOC Tech I
 
Forti gate 90d
Forti gate 90dForti gate 90d
Forti gate 90d
 
Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...Signaling network vulnerabilities exposed, protection strategies for operator...
Signaling network vulnerabilities exposed, protection strategies for operator...
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)
 
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
LTE Masterclass: “Signaling network vulnerabilities and protection strategies...
 
Practical security testing for lte networks
Practical security testing for lte networksPractical security testing for lte networks
Practical security testing for lte networks
 
Cybersecurity and continuous intelligence
Cybersecurity and continuous intelligenceCybersecurity and continuous intelligence
Cybersecurity and continuous intelligence
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
 
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
Antonio Sanz. S2Grupo. Ciberamenazas. Semanainformatica.com 2015
 
Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?Ciberamenazas - ¿A qué nos enfrentamos?
Ciberamenazas - ¿A qué nos enfrentamos?
 
LoRaWAN Security Webinar
LoRaWAN Security WebinarLoRaWAN Security Webinar
LoRaWAN Security Webinar
 
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1Secure from go: Stoke Guide to Securing LTE Networks from Day 1
Secure from go: Stoke Guide to Securing LTE Networks from Day 1
 
Cours NFC 2019
Cours NFC 2019Cours NFC 2019
Cours NFC 2019
 
Secuvoice SNS - Christoff Erdman
Secuvoice SNS - Christoff ErdmanSecuvoice SNS - Christoff Erdman
Secuvoice SNS - Christoff Erdman
 

Destacado

Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingVi Tính Hoàng Nam
 
Mobile Network Attack Evolution
Mobile Network Attack EvolutionMobile Network Attack Evolution
Mobile Network Attack EvolutionPositive Hack Days
 
[CB16] Keynote: How much security is too much? by Karsten Nohl
[CB16] Keynote: How much security is too much? by Karsten Nohl[CB16] Keynote: How much security is too much? by Karsten Nohl
[CB16] Keynote: How much security is too much? by Karsten NohlCODE BLUE
 
HTTP cookie hijacking in the wild: security and privacy implications
HTTP cookie hijacking in the wild: security and privacy implicationsHTTP cookie hijacking in the wild: security and privacy implications
HTTP cookie hijacking in the wild: security and privacy implicationsPriyanka Aash
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 

Destacado (6)

Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijacking
 
Mobile Network Attack Evolution
Mobile Network Attack EvolutionMobile Network Attack Evolution
Mobile Network Attack Evolution
 
[CB16] Keynote: How much security is too much? by Karsten Nohl
[CB16] Keynote: How much security is too much? by Karsten Nohl[CB16] Keynote: How much security is too much? by Karsten Nohl
[CB16] Keynote: How much security is too much? by Karsten Nohl
 
HTTP cookie hijacking in the wild: security and privacy implications
HTTP cookie hijacking in the wild: security and privacy implicationsHTTP cookie hijacking in the wild: security and privacy implications
HTTP cookie hijacking in the wild: security and privacy implications
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 

Similar a festival ICT 2013: Mobile Network Security: stato dell’arte e oltre

Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkP1Security
 
4G to 5G: New Attacks
4G to 5G: New Attacks4G to 5G: New Attacks
4G to 5G: New Attacks3G4G
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Intercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT HackingIntercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT Hacking📡 Sebastien Dudek
 
Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...EC-Council
 
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdfD2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdff2po1
 
Decoding the IoT Ecosystem
Decoding the IoT EcosystemDecoding the IoT Ecosystem
Decoding the IoT EcosystemMarc Nader
 
Internet of things - what is really happening
Internet of things - what is really happeningInternet of things - what is really happening
Internet of things - what is really happeningThor Henning Hetland
 
Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)
Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)
Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)Thierry Lestable
 
SMEC ICT Business Division
SMEC ICT Business DivisionSMEC ICT Business Division
SMEC ICT Business DivisionHarry Sohn
 
Hack.lu 2016 - 2G and 3G intercom hacking
Hack.lu 2016 - 2G and 3G intercom hackingHack.lu 2016 - 2G and 3G intercom hacking
Hack.lu 2016 - 2G and 3G intercom hacking📡 Sebastien Dudek
 
