0.25
0.5
0.75
1.25
1.5
1.75
2
The Phonebusters
Published on Jan 15, 20152522 Views
Related categories
Chapter list
The Phonebusters00:00
Kidz, don't try this at home!00:26
Data on a SIM card - 101:05
Data on a SIM card - 201:45
Data on a SIM card - 302:08
Data on a SIM card - 402:47
Busted! - 103:31
Spoofing the identity of SMS sender03:35
Sending of SMS “from” arbitrary number - 103:52
Sending of SMS “from” arbitrary number - 204:51
Busted! - 205:07
Spoofing the identity of a caller05:10
Calling with arbitrary caller ID - 105:45
Calling with arbitrary caller ID - 207:09
Calling with arbitrary caller ID - 307:27
Calling with arbitrary caller ID - 408:26
Practical use11:36
Busted! - 312:23
GSM traffic security12:30
GSM security – the beginning of the story - 112:36
GSM security – the beginning of the story - 212:39
GSM security – the beginning of the story - 314:31
Some GSM basics16:09
SIM card and mobile equipent16:29
OsmocomBB20:12
Mobile phone with Calypso chipset...20:31
...and OsmocomBB firmware22:11
Loading romloader22:28
Base station scan...23:00
GSM traffic analysis...23:23
Security analysis of slovenian GSM networks24:08
Use of encryption - Mobitel - 124:59
Use of encryption - Mobitel - 225:09
Use of encryption - Mobitel - 325:43
Use of encryption - Simobil - 126:02
Use of encryption - Simobil - 226:15
Use of encryption - Tušmobil27:09
Cryptanalysis if session key Kc27:16
Creating of session key Kc - 127:40
Creating of session key Kc - 228:43
Cryptanalysis of A5/129:29
Locating of user in mobile network33:01
Capture and cryptanalysis of A5/134:53
Non-random padding35:43
Random padding35:58
Cracking A5/1 session key Kc in a practice - 136:20
Cracking A5/1 session key Kc in a practice - 236:41
Busted! - 436:52
Mobile identity37:01
Mobile identity spoofing in GSM network38:04
Application mobile - 138:21
Application mobile - 239:01
Application mobile - 339:29
Mobile identity in mobile network39:45
Mobile identity spoofing39:54
Detection of TMSI number41:42
Reconstruction of Kc41:56
SIM spoof42:10
Mobile identity spoofing42:53
Busted! - 545:07
Reply from Telekom Slovenije45:21
Traffic data in data retention database45:55
What does it means for the data retention measures and eavesdropping?46:18
Software on the Witness Stand46:22
Gorenjski glas, 2. marec 200747:14
Busted! - 650:11
Mobile network security50:14
Some other attacks on mobile networks50:19
Busted! - 751:29
Mobile network authentication51:33
Problem: mobile network does not authenticate to mobile phone - 151:36
Problem: mobile network does not authenticate to mobile phone - 252:38
Problem: mobile network does not authenticate to mobile phone - 352:52
Problem: mobile network does not authenticate to mobile phone - 453:22
Problem: mobile network does not authenticate to mobile phone - 553:33
IMSI Catcher could be bought...53:57
...or we can build our own54:09
...or we can build our own (2)56:11
...or we can build our own (3)56:22
IMSI catcher detection - 156:26
IMSI catcher detection - 257:15
Busted! - 857:50
Smartphones security57:53
Main approaches to smartphone security57:58
Encrypted SMS messages: TextSecure58:42
Encrypted phone calls: RedPhone - 158:58
Encrypted phone calls: RedPhone - 259:21
Unencrypted phone call (IP telefonija)59:24
Encrypted phone call59:43
Traffic data of RedPhone calls59:46
Encrypted calls: CsipSimple and OSTN01:00:21
Encrypted instant messages: ChatSecure01:00:28
Anonymisation...01:00:31
...of voice communication on a mobile phone01:00:36
Voice communication on a mobile phone through Tor network01:00:38
Table01:01:09
Location tracking01:01:20
Location privacy - 101:01:23
Silent SMS01:01:57
Location privacy - 201:02:42
Location privacy - 301:03:53
Location privacy - 401:04:55
Busted! - 901:06:08
Attacks to internal memory - 101:06:12
Attacks to internal memory - 201:06:15
Tradeoff between security and usability01:06:31
Cold Boot attack on mobile phones - 101:08:24
Cold Boot attack on mobile phones - 201:09:58
Evil Maid attack on mobile phones - 101:10:42
Evil Maid attack on mobile phones - 201:11:32
Evil Maid attack on mobile phones - 301:11:55
Busted! - 1001:12:35
Baseband attacks01:12:38
How much processors does your mobile phone have?01:12:49
Attacks over the radio processor01:13:32
Busted! - 1101:14:18
What about using external encryption device?01:15:09
Using external, separated encryption device01:15:16
Busted! - 1201:15:47
Conclusion - 101:17:02
Conclusion - 201:17:06
Conclusion - 301:17:30
Attacks always get better; they never get worse01:18:07
Questions01:18:30