Phone phreaking makes a comeback on Android VoLTE

Phone phreaking makes a comeback on Android VoLTE
Who out there remembers phone phreaking? Or, who out there happened to watch "Hackers" recently and saw a character (aptly named Phreak) play tones into a pay phone to trick the carrier into thinking that money had been deposited? ... Actually, who out there remembers payphones? Anyway, now that we're done feeling super old, researchers have found an interesting way for that old hack to make a comeback. 

The origins of the old hack went back to the days of Steve Wozniak using a whistle from a cereal box to mimic the tones payphones used to signal the carrier that money had been deposited, but the new version is based on some flaws in how voice over LTE (VoLTE) has been designed as well as a flaw in the Android operating system.  

South Korean researchers say that because of flaws in how VoLTE has been designed, it is possible to spoof phone calls, conduct denial-of-service attacks and wrack up charges on a customer's bill. And, it is also possible for a Android app to make secret phone calls in the background due to a flaw in the way Android handles permissions for VoLTE compared to regular voice calls. Google is already working on a patch that is planned to be released as part of the November security update. 

The problems with VoLTE stem partially from the fact that American carriers have not implemented LTE technology in a standardized way, so it has caused security holes. It also means that each carrier has to do different things in order to fix the issues. The problems were reported to Verizon, AT&T, and T-Mobile back in May, but none have released statements on the matter. 

FEATURED VIDEO

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless