Feeds

Defend your phone against loose networks? There’s an app for that

Researchers unveil ‘middlebox detection’ software

Using blade systems to cut costs and sharpen efficiencies

A group of researchers from the University of Michigan has released an Android app designed to defend against a common firewall vulnerability which they say commonly exposes smartphones on cellular networks.

The vulnerability, “off-path TCP sequence number inference”, can allow hijacking of Web pages users are trying to visit. The researchers say that some types of stateful firewalls, designed to drop packets without valid TCP sequence numbers, can be attacked by an insider that’s able to guess TCP sequence numbers of other users, and use this as the basis of a redirection.

The firewalls are common on cellular networks, the researchers say, with as many as 31.5 percent of the networks they tested using the stateful firewalls.

The researchers, Z. Morley Mao (a professor at Michigan) and doctoral student Zhiyun Qian, say that smartphones’ sandbox models can make them vulnerable to having a malware-infected machine inside the firewall read the incoming packet counters from an Android device, and let the attacker know when the sequence numbers advance. A successful attack also depends on having suitable malware on the Android phone, o as to get sequence numbers out of its sandbox.

"An attacker can try to guess at sequence numbers. It's usually hard to get feedback on whether a guessed number is correct, but the firewall middlebox makes this possible," Qian said. "The attacker can try a range of sequence numbers. The firewall will only allow one through if it is in the valid range."

A successful redirection allows the attacker to gain IDs and passwords of users on the same network. The researchers have also published a paper (PDF) describing other attack types. For example, the attacker could use TCP sequence number inference to create a spoofed IP address to perform denial-of-service on another server.

Their app, offered on Google Play, checks the firewall type on a network and alerts the user if it is vulnerable to the attack.

Mao and Qian are presenting their work at the IEEE Symposium on Security and Privacy in San Francisco. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.