Hacker News new | past | comments | ask | show | jobs | submit login

From 3G on, every base station is authenticated and virtually all traffic on the air is encrypted.

There are issues with stingrays - but these happen due to protocol edge-cases before authentication is established. [Edit: this paper uses side channels to collect information, but that's what a sniffer can do]

Every base station is authenticated.

In most countries, all connections are encrypted.




Sorry, I haven't kept up on my phreaking - is there encryption for 3G which hasn't been broken yet?


Not sure about 3G algorithms - but that's why 4G moved on to AES.

What exactly are you trying to say? Worrying customers can easily enforce 4G. Networks should drop 2G and 3G, but still, things are getting better.


I'm saying it doesn't matter whether everything is authenticated and encrypted, it's all vulnerable. Even if 4G wasn't, you can just downgrade and then crack.


Where exactly vulnerable against which type of attacker?

In 4G there are location and identity leaks, and denial of service (which is why smartphones and carriers should drop 2G and 3G).

Or is this a "technology is all bad" kind of comment?


I consider it more to be a 'why oh why do these protocols continue to be designed and specified in such a way as to be known to be vulnerable to eavesdropping' kind of comment.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: