Перейти к содержанию

Мобильный телефон


Рекомендуемые сообщения

GSM это стандарт. К телефону, "труба который", претензий мало как правило, в основном, по взрослому, только к стандарту. Блютуф юзаете? Чтобы совместимость была, сделали стандарт. Ну хреново у него с секьюрити, ну чего уже делать? Новая версия будет лучше. DAMPS'ы вообще практически не имели шифрования, если по сегодняшним меркам судить, все упирается в закон Мура. Производительность растет у "микросхем"

А теперь представьте скоко бизнеса построено с использованием GSM'a для передачи данных. Ну и как всегда, последнюю милю защищать дорого, провайдерам по фигу обычно на свои каналы, ну у нас точно. Хотя и в мире ситуация примерно такая же, если ддос атаки с трансконтинентальной сетки АТ&T идут :о)) Ну и чтобы совсем закошмарить, неформальных объединений чисто в силу хобби послушать переговоры самолетов с диспетчерами в Москве масса, переговоры патрулей милицейских уже даже не котируются. Ну и для прикола, сам видел как в шарике, лет 8 назад брали человека с трубкой. Он разговаривал, а самолеты сесть не могли :о)) Трубка веселая была, R-2500 для тех, кто в курсе :о))

Ссылка на комментарий
Поделиться на другие сайты

  • Ответов 179
  • Создана
  • Последний ответ

кстати, тут у NISTа пару документов про безопасность сотовых телефонов и Bluetooth вышло - может, кому пригодится

 

_ttp://csrc.nist.gov/publications/PubsDrafts.html#SP-800-124

SP 800-124

 

DRAFT Guidelines on Cell Phone and PDA Security

 

Draft SP 800-124, Guidelines on Cell Phone and PDA Security, is available for public comment. It provides an overview of cell phone and personal digital assistant (PDA) devices in use today and offers insights for making informed information technology security decisions regarding their treatment. SP 800-124 gives details about the threats, technology risks, and safeguards for these devices.

 

_ttp://csrc.nist.gov/publications/PubsDrafts.html#SP-800-121

SP 800-121

 

DRAFT Guide to Bluetooth Security

 

Draft SP 800-121, Guide to Bluetooth Security, describes the security capabilities of Bluetooth technologies and gives recommendations to organizations employing Bluetooth technologies on securing them effectively. Much of SP 800-121 was originally included in draft NIST SP 800-48 Revision 1, Wireless Network Security for IEEE 802.11a/b/g and Bluetooth, but based on public comments, the Bluetooth material has been removed from SP 800-48 and placed in its own publication.

Ссылка на комментарий
Поделиться на другие сайты

  • 2 недели спустя...
2) Предположим производителей серьезных Мэн-ин-Блэки смогли закошмарить до усрачки , что заставляет вставлять (и заставляет ли ???) всяческих специально обученных жучков-паучков пьяных китайцев , собирающих разнообразные суперкоммуникаторы из подручных материалов ? Или не китайцев ... Вся Азия производит свои аппараты и все придерживаются этих требований ? А Арабский мир ? Может какой нибудь Габон ... Доминикана ... Новая Зеландия (???)
Достать шпионские средства для сотовых телефонов и смартфонов сегодня не составляет труда. Вот, например, программа FlexiSPY таиландской компании Vervata. Создатели продвигают FlexiSPY как семейное средство контроля за супругом: если установить программу на сотовый телефон, она будет передавать координаты устройства и сведения о входящих и исходящих звонках.

