I must say it was a real pleasure to attend the DeepSec 2011 edition. I’ve met a lot of interesting people and all the talks were great. Since it was my first time I held an international talk with such large audience, I was a little bit excited, but no matter what, I still consider I did a pretty good job. By now I only got positive feedback
To answer some of the frequently asked questions:
1. The attack I showed has nothing to do with knowing the security keys as the response to the command is being sent even if there’s an error
2. The live demo worked – too bad I didn’t have a webcam to show you the target phone
3. There was no planning on who should volunteer for the live demo
4. The number you’ve seen during the demo is not the real number (only the first 3 digits were) and also wasn’t charged with 5 EUR – all it was just for the fun of it
5. The quickest way to protect is to change your phone to one that asks for your permission before allowing the SIM card to do something, or switch to another operator that doesn’t provide SIM cards with Toolkit Application on them – in Austria it’s at least one, as well in Romania
6. Pay attention to dual-SIM phones: some of them are not showing you the extra-menu belonging to the SIM application, so don’t get comfortable thinking that you’re protected
7. I’m not a hacker / cracker how the media likes to call the security specialists most of the times. My purpose was to make you aware of the danger of just using something like SMS
I was happy that right after the talk I’ve been contacted by RIM in order to send them the details to fix this. It’s good to see that someone pays attention to these details. As long as they agree, I’ll keep you up to date with how the things are going.
Thank you Lynx, MiKa, Manuela for this opportunity! I’m pretty sure I’ll see you next year also I also hope that next year there will be more people from Romania in the audience.
Below it’s a recording of my talk SMS fuzzing, SIM Toolkit Attack – I hope you’ll ignore my excitement
The slides from the talk can be found here (click me).
I wait for your feedback!