Synacktiv mobile communications attacks
Synacktiv mobile communications attacksSynacktiv mobile communications attacks
Synacktiv mobile communications attacks📡 Sebastien Dudek
 
Troopers NGI 2019 - Modmobtools and tricks
Troopers NGI 2019 - Modmobtools and tricksTroopers NGI 2019 - Modmobtools and tricks
Troopers NGI 2019 - Modmobtools and tricks📡 Sebastien Dudek
 
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...Gerardo Pardo-Castellote
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 
Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...
Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...
Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...Alan Quayle
 

Similar a festival ICT 2013: Mobile Network Security: stato dell’arte e oltre (20)

Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN network
 
Worldwide attacks on SS7 network
Worldwide attacks on SS7 networkWorldwide attacks on SS7 network
Worldwide attacks on SS7 network
 
33c3 - 2G and 3G intercom attacks
33c3 - 2G and 3G intercom attacks33c3 - 2G and 3G intercom attacks
33c3 - 2G and 3G intercom attacks
 
4G to 5G: New Attacks
4G to 5G: New Attacks4G to 5G: New Attacks
4G to 5G: New Attacks
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol review
 
Intercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT HackingIntercoms presentation OSSIR - IoT Hacking
Intercoms presentation OSSIR - IoT Hacking
 
Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...
 
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdfD2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
 
Decoding the IoT Ecosystem
Decoding the IoT EcosystemDecoding the IoT Ecosystem
Decoding the IoT Ecosystem
 
RCS Demo HackingTeam
RCS Demo HackingTeam RCS Demo HackingTeam
RCS Demo HackingTeam
 
Internet of things - what is really happening
Internet of things - what is really happeningInternet of things - what is really happening
Internet of things - what is really happening
 
Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)
Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)
Isep m2 m - iot - course 1 - update 2013 - 09122013 - part 2 - v(0.5)
 
SMEC ICT Business Division
SMEC ICT Business DivisionSMEC ICT Business Division
SMEC ICT Business Division
 
Hack.lu 2016 - 2G and 3G intercom hacking
Hack.lu 2016 - 2G and 3G intercom hackingHack.lu 2016 - 2G and 3G intercom hacking
Hack.lu 2016 - 2G and 3G intercom hacking
 
Synacktiv mobile communications attacks
Synacktiv mobile communications attacksSynacktiv mobile communications attacks
Synacktiv mobile communications attacks
 
IoT M2M Connectivity Insights from Patents
IoT M2M Connectivity Insights from PatentsIoT M2M Connectivity Insights from Patents
IoT M2M Connectivity Insights from Patents
 
Troopers NGI 2019 - Modmobtools and tricks
Troopers NGI 2019 - Modmobtools and tricksTroopers NGI 2019 - Modmobtools and tricks
Troopers NGI 2019 - Modmobtools and tricks
 
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
OMG DDS Security Submission Presentation (September 2013 - 6th Revised Submis...
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 )
 
Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...
Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...
Practical Experiences of Multi-Operator Neutral Hosting James Body, TADSummit...
 

Más de festival ICT 2016

Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...festival ICT 2016
 
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...festival ICT 2016
 
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015festival ICT 2016
 
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...festival ICT 2016
 
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...festival ICT 2016
 
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...festival ICT 2016
 
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...festival ICT 2016
 
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015festival ICT 2016
 
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...festival ICT 2016
 
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015festival ICT 2016
 
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015festival ICT 2016
 
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...festival ICT 2016
 
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015festival ICT 2016
 
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...festival ICT 2016
 
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...festival ICT 2016
 
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...festival ICT 2016
 
Web e privacy, le nuove regole per i cookies - festival ICT 2015
Web e privacy, le nuove regole per i cookies - festival ICT 2015Web e privacy, le nuove regole per i cookies - festival ICT 2015
Web e privacy, le nuove regole per i cookies - festival ICT 2015festival ICT 2016
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...festival ICT 2016
 
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution... Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...festival ICT 2016
 
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...festival ICT 2016
 

Más de festival ICT 2016 (20)

Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
Migliorare il cash flow della propria azienda e dei propri clienti: i benefic...
 
