All smartphones are based on technologies that allow communicate quickest ways, with maximum quality and above all, with the greatest possible security.
The evolution has been very visible over the years, and 4G is now a reality. But the truth is that all Android that support this technology have a serious vulnerability.
This very relevant Android security flaw was discovered by Korean researchers and confirmed by various teams of security researchers.
Its importance is so high that CERT of Carnegie Mellon University issued a warning to North American telecom operators, alerting them to the implications of this problem.
The flaw allows communications users of 4G networks can see your traffic stolen, inspected and read, or is made billing above normal.
The problem lies in how Android implements the permissions model in these networks, which is not in line with what would be expected for LTE networks, by which the 4G networks are also known.
LTE networks are based on packet-switching model, unlike the circuit switching used by previous technologies. This first model is known to have several flaws that can be exploited, in particular on the SIP protocol, typically used for voice calls over IP.
By exploiting this flaw attackers can do spoofing telephone numbers to access calls and free messages and higher network access speeds.
There are other attacks that allow data to be stolen or applications to be created that silently connect to premium rate numbers.
In the United States it is known that the assigned fault networks operators T-Mobile, Verizon and AT & T. There is no information whether this problem is affecting European 4G networks.
Google will update its equipment with the necessary corrections as early as next month, the security update that will be released. For other manufacturers there is no information on possible security fixes.
No comments:
Post a Comment