Home / Tech / US says it can prove Huawei has backdoor access to mobile-phone networks : technology

US says it can prove Huawei has backdoor access to mobile-phone networks : technology

US says it can prove Huawei has backdoor access to mobile-phone networks : technology

The factor about backdoors is that the door should be accessible. In a community with end-to-core encryption (e.g. cellular networks) this seemingly requires bodily access to the core. If governments and operators denied Huawei bodily access, the place would the door exist?

By necessity, a covert DIRECT backdoor in cellular community core gear might solely function in one of many following methods:

  1. wirelessly (not by way of the backdoored community itself)

  2. by way of the community itself in a approach that can not be detected

  3. by way of social assaults (impractical)

  4. with the operator’s consent

1, three and four are all very far-fetched, which leaves a more likely assault floor, the whole function of the core – to reply to messages from the sting.

A specially-crafted message could possibly be injected from the sting, to instruct the core to tweak behaviour. It could possibly be an harmless community connect message referencing a non-existent IMEI followed-up shortly by one other set of IMEIs ending with a selected set of digits, seemingly random, however simply sufficient to set off the backdoor by way of the signalling community and instruct behaviour modifications for a given subscriber’s config. Perhaps a selected machine can be made to use a unique DNS server than regular, and bam, you’ve got full access to site visitors to/from any machine you select.

Just saying, that is how it may occur. That’s how I might do it, and in , NOT within the audited agency/software program. Not your chipsets, not your community.

About Agent

Check Also

What Jihadists Are Saying About the Coronavirus

What Jihadists Are Saying About the Coronavirus Jihadist teams are carefully following the unfold of …

Leave a Reply

Your email address will not be published. Required fields are marked *