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
Criticità per la protezione dei dati personali connesse all’utilizzo di dispo...
 
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
Lo Zen e l'arte dell'UX Design Mobile - by Synesthesia - festival ICT 2015
 
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
The Web Advisor: restare vivi e aggiornati nel business digitale - festival I...
 
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
Favorire lo sviluppo di applicazioni native Cloud: lo Smart SaaS Program - by...
 
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
I vantaggi di un’infrastruttura unica nell’erogazione dei servizi IT networke...
 
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...LibreOffice: software libero e formati standard - by LibreItalia - festival I...
LibreOffice: software libero e formati standard - by LibreItalia - festival I...
 
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
Come rendere più collaborative le tue riunioni - by Epson - festival ICT 2015
 
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
Case Study TWT: North Sails ha rivoluzionato il modo di lavorare - by TWT - f...
 
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
Il mio ufficio è sempre con me. E il tuo? - by TWT - festival ICT 2015
 
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
Non adeguatevi al Cloud - by Clouditalia - festival ICT 2015
 
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
Impatto privacy della video analisi nei sistemi di video sorveglianza intelli...
 
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
Web reputation, le verità nascoste dell’identità digitale - festival ICT 2015
 
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
Privacy e non profit online: profilazioni digitali di donatori e aderenti nel...
 
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
L'importanza del controllo nelle operazioni di Data Wiping - Sprint Computer ...
 
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
Il dato è tratto: il lato B della mobilità tra privacy e reati informatici - ...
 
Web e privacy, le nuove regole per i cookies - festival ICT 2015
Web e privacy, le nuove regole per i cookies - festival ICT 2015Web e privacy, le nuove regole per i cookies - festival ICT 2015
Web e privacy, le nuove regole per i cookies - festival ICT 2015
 
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
Il paradigma UCaaS: come migliorare i processi di business dell’azienda attra...
 
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution... Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
Nuvole e metallo: Infrastruttura e servizi Cloud based - by Hosting Solution...
 
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
Definire, configurare ed implementare soluzioni scalabili su sistemi di Cloud...
 

Último

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Último (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

