New security threat. Is WP vulnerable?

[jleebiker]

This got sent to me this morning:

Android security mystery - 'fake? cellphone towers found in U.S.

Anyone know if WP is vulnerable to this?

*Mods, please move this thread to the correct forum if necessary. Thank you.

 

[salmanahmad]

This got sent to me this morning:

Android security mystery - 'fake? cellphone towers found in U.S.

Anyone know if WP is vulnerable to this?

*Mods, please move this thread to the correct forum if necessary. Thank you.

No one knows for sure, but Windows Phone and others could also fall victim to this.

 

[kg4icg]

Your cellphone goes by a certain code that your phone looks for and it is encrypted when transmitted from a cell tower. Unless the phoney tower is actually transmitting that code, it will be ignored, also the fact someone can actually put up a phoney cell site without causing inteference is laughable at best.

 

[jleebiker]

Your cellphone goes by a certain code that your phone looks for and it is encrypted when transmitted from a cell tower. Unless the phoney tower is actually transmitting that code, it will be ignored, also the fact someone can actually put up a phoney cell site without causing inteference is laughable at best.

Clearly, you've never been to Wyoming. ;-)

 

[RichardBurt]

Your cellphone goes by a certain code that your phone looks for and it is encrypted when transmitted from a cell tower. Unless the phoney tower is actually transmitting that code, it will be ignored, also the fact someone can actually put up a phoney cell site without causing interference is laughable at best.

Judging by your answer it is very clear that you have no idea how mobile phone towers work.

These towers have been used by law enforcement for years now, they are nothing new. And yes, ALL phone brands are vulnerable. The signal is intercepted at the tower. It doesn't matter what the make / brand of the phone is.

Stingray, the fake cell phone tower cops and carriers use to track your every move | ExtremeTech
FBI's Warrantless Searches Now Include Fake Cell Towers

 

[Guytronic]

[WARN]

Thread cleaned
Please stay on topic.
​

[/WARN]

 

[mase123987]

Very simply, everyone can fall prey. Encryption in calls lasts until it hits the cell tower then become decrypted. So, when your signal hits the fake tower, it is no long encrypted.

Also, I was listening to a tech show which brought up another point. The 2g is apparently never encrypted. So, these take towers can block 4g and 3G signals forcing your phone to use 2g.

Lastly, the same show mentioned how these towers can be used to change your phone's baseband firmware without you knowing.

 

[xratola]

It's not actually Microsoft's fault. This, my friends, is a flaw in the way cellphone communication is built, yet, such flaws are normally fixed over generations (3G, 4G, etc). For that reason it's advisable to use 3G when possible. Not only for the speed boost but for the security that goes along with it

 

[jleebiker]

It's not actually Microsoft's fault. This, my friends, is a flaw in the way cellphone communication is built, yet, such flaws are normally fixed over generations (3G, 4G, etc). For that reason it's advisable to use 3G when possible. Not only for the speed boost but for the security that goes along with it

If that's the case, why shouldn't we use 4G or LTE or XLTE? Why "3G when possible"?

 

[xratola]

If that's the case, why shouldn't we use 4G or LTE or XLTE? Why "3G when possible"?

I meant whatever higher than 2G since not everybody has LTE but the vast majority does have 3G

 

[EndOfRope]

Hello,
my opinion is that a virus scanner would not make sense for the WP platform now. However, a firewall could be helpful. It could control the apps and how they connect to their home server.
More important for me would be to control with a firewall if someone from outside, like a fake base station, is connecting to my phone.
The vulnerabilities of old SIM cards has been shown long ago. I think the insecure DES algorithm is more used in GSM networks so they try to force your phone to that standard.
On PC?s a firewall is essential and it would enhance the security level for WP a lot.