_ttp://www.vedomosti.ru/newspaper/article.shtml?2008/08/14/158091

 

Ссылка на комментарий
Поделиться на другие сайты

:smile14:

--US Intelligence Issues Warning About Traveling Abroad with Electronic Devices (August 5, 7, 9 & 11, 2008) The US Office of the National Counterintelligence Executive (NCIX) issued a strongly-worded advisory for travelers warning them to take special precautions when traveling overseas with portable electronic devices. The warning appears to be aimed specifically toward those travelling to China for the Olympic Games. Security services in China are capable of tracking individuals' whereabouts through mobile phones and PDAs and of turning on microphones in devices without users'

knowledge; users are urged to remove batteries from the devices when they are not being used. Travelers should not take electronic devices with them unless they are absolutely necessary, and they should assume that if the devices are examined by customs officials or their hotel rooms are searched that the contents of their hard drives have been copied. Travelers should also change all their passwords frequently during their travels and again as soon as they return home.

All information sent electronically can be intercepted. The advisory does not name China specifically, but in a television interview and a press release, NCIX head Joel Brenner did mention China. The advisory also says, "In most countries you have no expectation of privacy in Internet cafes, hotels, offices, or public places." Malware can be placed on the devices with USB drives or other freebies; by the same token, do not use your own USB drive in foreign computers. It may be a good idea to encrypt the data on the devices, but customer officials in some countries may not permit travelers to bring in encrypted data.

http://www.ncix.gov/publications/reports/traveltips.pdf

http://www.vnunet.com/vnunet/news/2223619/...ellers-us-china

http://www.cbsnews.com/stories/2008/08/07/...in4329769.shtml

http://news.smh.com.au/technology/us-intel...80809-3sik.html

Ссылка на комментарий
Поделиться на другие сайты

  • 3 недели спустя...

_ttp://news.cnet.com/8301-1009_3-10028589-83.html?tag=mncol;title

 

CSI Stick grabs data from cell phones

 

If someone asks to borrow your cell phone, or you leave it unattended, beware!

 

Unless you actually watch them use it, they may be secretly grabbing every piece of your information on the device, even deleted messages. If you leave your phone sitting on your desk, or in the center console of your car while the valet parks it, then you and everyone in your contacts list may be at risk, to say nothing of confidential e-mails, spread sheets, or other information. And of course, if you do not want your spouse to see who you are chatting with on your phone, you might want to use extra caution.

 

There is a new electronic capture device that has been developed primarily for law enforcement, surveillance, and intelligence operations that is also available to the public. It is called the Cellular Seizure Investigation Stick, or CSI Stick as a clever acronym. It is manufactured by a company called Paraben, and is a self-contained module about the size of a BIC lighter. It plugs directly into most Motorola and Samsung cell phones to capture all data that they contain. More phones will be added to the list, including many from Nokia, RIM, LG and others, in the next generation, to be released shortly.

 

I recently attended and lectured at the Techno-Security conference in Myrtle Beach, Fla. About 1,500 law enforcement and security professionals participated and were briefed on the latest in cybersecurity vulnerabilities from participating federal agents, manufacturers, and cyber-consultants. The CSI Stick caught my attention because of the potential to rapidly and covertly download all of the information contained in many cell phones.

 

This device connects to the data/charging port and will seamlessly grab e-mails, instant messages, dialed numbers, phone books and anything else that is stored in memory. It will even retrieve deleted files that have not been overwritten. And there is no trace whatsoever that the information has been compromised, nor any risk of corruption. This may be especially troublesome for corporate employees and those that work for government agencies.

 

The good news: the device should find wide acceptance by parents who want to monitor what their kids are doing with their phones, who they are talking to and text messaging, and where they are surfing. It could also be valuable in secure areas where employees need to be randomly monitored to insure that sensitive information is not compromised through the use of a cell phone as a memory device.

 

The CSI Stick sells for $200 and requires an added piece of software to mine the data and do sophisticated processing on your computer. So now, in addition to worrying about your conversations or data being intercepted through your Bluetooth headset, there is a new threat, and it is very real.

 

The rule: if your phone contains sensitive data, do not leave it unattended. If you loan it to someone to use because they tell you theirs is not working, make sure you actually see them using the phone and there is nothing connected to it.

Ссылка на комментарий
Поделиться на другие сайты

Заархивировано

Эта тема находится в архиве и закрыта для дальнейших ответов.


×
×
  • Создать...