iPhone Field Test app allows mobile network sniffing
According to a report from Dark Reading, this weekend at Summercon in Atlanta, Georgia, David Maynor of Errata Security will demonstrate a way to make use of an administrative utility installed on the iPhone to gain elevated access privileges on the network.
Errata claims to have developed a tool that accesses the embedded Field Test application, allowing the iPhone to be used as a kind of cell network analyser and potentially as a sniffer. The Dark reading report suggests that the iPhone is not alone in being equipped with such a Field Test application.
Customer access to cell phone networks is rigorously controlled by contractual terms, but Maynor says that the networks were not designed with security in mind. As a result, it would be technically possible to intercept or spoof traffic or deny service to the network once the initial hurdle of administrative access has been overcome. It seems the forthcoming demonstration may accomplish that.
See also
- New Smart Phone Hack Could Expose Cell Network, report from Dark Reading
(mba)