Beginning Studies / Cell Phones

[Coyotl]

Hello all,

I am fairly new to the board but certainly not new to computers. When the internet was first "invented" I was spamming phone numbers with Telnet just to see what I could find. I stopped programming, but recently got bit by the curiosity bug again. I'm going through the missions on the site and loving it.

Having a touch of the ADD, I also want to branch out to cell phones. My request is somewhat vague: where is a good place to start researching? If I have to narrow it down I would like to hack from an apple laptop to a iOS device (should be easier, no?) Data retrieval would be the first goal. Are there any key words I should use in my searches? CSS? Do we still call it phreaking? Any help to get me rolling would be much appreciated. I'm usually good at following the trail once I'm on it.

Thanks.

-C

[hellow533]

I think I'm having some trouble reading this, are you trying to learn cellphone data interception?

[Goatboy]

Two problems here:

First, cell phones are no longer just phones; they are computers. If they have a vulnerable service on an open port, you can get in. The same rules that apply to computer security apply to phone security, with a few exceptions (most computers can't receive SMS, most phones don't run HTTP, etc.). If you're looking to gain control over an iPhone, you will pretty much need to 0day it or find a flaw in a popular web app, most of which will be sandboxed. In short, not super easy but it has been done.

Second, the phone network is different than a computer network. You'll want to take a look at http://en.wikipedia.org/wiki/Cellular_network and branch out from there. There's a lot of proprietary and complex shit going on to make sure Allison can talk to Becca about why Cody is *sooo* much hotter than Derek. There was a decent talk at DefCon/BlackHat (can't remember which) a few years back about intercepting phone calls by posing as a legitimate base station. Basically phones don't check authenticity of their station before placing a call, so the closest station wins.

Sorta relevant: http://www.youtube.com/watch?v=gnSK8AotyyM

I can't find the video right now (in a bit of a hurry) of the rogue base station, but this vid is not bad either.

Long story longer, nothing will necessarily be "easier" to hack, but if you learn the tech behind it and think a bit, you can start seeing patterns. Patterns are easy to break.

[Blue_Devil]

http://venturebeat.com/2010/07/31/hacke ... -for-1500/

[hellow533]

http://venturebeat.com/2010/07/31/hacker-shows-how-he-can-intercept-cell-phone-calls-for-1500/

$1500? That's actually quite reasonable for its purpose depending on the person and objective, but I think I'll pass.

[Goatboy]

http://venturebeat.com/2010/07/31/hacker-shows-how-he-can-intercept-cell-phone-calls-for-1500/

That's the one. A thousand Internets to you, sir, who made an account 3 years ago seemingly for the sole purpose of helping me find the link.

[hellow533]

http://venturebeat.com/2010/07/31/hacker-shows-how-he-can-intercept-cell-phone-calls-for-1500/

That's the one. A thousand Internets to you, sir, who made an account 3 years ago seemingly for the sole purpose of helping me find the link.

Someone has a crush.

[centip3de]