Insecure Vodafone femtocells allow eavesdropping, call fraud
Hackers have reverse engineered the femtocells used by British mobile operator Vodafone, and discovered that they can be used to eavesdrop on callers and used to fraudulently place calls and send text messages. Femtocells are being used increasingly often to provide better phone reception in areas with a weak signal. They contain short-range mobile base stations—typically with a range of 30-60 feet—paired up with Internet connections. Users within the range of the femtocell have their calls routed over a home Internet connection to the mobile operator's system.
Vodafone calls its femtocells Sure Signal . The Sure Signal costs £50, and supports up to 32 phone numbers belonging to 3G phones or Internet dongles. They can be used by any Vodafone customer, whether contracted or pay-as-you-go, with an Internet connection of 1Mbps or faster.
Security research group The Hacker's Choice took a look at how the Vodafone femtocells worked, and have discovered that they're both poorly secured and fundamentally poorly designed. A little soldering enables access to the femtocell's serial console, which is secured only by a weak, fixed password. From there, network access can be enabled, custom software can be installed and run, tamper detection can be disabled, and most significantly of all, the phone network can be attacked. The unit runs Linux, so it offers a familiar environment and easy development of custom software.
Femtocells incorporate 3G UMTS hardware, to which phones connect. UMTS connections are encrypted, which normally prevents casual eavesdropping or other misbehavior, but with the Vodafone femtocells that encryption is decrypted within the femtocell itself. The femtocell then sends the decrypted data down an encrypted connection to Vodafone's central servers. Though the encrypted connection means that the call can't be eavesdropped on by someone on the same LAN as the femtocell, the decrypted data within the femtocell itself is vulnerable and exposed to software on the femtocell. And since, thanks to the weak passwords and susceptibility to physical tampering, it's possible to install software on the femtocell that records all conversations sent through the device.
Normally femtocells are secured such that only their owners' phones will communicate with them. Vodafone's femtocell is no exception; owners have to register their phones on Vodafone's website, and each time the femtocell boots, Vodafone's network provides it with a list of phones that it's permitted to talk to. Unfortunately, this configuration too can be altered by hackers—it's just stored within an XML file on the device's filesystem—and so the femtocell can be configured to communicate with any Vodafone handset within range and allow eavesdropping on any calls placed.
Linux System Call Howto - News
So after reading this, it was time to show the world yet again that Linux is better than Windows. Duh. In the mentioned article, we showed how to integrate into Monitis database query results from a MS SQL Server. Many times while monitoring a system,
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during
The PS3 wasn't hacked for 4 years because we had Linux support which allowed countless people to experiment with the Cell processor, but as soon as they illegally removed Linux support from our PS3s, they have unleashed the developer's thirst in
Most Linux-based operating systems have much lower system requirements than Windows, meaning they should run much faster on older hardware. Indeed, even a sluggish, single-core laptop that's five or six years old can turn into a mobile powerhouse when
The decision to use the familiar Linux operating system for the unit's firmware certainly makes tampering easier—both because people know how to use it, and because it makes the runtime environment readily modifiable—but even if the hardware used
Skype: A must have tool for freelancers | Online Worker
Skype allows users to stay connected with friends, families around the world through voice call, video call and chat over internet together with instant messaging, file transfer and video conferencing by using internet. It is a software which is free to download, install and use.
Equipments required for Skype
Skype is available for Windows, Mac, and Linux systems and the particulars required for Skype to wok are: Downloading skype
First go to Skype website and download the Skype software. You will find a ‘Get Skype for windows’ green tab on the website. Clicking on this tab will take you to another page which features another green tab ‘download now’. Thereafter click it to download and install it to your system.
How to create a free acount
Once Skype software has been installed onto your desktop, the blue and white Skype icon will be present on your desktop. Click on this icon to enter the application. The next step is to create an account. Click on join option and enter or fill the form given to get the skype name and password.
How to add contacts
The next step is to add contacts of friends and family to your Skype contact list. On clicking the ‘add contact button’ you can add people you are looking for using the person’s name, email address or Skype name using the Skype toolbar. Once you find them, add them to your list. The other person must accept your contact request so both can see each other’s online and make calls.
How to connect microphone and Speaker
To make voice call or video call or video conferencing; you need to connect the speaker and microphone to the computer. Change computer settings if necessary for microphone to work or for smooth running of the device connected. Once these are connected, you are ready to make your calls.
Other uses of Skype (important for freelancers)
Skype offers some great features to use for free.
Linux System Call Howto - Bookshelf
Understanding the Linux Kernel
This chapter examines in detail how Linux implements system calls that User ... The former is a function definition that specifies how to obtain a given ...Beginning Linux Programming
Beginning Linux Programming 4th Edition Building on the success of its previous editions, this must-have guide continues its popular tutorial approach and ...Advanced Linux programming
2.2.2 System Call Failures Most of us were originally taught how to write ... Linux may block a certain system call when a program attempts to perform an ...Learning the bash Shell
With this book, programmers will learn: How to install bash as your login shell The basics of interactive shell use, including UNIX file and directory ...Linux device drivers
optimized for fast reading and, therefore, bypasses the standard library, trying to read more data with a single system call. You can see from the read ...Day-to-day Articles Directory
Linux programming – system call howto
Linux programming – system call howto. by Vivek Gite on March 23, 2007 · 0 comments ... System calls are an efficient way of traversing between user-space and the ...
Adding a System Call HowTo : $Revision: 1.5 $
Still I think it should help point you in the right direction to add and understand system calls in linux. It would be nice to bring this document ...
Kernel command using Linux system calls
Linux system calls -- we use them every day. But do you know how a system call is performed from user-space to the kernel? ...
Implementing Linux System Calls | Linux Journal
This article is based on my experiences in creating and installing a system call in Linux and how to install one interrupt vector to control the serial port. In one ...
Implementing a System Call on Linux 2.6 for i386
This HOWTO describes information about implementing system calls in the Linux operating ... This document explains how to implement a new system call on linux 2.6. ...