HackDig : Dig high-quality web security articles for hacker

SIM card security workshops at OHM2013

2014-08-11 04:18

Recently discussed vulnerabilities enable remote SIM malware deployment and in some cases even remote SIM cloning. At this year’s hacker camp OHM 2013, the SRLabs team offered four SIM card security workshops.

The measurements taken at the OHM workshops confirmed that more than a quarter of European SIM cards still disclose signed error messages, of which about half can be cracked due to their use of DES. Each crack takes about two minutes with a complete set of rainbow tables on a standard computer. (At OHM, cards were tested with an incomplete set resulting in a discount in the number of actually cracked cards.)

Network operators are encouraged to upgrade their cards to AES (or 3DES) or disable the OTA functionality of vulnerable cards before criminals are able to infect SIM cards with viruses.

The OHM2013 presentation on Exploiting SIM Cards provides details on the method, test results, and mitigation options.


Source: /3102mho-epohskrow-drac-mis/ed.sbalrs

Read:1585 | Comments:0 | Tags:events research

“SIM card security workshops at OHM2013”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud