Feeds

Voda: Femtocell phone-hacking vuln was fixed in 2010

News International scandal stirs interest in old backdoor

Secure remote control for conventional and virtual desktops

Vodafone said that claims of a vulnerability involving its femtotell base station technology relate to a flaw it fixed a year ago.

Security shortcomings in Vodafone's femtocell signal booster technology create a possible means for hacker to intercept calls or impersonate users that connect via a compromised device, The Hacker's Choice (THC) claims. THC claims to have reverse-engineered allegedly insecure base station kit, so turning hacked femtocells into an interception device in the process. The bug ultimately stems from default root passwords on a insecure device console.

The research was first published in a blog on Tuesday, rapidly reaching notoriety in the process. In a statement, Vodafone said that the underlying security bug was actually fixed as long ago as last year.

Overnight on July 12, a claim appeared that hackers had found security loopholes in Vodafone Sure Signal which could compromise the security of Vodafone's network. This is untrue: the Vodafone network has not been compromised.

The claims regarding Vodafone Sure Signal, which is a signal booster used indoors, relate to a vulnerability that was detected at the start of 2010. A security patch was issued a few weeks later automatically to all Sure Signal boxes. As a result, Vodafone Sure Signal customers do not need to take any action to secure their device. We monitor the security of all of our products and services on an ongoing basis and will continue to do so.

It seems that the flaw involve relates to a bug publicised at the time that has since become more noteworthy – partly because of the ongoing News International voicemail hacking scandal. THC's website was private last year, but opened up to the public earlier this week. ®

Providing a secure and efficient Helpdesk

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.