Discover Yahoo! With Your Friends

Explore news, videos, and much more based on what your friends are reading and watching. Publish your own activity and retain full control.

To get started, first

YOUR FRIENDS' ACTIVITY

    Today in Tech

    Hackers crack Vodafone’s network, can listen to all calls

    By Eliot Phillips, Tecca | Today in Tech – Wed, Jul 13, 2011

    Vodafone UKThe Hacker's Choice (THC), a group of computer security researchers, released surprising news about cellular carrier Vodafone UK. Using standard consumer hardware, THC was able to access Vodafone's internal network and customer equipment. This unprecedented hack was made possible by Vodafone's Sure Signal, a femtocell (think tiny cell tower) customers plug into their home internet connections for better cell reception.

    THC began researching femtocells in 2009. The technology has become popular with cellphone companies like AT&T, which offers a 3G MicroCell, because the home access points mean better service for customers in areas with spotty coverage. THC purchased its femtocell from Vodafone UK and examined how the device communicated to Vodafone's core network. They discovered that because of a flaw in how Vodafone implemented its system, it gave full access to the network to the femtocell, a device the hackers had full control of. Vodafone also used the same 'newsys' administrator password across all devices.

    Vodafone says only a limited number of registered phones are allowed to access each customer's femtocell. The hackers were able to uncap this and let any Vodafone customer phone automatically connect to their device. Once a phone connected, THC was able to eavesdrop on phone conversations, place calls as the customer, and even access their voicemail. With phone hacking in the news every day, we wonder what other security flaws are still waiting to be discovered.

    (Source)

    [Image credit: tamara.craiu]

    More from Tecca:

     

    8 comments

    • James
      James  •  10 mths ago
      the us government listens to all out calls so whats the differents?
      • DmetriC
        DmetriC 10 mths ago
        a 'c' and an 'e'... that's the difference
    • ScottW
      ScottW  •  10 mths ago
      Not to minimize this issue, but the headline really exaggerates... Says hackers can listen to "all calls" -- but really only those calls in range of and connected through the hacker-owned femtocell. That would be like saying I can listen to "everything on the internet" because I have a sniffer on my home router. Still a problem Vodafone needs to fix, but not a widespread immediate risk.
    • chris.w
      chris.w  •  10 mths ago
      With the recent spate of mobile phone hackings by the media,you would think that all mobile service providers, would think very deeply, about security, or am I being a little too naive here?
      We pay for a service that we assume is letting us make private calls,in private!
      • Brian
        Brian 10 mths ago
        Are you sure they care? They have you locked into a multi-year contract and short of getting sued and losing a few hundred million $ or Euros I'm betting they won't change a thing.
    • Spoken
      Spoken  •  10 mths ago
      Those of you who blast hackers for exposing security risks would rather have the chinese doing it instead???
    • Coolwater
      Coolwater  •  10 mths ago
      Hackers should be killed with no court hearings
      • zo
        zo 10 mths ago
        Go back to caves :-)
      • Kabas Malasas
        Kabas Malasas 10 mths ago
        lol
      • Eric Kleinberg
        Eric Kleinberg 10 mths ago
        theyre not criminal hackers.. theyre a security group that researches and figures out different holes so companies can fix them.. learn to read..
    • Joy S
      Joy S  •  10 mths ago
      Seems it'd be pretty dull, with 99.9% of the calls just yak-yak-yakking about nothing. Kind of like sitting in a public place with someone jaw-ing away with useless chatter for 45 minutes... Rule #1: Never say anything important over a phone, double-caution if cell phone. Suggestion #1: Hang Up and get back on with living -- especially if you're driving!!!
    • Aragon
      Aragon  •  10 mths ago
      Governments from Great Britain to Timbuktu are ruling that technology users have no reasonable expectation of privacy.

      Everybody from the kid next door to reporters and police are either tapping or hacking into our personal lives either for "lulz" or some government sanctioned "fishing expedition".

      Give us something we can use, like why the cumulative size of the updates, patches and fixes has exceeded that of the original operating system!
    • Tracked by Republi-bots
      Tracked by Republi-bots  •  10 mths ago
      Are BlackBerry devices subject to his? I thought anything transmitted from BlackBerry device was encrypted on the device and decrypted on the server for routing... of course this may not be true for the actual voice calls that have to be compatible with the network, but are BlackBerry devices somehow more secure? Something tells me "no", but I wonder...
     Post a comment

    Blogs