THC rebut Vodafone's femtocell fix claims
The Hacker's Choice has rejected Vodafone's claims that it fixed the problems with the "Sure Signal" femtocells which allowed the group to intercept calls and acquire key information from the core network. In an update to the original announcement THC said: "We welcome the effort! We are disappointed with the results!". THC noted that Vodafone was informed of the problem in 2009 and says that the only thing that was fixed by Vodafone in 2010 was the vulnerability which allowed them to obtain root access to the device.
"This does not fix the core of the problem" say the group, explaining that key information is transferred from the core network to the femtocell in "gross violation of the 3G/UMTS security recommendation which clearly states that 3G/UMTS encryption should go all the way up to the core network". Since the group's work was completed in 2010, other methods of gaining administrator access have been disclosed. THC also took issue with Vodafone's claim that its network was not compromised and restated that it had retrieved key information from Vodafone's network "from customers not registered to the femto".