Feeds

Voda: Femtocell phone-hacking vuln was fixed in 2010

News International scandal stirs interest in old backdoor

Boost IT visibility and business value

Vodafone said that claims of a vulnerability involving its femtotell base station technology relate to a flaw it fixed a year ago.

Security shortcomings in Vodafone's femtocell signal booster technology create a possible means for hacker to intercept calls or impersonate users that connect via a compromised device, The Hacker's Choice (THC) claims. THC claims to have reverse-engineered allegedly insecure base station kit, so turning hacked femtocells into an interception device in the process. The bug ultimately stems from default root passwords on a insecure device console.

The research was first published in a blog on Tuesday, rapidly reaching notoriety in the process. In a statement, Vodafone said that the underlying security bug was actually fixed as long ago as last year.

Overnight on July 12, a claim appeared that hackers had found security loopholes in Vodafone Sure Signal which could compromise the security of Vodafone's network. This is untrue: the Vodafone network has not been compromised.

The claims regarding Vodafone Sure Signal, which is a signal booster used indoors, relate to a vulnerability that was detected at the start of 2010. A security patch was issued a few weeks later automatically to all Sure Signal boxes. As a result, Vodafone Sure Signal customers do not need to take any action to secure their device. We monitor the security of all of our products and services on an ongoing basis and will continue to do so.

It seems that the flaw involve relates to a bug publicised at the time that has since become more noteworthy – partly because of the ongoing News International voicemail hacking scandal. THC's website was private last year, but opened up to the public earlier this week. ®

The Essential Guide to IT Transformation

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
Bring back error correction, say Danish 'net boffins
We don't need no steenkin' TCP/IP retransmission and the congestion it causes
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
What FTC lawsuit? T-Mobile US touts 10GB, $100 family-of-4 plan
Folks 'could use that money for more important things' says CEO Legere
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.