3G Security Flaw Could Let Anyone Track Your Phone
Security flaws in the code that connects your phone to 3G networks could allow anyone to track it, according to research from the University of Birmingham with collaboration from the Technical University of Berlin.
The flaws, reported by SC Magazine, involve attackers using a rooted femtocell device — a small, modified cellular base station — and performing man-in-the-middle attacks to identify a particular device.
In one instance, the attacker could force mobile devices to reveal its Temporary Mobile Subscriber Identity (TMSI), assuming the attacker knows the International Mobile Subscriber Identity (IMSI).
In another instance, the attacker could sniff a valid Authentication and Key Agreement (AKA) request from a targeted device, then send the same request to all phones in range. This would cause all devices except the target to respond with synchronization failures, thus distinguishing the desired device.
That could, for example, allow an attacker to track your movements within a building.
Attacks such as this one would require the attacker to be in the vicinity; he’d also need some easily-obtainable equipment and a relatively high degree of technical knowledge.
However, it would also be possible for an expert to simplify the process by creating hacking tools which almost anyone could use.
The researchers say they submitted these flaws to the 3G global industry watchdog, the 3GPP, about six months ago, but fixes still haven’t been implemented. The team plans to detail these flaws at the ACM Conference on Computer and Communications Security event, held Oct. 16-18 in Raleigh.