festival ICT 2013: Mobile Network Security: stato dell’arte e oltre

  • 1. Mobile Network Security: stato dell’arte ed oltre Festival Della Tecnologia ICT Milano, 18.09.2013 Version: 1.0 Author: L. Bongiorni Responsible: L. Bongiorni Date: 18.09.2013 Confidentiality Class: Public
  • 2. © 2013 SEC Consult– All rights reserved SEC Consult– Who we are Canada India Singapore SEC Consult Office SEC Consult Headquarter Other SEC Consult Clients Lithuania Germany Austria Central and Easter Europe •  Leading international application security consultancy •  Founded 2002 •  Headquarters near Vienna, Austria •  Delivery Centers in Austria, Germany, Lithuania and Singapore •  Strong customer base in Central and Eastern Europe •  Increasing customer base of clients with global business (esp. out of Top-10 US and European software vendors) •  35+ application security experts •  Industry focus banks, software vendors, government USA 2
  • 3. © 2013 SEC Consult– All rights reserved 3 Luca Bongiorni ü  Security Consultant ü  Telco Enthusiast ü  Interests: break stuff , lockpicking & collect PayPhones Work at . . . ! !a company Who am I
  • 4. © 2013 SEC Consult– All rights reserved La Rete GSM 4 A tutt'oggi, sebbene progettualmente datato (1987), lo standard di radio- comunicazione cellulare più diffuso al mondo è il GSM (Global System for Mobile Communications), esso conta, infatti, oltre 4.4 miliardi di utenti in più di 200 stati. Esso ha garantito negli anni, la possibilità di comunicare mantenendo un'efficiente mobilità, grazie la quale è massivamente utilizzato non solo dalla gente comune, ma anche da criminali ed organizzazioni terroristiche.
  • 5. © 2013 SEC Consult– All rights reserved Negli ultimi 5 anni un gran numero di Progetti OpenSource ed Attacchi Pratici sono stati resi pubblici… GSM + OpenSource == FUN Um Passive Sniffing A5/1 Cracking Um Active MITM RachDoS IMSI-Detach GPRS Sniffing 5
  • 6. © 2013 SEC Consult– All rights reserved •  IMSI-Catcher: • Known Victim Mode (Italia) • GPRS & Data Connections •  GPRS Passive Sniffing: • XXXXX (EU Nation 1) • Wind (Italia) • XXXXX (EU Nation 2) •  What’s Next?! • GSM-R (Catching & DoSsing) Alcuni Casi di Studio… 6
  • 7. © 2013 SEC Consult– All rights reserved 7 Vulnerabilità Architetturali Sfruttate •  No Mutua Autenticazione o  La rete autentica la MS e non viceversa • Mobilità degli utenti o  Il segnale più forte vince (Cell Selection e Reselection) o  Location Update forzato (if LACPLMN != LACIMSI-Catcher then swtich to IMSI-Catcher) • La Cifratura è Opzionale o  A5/0 No Encryption
  • 8. © 2013 SEC Consult– All rights reserved Prototipo Lab’s Configuration IMSI-Catcher: Il Prototipo 8
  • 9. © 2013 SEC Consult– All rights reserved Location Disclosure Catch-and-Relay CallerID vittima Lista Città ed IMSI Local Area Known Victim Mode (Italia) 9
  • 10. © 2013 SEC Consult– All rights reserved 10 Known Victim Mode (Italia): Location Disclosure
  • 11. © 2013 SEC Consult– All rights reserved + CRO = 63 (max) + T3212 = 0 11 Known Victim Mode (Italia): Catch & Relay
  • 12. © 2013 SEC Consult– All rights reserved • Spoofing CallerID • Intercettazione Chiamate ed SMS in uscita • Dirottamento Chiamate d’Emergenza Qualche Risultato… 12
  • 13. © 2013 SEC Consult– All rights reserved What happens if we JAM the UMTS & LTE frequencies?! Le GSM: “Welcome back my dear” Le UE: “Nice to meet you again sir GSM” 13 Interoperabilità con UMTS & LTE
  • 14. © 2013 SEC Consult– All rights reserved 14
  • 15. © 2013 SEC Consult– All rights reserved E’ una Picocella commerciale sviluppata da ip.Access 100% compatibile con OpenBSC (software OpenSource) GPRS [the newest one, also EDGE] Encryption A5/1 – A5/2IP connection PoE powered PCS band (1900 MHz) Welcome home IMSI-Catcher 2.0 15
  • 16. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Attacchi Man-In-The-Middle verso interessanti ME! • Video Poker • Point-Of-Sale • Smart Meters • SCADA Remote Stations • Mobile HotSpots A quale scopo?! Principalmente tutti gli attacchi disponibili tramite TCP/IP! •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 16
  • 17. © 2013 SEC Consult– All rights reserved Esempio: Point-Of-Sale 2G (test preliminare) 17
