Monthly Archives: October 2009

Old Nokia 1100 mobiles sold for 25.000 euros, firmware exploit for e-banking fraud

The news is a bit old by now, yet it still hasn’t gotten the proper attention by the mainstream media. Of course, for security experts, it’s no news at all. Everybody knows that cellular networks today are far from secure when it come to proper user/device authentication and firmware protection against tampering.

This incident proves two facts. First, the security in an ICT system is as string as its weakest link. And second, the public is totally unaware and uninformed about how security affects everyday life now, it’s not something that only freaks and scientists think about.

In short, the situation is this: The company (Nokia in this case) has used weak keys and/or encryption to its proprietary firmware on, very deprecated by now, Nokia 1100 mobile phones, or the keys have somehow leaked to the “public”. As a result, someone could read, decrypt, modify, re-encrypt and re-embed the firmware into the device’s EEROM. As all mobiles can be reprogrammed to recognize any phone ID in the network they’re connected (similarly to re-configuring a MAC address in an Ethernet card), a malicious user can reprogram such a mobile to “listen” to data packets sent to another person’s mobile.

In this case, it’s not just eavesdropping. If that person uses mobile banking services, he’s at great risk. Typically, banks use TAN codes (transaction authentication number) from a one-time pad or a similar random number generator device, commonly referred to as TAN generator. In case of mobile banking, the bank simply sends such a code called “mTAN” to its client’s mobile via a SMS (text) message that the user can enter in order to complete a transaction. In theory, this works perfect, unless someone else gets that mTAN message too and uses it first to do a large money transfer to an off-shore account…

The discovery was made by Ultrascan-AGI last April (2008), a securty analysis consulting company, when it detected that the eBay prices of that particular mobile phone when from 100 euros to 1.000, then to 7.500, then to 10000, reaching 25.000 euros in late April 2008. The firmware hacking was tested and confirmed, but Nokia never admitted any key leaks for the firmware.

More on this subject:


New site up and running!

“It’s alive…” (“Frankenstein” classic movie, 1931)

It’s finally here. I’ve managed to assemble tons of material, programs and code from almost 25 years back (before the Web was invented…), technical reports and academic assignments, and here it is. A special gift to my fellow students, friends and colleagues I’ve worked with throughout the years, plus a pool of teaching material for my students today.

This site was developed almost entirely on-line in Joomla 1.5 (MySQL/PHP). It has been a great experience, mostly due to the great documentation, exceptional coding of the 1.5.x platform and great availability of freeware modules and components that worked just fine. All the available material here is about 95 MB in total (33 MB for platform), including hundreds of files of reports, theses, source code and datasets.

Feel free to send me any feedback and comments, but please don’t make me explain any 20-year-old code that was written with ‘vi’ in VT100 terminals running EP/IX

NOTE: The site is currently in testing (beta) version and several pages are still under heavy construction or empty. Please stay tunned for frequent updates and of course feel free to send feedback on any bugs, broken links, etc.