Feeds

Malware-flingers can pwn your mobile with OVER-THE-AIR updates

German Fed-sponsored boffins: They have ways of hearing you talk

3 Big data security analytics techniques

Heavily funded spooks might be more motivated

All this trickery is complex even in the context of mobile attacks but Rupp told El Reg that such attacks already present a threat to business executives and government officials using mobile phones might be targeted by the over-the-air attacks, which threaten both corporate and official secrets.

Rupp said state-sponsored attackers are already using baseband processor attacks in airports but declined to go into details beyond saying that attacks could be carried out without the need to trick smartphones owners into opening an email or visiting a malicious website. Attacks might involve building a rogue GSM base-station from commodity hardware or run from the infrastructure of a 'co-operative" telco. It might also be possible to run attacks against baseband processors of phones using Wi-Fi or Bluetooth interfaces, according to GSMK Cryptophone.

"Once you have control over the app CPU, you can in principle use that to load any code you want from the network," Rupp explained. "Since you have already successfully escalated your privileges on the system, no user interaction is necessary."

The security tech

In response to these threats, the mobile security firm has developed a new Android-based secure mobile phone, the GSMK CryptoPhone 500. The phones incorporates GSMK's voice and message encryption technology as well as software designed to detect and block attacks against baseband processors, marketed by the firm as a Baseband Firewall.

This baseband firewall can be loosely compared to antivirus for a PC. The mobile security technology relies on behaviour and heuristics. For instance, if the baseband processor is sending out communications on radio when the CPU is quiet this would be flagged as suspicious. The technology watches memory shared between a baseband processor and the CPU of a mobile phone, in order to monitor and correlate events. Rupp said that the possibility of false alarms from the technology can't be excluded, although this possibility has been reduced by testing.

The secure mobile phone features a version of Android put together by GSMK that includes granular security management and streamlined, security-optimised components and communication stacks. A hardware module controller and permission enforcement module control access to network, data and sensors (such as the phone's camera, microphone, etc), giving users more control of individual security policies.

GSMK CryptoPhone is in talks with government and industry clients about the possibility of licensing its security enhancements on other mobile phone platforms. The GSMK CryptoPhone 500 was launched at the CeBIT trade fare in Hanover, Germany on Tuesday.

The GSMK CryptoPhone 500 is based on a modified Samsung Galaxy S3 and costs €2,400. The baseband firewall could run on any Samsung smartphone and might, with some effort, be ported to other smartphone platforms. ®

Bootnote

El Reg's Bill Ray read what GSMK had to say and remains skeptical about the level of the threat against baseband processors. "I'm not convinced it's a very big deal. It still requires an awful lot of effort and is targeted at specific hardware combinations," he said.

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.