GPS location
The MiFi by Novatel Wireless (re-branded and sold by multiple vendors
such as Sprint and Verizon) is a mobile wifi hotspot. The mifi also has
a built in GPS to provide location based searching.
Turns out that the web interface to this little device has a lot going
on that can be exploited, from gaining the user’s GPS data to
terminating the user’s connectivity. The POC isn't online yet due to
vendor lag but it's not all that complicated if you have a MiFi and a
few minutes.
Where: From Remote
======================================================================
3) Vendor's Description of Software
"The Garmin Communicator Plugin lets you connect your Garmin GPS with
your favorite website. Once the plugin is installed, just connect your
Garmin GPS device to your computer, and you're on your way. The Garmin
Communicator can send and retrieve data from any supported website.".
Product Link:
Location
--------
The event will be held in Catalonia, Spain: Sant Jaume de Llierca (La
Garrotxa) GPS Location: Latitude 42.211070, Longitude 2.602550
See exact location in Google Maps:
http://maps.google.es/maps?f=d&hl=es&geocode=&saddr=42.211284,2.60259&daddr=&mra=mi&mrsp=0&sz=17&sll=42.211355,2.60258&sspn=0.004728,0.011759&ie=UTF8&ll=42.211443,2.602623&spn=0.004728,0.011759&t=h&z=17&om=0
but if the link above does not work (too long), try with this link:
# WIMAX Security
# Identification and Entity Authentication
# Network Protocol and Analysis
# Smart Card and Physical Security
# Virus and Worms
# WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security
# Analysis of malicious code
# Applications of cryptographic techniques
# Analysis of attacks against networks and machines
# File system security
# Security of Embedded Devices
# WIMAX Security
# Identification and Entity Authentication
# Network Protocol and Analysis
# Smart Card and Physical Security
# Virus and Worms
# WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security
# Analysis of malicious code
# Applications of cryptographic techniques
# Analysis of attacks against networks and machines
# File system security
# Security of Embedded Devices
composed of 4 articles:
Engineering in Reverse
- Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan)
GPS
Author: Skywing
- Using dual-mappings to evade automated unpackers
Author: skape
- Technical approach to alternative operating systems
- Denial of service attacks and/or countermeasures
- Techniques for development of secure software and systems
- Security in SCADA and "obscure" environments
- Cryptography
- Information about satellites, GPS and stuff alike
- Lockpicking, trashing and urban exploration
- Internet, privacy and Big Brother
- Information warfare and industrial espionage
# Data Recovery, Forensics and Incident Response
# HSDPA / CDMA Security / WIMAX Security
# Network Protocol and Analysis
# Smart Card and Physical Security
# Virus and Worms
# WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security
# Analysis of malicious code
# Applications of cryptographic techniques
# Analysis of attacks against networks and machines
# File system security
# Side Channel Analysis of Hardware Devices
On Fri, Jan 15, 2010 at 17:12, Adam Baldwin
<adam_baldwin@ngenuity-is.com> wrote:
> The MiFi by Novatel Wireless (re-branded and sold by multiple vendors
> such as Sprint and Verizon) is a mobile wifi hotspot. The mifi also has
> a built in GPS to provide location based searching.
>
> *1. Authentication not required.*
Regards,
---------- where? ----------------------------------------------------
Bosc de Tosca, Les Preses (La Garrotxa, Girona), Spain
GPS: +42° 9' 34.52", +2° 28' 24.64"
Google Maps location:
http://preview.tinyurl.com/c62n8n
[http://maps.google.com/maps?f=q&source=embed
access to special development hardware, and that exploits and worms
similar to those found on desktop systems may be possible on Symbian.
The bugs listed in this paper have been sent to Nokia and are currently
under review. Mobile phone manufacturers should be aware that remote
vulnerabilities of the kind discussed in this paper could be used in
targeted attacks to remotely compromise a smartphone (track GPS, turn on
mic, etc.), or as a means of propagation for mobile network worms.
--
_________________________________________
# 3G/3.5G/4G Cellular Networks
# Apple / OS X vulnerabilities
# SS7/Backbone telephony networks
# Smart Card Security and Biometric Systems
# UMTS, HSDPA, GPRS and CDMA Security
# Security of Wimax, WLAN, Bluetooth, GPS and other wireless technology
# Analysis of network and security vulnerabilities
# Firewall and Intrusion detection technology
# Data Recovery and Incident Response
# Network Protocol and Analysis
# Analysis of malicious code
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
With the passing of "The Jackal" I was looking in the DEF CON archives for
an
old picture of him at the first DEF CON, and came across the first con
announcement.
To commemorate both I decided to announce DEF CON 16 in the same style. How
'bout those InterNets?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
With the passing of "The Jackal" I was looking in the DEF CON archives for
an
old picture of him at the first DEF CON, and came across the first con
announcement.
To commemorate both I decided to announce DEF CON 16 in the same style. How
'bout those InterNets?
- Technical approach to alternative operating systems
- Denial of service attacks and/or counter-measures
- Techniques for development of secure software and systems
- Security in SCADA and "obscure" environments
- Cryptography
- Information about satellites, GPS and stuff alike
- Lockpicking, trashing and urban exploration
- Internet, privacy and Big Brother
- Information warfare and industrial espionage
[ - Costs - ]
# 3G/3.5G/4G Cellular Networks
# Apple / OS X vulnerabilities
# SS7/Backbone telephony networks
# Smart Card Security and Biometric Systems
# UMTS, HSDPA, GPRS and CDMA Security
# Security of Wimax, WLAN, Bluetooth, GPS and other wireless technology
# Analysis of network and security vulnerabilities
# Firewall and Intrusion detection technology
# Data Recovery and Incident Response
# Network Protocol and Analysis
# Analysis of malicious code
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
With the passing of "Sledgehammer" I was looking in the DEF CON archives for
An old picture of him at the first DEF CON, and came across the first con
announcement.
To commemorate both I decided to announce DEF CON 16 in the same style. How
'bout those InterNets?
|
