Ransombile, Yet Another Reason to Ditch SMS
Date: August 8 2018
Publication: BSidesLV 2018
Source: Currently no known Internet copy of paper.
Abstract or Summary:
The general belief is that a mobile device that is locked, encrypted and protected with a PIN or biometrics is a secure device. Personal assistants on mobile devices are very popular like Siri and OK Google. They can perform multiple tasks including calls, sending emails and reading SMS. How secure are they? Can we trust our personal assistants to keep our data safe?With the proliferation of cheap SDR hardware, DIY IMSI catchers, open source tools and still supported broken GSM protocols, targeting mobile communications is easier than ever. But what are the real consequences? It is well known that SMS is not a secure channel but the industry is still hesitant to move away from it. This presentation is yet another nail in the SMS coffin and aims to help push the industry away from supporting it. Ransombile is a tool that can be used in different scenarios to compromise someone’s digital life in less than 2 minutes. Email accounts, financial data, social networks... all gone. Have you ever left your phone on the desk unattended? Do you belief losing your phone only impacts your wallet? This presentation is for you.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=7MbgFTJrhss Project page: https://www.martinvigo.com/ransombile/
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.