3G security flaw leaves smartphone users at risk of hackers

Researchers at the University of Birmingham and Technical University of Berlin found that a weakness with the 3G system’s security feature meant that devices’ physical locations could be identified at any time with relative ease, using readily available equipment.

“Such a possibility would enable all kinds of undesirable behaviour, ranging from criminal stalking and harassment to more mundane monitoring of spouse or employee movements, as well as profiling for commercial and advertisement purposes,” the team wrote in their paper ‘New Privacy Issues in Mobile Telephony: Fix and Verification’.

The 3G system, which is used by most mobile internet devices to connect, deploys a temporary identity in order to mask its actual identity, which includes its location at any time. However, the team found a way of circumventing that protection using a femtocell.

“We have shown that the protocols are vulnerable to new privacy threats and that these threats lead to attacks that can be mounted in practice at low cost,” they wrote. And, because it is a part of the very system, it potentially affects every device using 3G to connect to the internet.

The researchers added: “the attacker does not need to know any keys, nor perform any cryptographic operation. This kind of vulnerabilities usually look trivial once uncovered but often remain unnoticed for long time, since they do not involve fancy cryptography but are caused by errors in the protocol logic.”

The team tested phones on the T-Mobile, O2, and Vodafone networks, as well as the French SFR network, all of which were found to be vulnerable.