[ISN] At Defcon, hackers get their own private cell network: Ninja Tel

From: InfoSec News <alerts_at_private>
Date: Tue, 31 Jul 2012 03:43:51 -0500 (CDT)
http://arstechnica.com/security/2012/07/ninja-tel-hacker-phone-network/

By Dan Goodin
Ars Technica
July 28 2012

The WiFi at the annual Defcon hacker conference has long been inhabited 
by a battery of live and automated mischief makers that sniff packets, 
scan ports, and exploit whatever weaknesses can be found. Last year, 
cellular networks were also rumored to be compromised, raising the 
question: How does one stay both safe and connected at the Las 
Vegas-based confab?

For a hacker crew known as Ninja Networks, the answer was to build its 
own private phone network, complete with 650 HTC One V smartphones 
running a highly customized version of Google's Android operating system 
and a fully functional GSM network. Inside a van parked in the vendor 
section of the conference and bearing a sleek "Ninja Tel" logo was 
universal software radio peripheral gear, and devices that used the Open 
Base Transceiver Station and Asterisk software. This van also sported a 
included a 10-foot antenna on top.

"The idea was to do something cool," said Brandon Creighton, aka cstone, 
one of the organizers of the project. "We've wanted to run our own phone 
company for quite a while."

Running a private mobile phone network is something that has been done 
before at other hacker events, most notably the Chaos Communication 
Congress in Berlin.

For redundancy and reliability, Ninja Networks engineers took advantage 
of a feature added to the Ice Cream Sandwich release of Android that 
makes it easy to route calls over GSM or, using the SIP, or Session 
Initialization Protocol, over a private portion of the Defcon WiFi. As 
each subscriber was added to the network, a syncing app added the user 
to the list of contacts contain on all other phones, giving each person 
a way to text or call the other. An app contained on the custom phone 
made it easy for other users to write apps for the device.

[...]


--
Learn how to be a Pen Tester, CISSP, ISSMP, or ISSAP with Expanding Security online.
Come to a free class and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill
Received on Tue Jul 31 2012 - 01:43:51 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 31 2012 - 02:22:43 PDT