Profile cover photo
Profile photo
Andreas Kuckartz

Andreas's posts

Post has shared content
PWN2OWN Mobile: Daniel Komaromy (@kutyacica) and Nico Golde (@iamnion) pwned the baseband radio in a brand new Samsung S6 Edge that I unsealed from the box and updated to latest software at the conference.

The software radios on the table are pretending to be a cellphone base station - we are doing this in an isolated room deep underground where there is no cellphone coverage to interfere with and I am the only other person in the room. As soon as we power up the new phone in the presence of their attack radio, their signal patches the radio runtime software of the baseband processor (the other cpu in your cellphone that users can't access that takes care of the radio to talk to the network) so that after the patch any phone calls I make are routed to them instead of their intended destination.

I tested this after when we went to where we did have cellphone coverage by trying to dial my Japanese cellphone and it rang on Nico's cellphone instead. The modified radio software also forwarded the original number dialled so in the real world an attacker would then use a VoIP proxy to forward the call imperceptibly and listen in on it.

Ironically enough, this year at PWN2OWN we have had some of the most significant research with the smallest prizes ever, in the true spirit of security research - to reward these guys since I don't have a lavish budget I'm going to fly them and their wives, girlfriends and family to CanSecWest next year to come snowboarding/skiing after they give a technical presentation on doing security research on baseband processors and this vulnerability. (Hat tip to the Blackberry security folks who got us in touch with the right folks to get the vulnerability information to Samsung through a VP they know there.) I would like to get these guys some further reward, beyond the bragging rights for winning PWN2OWN and being the first to show a successful baseband attack, for this significant research, especially since last year we were offering $150,000 rewards for an attack like this.

These guys have been doing this work in their spare time in addition to their day jobs and have put in a significant amount of time into doing this to secure the whole industry. So if you folks know a bounty program that would be interested in these and other significant cellphone baseband radio discoveries please contact me.

Post has attachment

What?! A few months ago the Deutsche Telekom AG defended its collaboration with the Bundesnachrichtendienst (BND) and now it is "offering wiretapping protection".

Post has attachment

Post has attachment

Post has attachment

Post has attachment

Post has attachment
But when asked what he [Tim Berners-Lee] would have done differently, the answer was easy. "I would have got rid of the slash slash after the colon. You don't really need it. It just seemed like a good idea at the time."

Post has attachment

Post has attachment
At the W3C Social Web WG meeting in Paris last week I finally got a WebID ( Thanks to +Melvin Carvalho and +Andrei Sambra 

I just sent this to a few specific mailing lists.
Dear all,

the deadline for GSoC 2015 student proposals is 27 March: 19:00 UTC.

Students interested in Linked Data (in particular Hydra, Linked Data Platform and Linked Data Fragments) can contact me (they should do so immediately).

Students should be self motivated and already know what Linked Data is about - because the time till the deadline is very limited.

Within the Apache Software Foundation such proposals would fit mostly to Apache Stanbol and Apache Marmotta.

I might be able to help as mentor or co-mentor and would like to see student proposals for Open Government and/or Social Media applications (ideal would be a proposal involving both topics ;-)

If there are others here interested in helping students to draft a proposal and implement it later: also contact me! Feel free to forward this mail.

Wait while more posts are being loaded