Mobile Network Comparison

Governments spy. Collectively as a society we have known that for some time, without ever really having proof. The phone tapping and spying scandals that have landed in the US and UK recently have blown the doors off though, and we now know definitively that our government taps into our smartphones to spy. How they do that is not universally known, but a new tool can help teach you to know how those pesky spooks operate.

A UK based security firm spent some time with the BBC and explained the situation, and it all comes down to a simple tool that is popular for spying on devices globally. 4Armed discovered that Hacking Team, a spy tool software sold by an Italian company out of Milan, had been hacked and stolen and upon further investigation the security firm found that it is the tool of choice for spying on mobile phones.

Joe Greenwood, of cybersecurity firm 4Armed, found the source code and ran it to find the full extent of Hacking Team’s capabilities. To say they are extensive is an understatement. The software is able to hack a targeted device (smartphone, tablet, PC) and access just about every nook and see any file or data.

What the software finds (website history, calls, photos, and much more) is displayed on a surveillance console that is being used by the hacker, while this console can also be used to transfer any malware onto the infected device.

“You can download files, record microphones, webcam images, websites visited, see what programmes are running, intercept Skype calls,” he told the BBC.
“We can actually take photos without them realising.

“So the camera in the background is running, taking photos every number of seconds,” he added.

So, why is this software most likely used by governments and not some kid in his bedroom? Well, 4Armed says that despite being simple, the software could cost potential buyers more than £1 million, a figure out of most people’s reach, but easily within the budgets of intelligence agencies working for governments.

Continue Reading

Welcome to video #9 in our countdown of the Top Ten Tech Stories from 2013.

Every Thursday we’re going to bring you a new post looking back on our picks from 2013. There were lots of great things happening last year starting at the very beginning of the year when Samsung announced they had sold over 100 million Galaxy S smartphones.

We also had a lot of stories about mobile operating systems starting with the first glimpse of Canonical’s Ubuntu Phone operating system at the Mobile World Congress. April saw the first devices running the HTML5-based Firefox OS and of course iOS 7 came out soon afterwards. Google even surprised everyone in September by not going with Key Lime Pie for its next version of Android and instead teaming up to brand version 4.4 as Android KitKat.

Other big stories from last year include the release of a BBM app in October and Giffgaff starting to sell handsets themselves in November. But what do you think were the biggest tech stories from last year?

This is the second instalment in the video series and we’re looking at the news of FAA approval to use mobile phones and other portable electronic devices on flights. This is one of the most exciting pieces of news (at least for mobile addicts). We also look at a way to use your phone to hack into aeroplanes and control them through a simple Android app.

Phones/Wi-Fi in-flight

We feel more than anything it’s a victory for common sense, as even those with the most rudimentary physics know there is minimal if any risk from electromagnetic interference caused by tablets, phones and laptops. Previously, regulations had meant that personal electronic devices could only be used once the plane is cruising above 10,000 feet but the new guidelines allow you to listen to music or reading a book including on the ground and during takeoff and landing approaches.

The year also saw many carriers introducing in-flight Wi-Fi to their planes which can really those long haul flights that much more bearable. At the end of the year, the Federal Communications Commission also finally agreed to consider lifting its ban on using mobile phones in-flight. By a narrow margin, the FCC voted 3 to 2 in favour of the proposal. The chairman, Tom Wheeler pointed out that the ban is more or less redundant by now and stated that he strongly wanted to see mobile phone use allowed some time in 2014. While his impartiality is somewhat dubious he has links to the mobile industry, everyone must be relieved that he’s finally calling out the nonsensical arguments regarding interference as scaremongering pseudoscience.

In much of the rest of the world, voice calls are already allowed only the US is yet to catch up. However, don’t get too excited too soon – individual airlines and the FAA would have the final say on allowing voice calls on aeroplanes. Delta Airlines have already announced that regardless of the FAA approval, they would not allow people to use phones on their aeroplanes.

Meanwhile, the European Commission has officially approved the use of 3G and 4G mobile Internet on flights allowing planes to carry their own mobile cell transmitters which will be linked to the ground via satellite connections. We thought this news was really worth a mention as a highlight of 2013 but it’s worth noting that British company AeroMobile have been able to use voice and text services in flights since September 2004. They even launched their roaming service for mobile phones on aeroplanes way back in April 2007, so for much of the world this is old news but it’s great to hear that the US finally realising how outdated these regulations are.

Would you like to be able to make calls when on a flight? Or can you think of nothing worse than the person next to not only hogging the armrest and the windows eat but also having a detailed, high-volume conversation with their gastroenterologist throughout your entire trip?

Continue Reading

New research suggests that passenger jets could potentially be “hacked” with little more than a mobile phone. The disturbing news comes from security research and former pilot Hugo Teso who works in Mainz, Germany. The exploit shows how a hacker could actually influence the movement of a commercial airliner.

Teso presented his research at the Hack In The Box conference held in Amsterdam, Netherlands this week. His exploit involves the use of a Android smartphone app called PlainSploit which allows him to control the aircraft’s Flight Management Systems.

Modern aeroplanes have two major systems for communicating with other aircraft and with ground-based air traffic controllers:

The Automatic Dependent Surveillance-Broadcast (ADS-B), sends information about each aircraft (identification, current position, altitude, and so on) through an on-board transmitter to air traffic controllers, and allows aircraft equipped with the technology to receive flight, traffic and weather information about other aircraft currently in the air in their vicinity.

The Aircraft Communications Addressing and Reporting System (ACARS), is used to exchange messages between aircraft and air traffic controllers via radio or satellite, as well as to automatically deliver information about each flight phase to the latter.

The problem is that these technologies are old and dated and, as a result, incredibly insecure. Using both together, an attacker can gather information for a aeroplane’s on-board computer and even spoof signals that allow a hacker to affect the behaviour of the aircraft. Teso has developed an entire framework that allows you to control a ‘plane’s Flight Management System – it’s so complete there’s even scope for adding your own custom plug-ins.

Using live flight trackers such as Flightradar24, you can even hack into any aeroplane that is in range of your phone. The app is very advanced and you can dynamically change the aircraft’s course simply by tapping on a location on a map. You can also set conditional filters that will only activate when certain requirements are met. For example, you can wait until an aircraft is in its cruise phase over the ocean or above a certain ASL altitude and the crew are relaxing to activate certain commands. One of the most interesting features is that you can even control the lights and alarms in the aeroplane and the “Be Punkish” command allows a hacker to trigger lots of these at once. There’s even a humorously named “Visit Ground” command which caused the ‘plane to crash.

Don’t worry too much though next time you get on a flight. Each model of plan is different and only some commands will work on each one even though the app and framework does have a way of detecting what’s available. The other thing is that these commands only work when the ‘plane is set to autopilot so the pilots can always get complete control back and then flying using manual analogue control inputs. Most importantly, of course, Teso hasn’t publicly released the mechanism for all the exploits and has been working with the aviation industry to close the security flaws that allow this hack. The framework he developed was purposely restricted to virtual environments and cannot be used on real-life ‘planes.

However, having said that, on more modern digitised aeroplanes, it’s harder to detect the hacking in the first place and it’s uncommon to fly a plane without any automated assistance. And it’s certainly rather terrifying to learn how poor the security is on all these legacy systems. This is especially the case as aviation is an industry that prides itself on the importance of safety and security as well as redundant systems. Luckily, it does seem that manufacturers are keen to work on fixing the holes in their systems.

What do you make of this crazy story? Are you scared that people could control your flight with just a mobile phone? Why do you think that aircraft security is so poor? And do you expect to see more stories similar to this in the future? Let us know your thoughts below.

Continue Reading