  • 18. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! • Video Poker•  Point-Of-Sale • Smart Meters • SCADA Remote Stations • Mobile HotSpots A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 18 2G Antenna •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
  • 19. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! •  Point-Of-Sale • Smart Meters • SCADA Remote Stations • Mobile HotSpots A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 19 • Video Poker •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
  • 20. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! •  Point-Of-Sale • SCADA Remote Stations • Mobile HotSpots A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! • Alarm Systems IMSI-Catcher 2.0 for Fun & Profit 20 • Video Poker • Smart Meters •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
  • 21. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! IMSI-Catcher 2.0 for Fun & Profit 21 • Smart Meters •  Point-Of-Sale • SCADA Remote Stations • Mobile HotSpots • Alarm Systems • Video Poker •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
  • 22. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! IMSI-Catcher 2.0 for Fun & Profit 22 • Smart Meters •  Point-Of-Sale • SCADA Remote Stations • Alarm Systems • Video Poker •  Mobile HotSpots •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?!
  • 23. © 2013 SEC Consult– All rights reserved Cosa potremmo mai farci?! Uhm… Man-In-The-Middle Attacks verso interessanti ME! A quale scopo? Principalmente tutti gli attacchi disponibili tramite TCP/IP! IMSI-Catcher 2.0 for Fun & Profit 23 • Smart Meters •  Point-Of-Sale • SCADA Remote Stations • Video Poker •  Mobile HotSpots •  Sniffing communications (e.g. Wireshark + SSLstrip) •  Hijacking trusted connections (e.g. Stealing Credentials) •  Deploying malicious software (e.g. Squid + Metasploit) •  Malware Analysis •  Protocol Analysis •  Etc. What about UMTS and LTE?! • Alarm Systems
  • 24. © 2013 SEC Consult– All rights reserved Catturare ed Intercettare un modem LTE 24
  • 25. © 2013 SEC Consult– All rights reserved “GPRS Intercept Wardriving phone networks” by Nohl & Melette, 2011 They patched OsmocomBB and developed GPRSDecode to analyze GPRS packets. http://tinyurl.com/gprs-nohl-slides Alcuni Casi di Studio... GPRS Passive Sniffing 25
  • 26. © 2013 SEC Consult– All rights reserved Col fine di stimolare traffico dati, é stato utilizzato un vecchio modem GPRS Telit MG-10. Come sniffer invece, un Pirelli DP-L10 con un firmware ad-hoc basato su Osmocom-BB. GPRS Passive Sniffing XXXXX (EU Nation 1) 26
  • 27. © 2013 SEC Consult– All rights reserved 27 GPRS Passive Sniffing Wind (Italia)
  • 28. © 2013 SEC Consult– All rights reserved 28 GPRS Passive Sniffing Wind (Italia)
  • 29. © 2013 SEC Consult– All rights reserved 29 GPRS Passive Sniffing Wind (Italia) Analisi del 14/09/2013 del canale ARFCN 983 (222-88 – Wind Italia)
  • 30. © 2013 SEC Consult– All rights reserved Quale tipologia di sevizio potrebbe utilizzare le reti cellulari come mezzo di comunicazione? GPRS Passive Sniffing: XXXXX (EU Nation 2) 30
  • 31. © 2013 SEC Consult– All rights reserved “Securing your World. G4S is the world’s leading international security solutions group” From http://www.g4s.com/ GPRS Passive Sniffing: XXXXX (EU Nation 2) 31
  • 32. © 2013 SEC Consult– All rights reserved What’s Next?: GSM-R Catching 32
  • 33. © 2013 SEC Consult– All rights reserved 33 What’s Next?: GSM-R DoSsing
  • 34. © 2013 SEC Consult– All rights reserved Fine 34
  • 35. © 2013 SEC Consult– All rights reserved Bibliografia & Link 35 http://www.openbts.org http://openbsc.osmocom.org http://bb.osmocom.org https://srlabs.de/gprs http://tinyurl.com/gprs-nohl-slides http://www.youtube.com/watch?v=vqjnhKYEDs0 http://patentscope.wipo.int/search/en/WO2008104739 http://www.tombom.co.uk/blog/?p=262 http://www.etsi.org/deliver/etsi_ts/ 101100_101199/101181/08.05.00_60/ts_101181v080500p.pdf Ringrazio le community di OpenBTS & Osmocom e tutti i ricercatori che hanno reso le reti cellulari piú interessanti!
  • 36. © 2013 SEC Consult– All rights reserved Contatti Mooslackengasse 17 A-1190 Vienna Austria Tel: +43 (0)1 890 30 43-0 Fax: +43 (0)1 890 30 43-15 Email: office@sec-consult.com www.sec-consult.com Austria Saulėtekio al. 15, LT-10224, Vilnius Lituania Tel: +370 671 84203 Email: l.bongiorni@sec-consult.com Email: office-vilnius@sec-consult.com www.sec-consult.com Lituania 36