Wireless Networking

Engineers Build Teeny-Tiny Bluetooth Transmitter That Runs On Less Than 1 Milliwatt (ieee.org) 43

Engineers at the University of Michigan have built the first millimeter-scale stand-alone device that meets Bluetooth Low Energy (BLE) specifications. "Consuming just 0.6 milliwatts during transmission, it would broadcast for 11 years using a typical 5.8-mm coin battery," reports IEEE Spectrum. "Such a millimeter-scale BLE radio would allow these ant-sized sensors to communicate with ordinary equipment, even a smartphone." From the report: The transmitter chip, which debuted last month at IEEE International Solid-State Circuits Conference, had to solve two problems. The first is power consumption, and the second is the size of the antenna. An ordinary transmitter circuit requires a tunable RF oscillator to generate the frequency, a power amplifier to boost its amplitude, and an antenna to radiate the signal. The Michigan team combined the oscillator and the antenna in a way that made the amplifier unnecessary. They called their invention a power oscillator. The key part of an oscillator is the resonant tank circuit: an inductor and a capacitor. Energy sloshes back and forth between the inductor's magnetic field and the capacitor's electric field at a resonant frequency determined by the capacitance and inductance. In the new circuit, the team used the antenna itself as the inductor in the resonant tank. Because it was acting as an inductor, the antenna radiated using changing magnetic field instead of an electric field; that meant it could be more compact.

However, size wasn't the only thing. Quality factor, or Q, is a dimensionless quantity that basically says how efficient your resonator is. As a 14-mm long loop of conductor, the antenna was considerably larger than an on-chip inductor for a millimeter-scale radio could be. That led to a Q was that was about five times what an on-chip inductor would deliver. Though it was a much more efficient solution, in order to meet BLE specifications, the team needed a better way to power the power oscillator. Their solution was to build an on-chip transformer into the circuit that supplies power to it. The transformer looks like two nested coils. One coil is attached to the supply voltage end of the oscillator circuit, and the other is attached to ground side. Pumping the transformer at a frequency twice that of the power amplifier wound up efficiently boosting the flow of power to the antenna.

Government

FTC Tells ISPs To Disclose Exactly What Information They Collect On Users and What It's For 32

An anonymous reader quotes a report from TechCrunch: The Federal Trade Commission, in what could be considered a prelude to new regulatory action, has issued an order to several major internet service providers requiring them to share every detail of their data collection practices. The information could expose patterns of abuse or otherwise troubling data use against which the FTC -- or states -- may want to take action. The letters requesting info went to Comcast, Google, T-Mobile, and both the fixed and wireless sub-companies of Verizon and AT&T. These "represent a range of large and small ISPs, as well as fixed and mobile Internet providers," an FTC spokesperson said. I'm not sure which is mean to be the small one, but welcome any information the agency can extract from any of them.

To be clear, the FTC already has consumer protection rules in place and could already go after an internet provider if it were found to be abusing the privacy of its users -- you know, selling their location to anyone who asks or the like. (Still no action there, by the way.) But the evolving media and telecom landscape, in which we see enormous companies devouring one another to best provide as many complementary services as possible, requires constant reevaluation. As the agency writes in a press release: "The FTC is initiating this study to better understand Internet service providers' privacy practices in light of the evolution of telecommunications companies into vertically integrated platforms that also provide advertising-supported content."
The report provides this example as to the kind of situation the FTC is concerned about: "If Verizon wants to offer not just the connection you get on your phone, but the media you request, the ads you are served, and the tracking you never heard of, it needs to show that these businesses are not somehow shirking rules behind the scenes."

"For instance, if Verizon Wireless says it doesn't collect or share information about what sites you visit, but the mysterious VZ Snooping Co (fictitious, I should add) scoops all that up and then sells it for peanuts to its sister company, that could amount to a deceptive practice," TechCrunch adds. "Of course it's rarely that simple (though don't rule it out), but the only way to be sure is to comprehensively question everyone involved and carefully compare the answers with real-world practices."
News

Oslo Will Build Wireless Chargers For Electric Taxis in Zero-Emissions Push (cnet.com) 110

Norway is helping lead the charge toward complete electrification, and it will soon have a whole network of wireless chargers for its capital city's fleet of taxis. From a report: The city of Oslo, in conjunction with Finnish utility company Fortum and American manufacturer Momentum Dynamics, announced last week that the three will work together to create a wireless-charging infrastructure for Oslo's growing zero-emission taxi fleet. The charging plates will be installed at places where taxis park and wait for fares.

The city will use Momentum Dynamics' wireless charging technology, which is claimed to work at speeds up to 75 kilowatts, which is in the neighborhood of most current DC Fast Charge stations. Taxis will have the requisite hardware installed, so all they need to do is park over a charging station and accumulate electrons before shuffling off somewhere else. "We believe this project will provide the world with the model it needs for keeping electric taxis in continuous 24/7 operation," said Andrew Daga, CEO of Momentum Dynamics, in a statement. "It will build on the success we have demonstrated with electric buses, which also need to be automatically charged throughout the day in order to stay in operation. Momentum is very excited to be working with the people of Oslo and with our partner Fortum."

First Person Shooters (Games)

Cities In India Ban 'PlayerUnknown's Battlegrounds' Over Fears It Turns Children Into 'Psychopaths' (yahoo.com) 163

Player Unknown's Battlegrounds is facing a "ferocious" backlash in India, Bloomberg reports: Nowhere has resistance to the game been quite like India. Multiple cities have banned PUBG, as it's known, and police in Western India arrested 10 university students for playing. The national child rights commission has recommended barring the game for its violent nature. One of India's largest Hindi newspapers declared PUBG an "epidemic" that turned children into "manorogi," or psychopaths. "There are dangerous consequences to this game," the Navbharat Times warned in a March 20 editorial. "Many children have lost their mental balance...."

What's different about India is the speed with which the country has landed in the strange digital world of no laws or morals. It skipped two decades of debate and adjustment, blowing into the modern gaming era in a matter of months. Rural communities that never had PCs or game consoles got smartphones in recent years -- and wireless service just became affordable for pretty much everyone after a price war last year. With half a billion internet users looking for entertainment, PUBG has set off a frenzy.

Over 250,000 students entered one recent PUBG competition, according to the article.

At least one local minister criticized the game as "the demon in every house."
Power

'Your AirPods Will Die Soon' -- The Shrinking Charge Capacities of Lithium-Ion Batteries (theatlantic.com) 250

Some of the same podcasters who first extolled AirPods are now complaining about them, reports the Atlantic: The battery can no longer hold a charge, they say, rendering them functionally useless. Apple bloggers agree: "AirPods are starting to show their age for early adopters," Zac Hall, an editor at 9to5Mac, wrote in a post in January, detailing how he frequently hears a low-battery warning in his AirPods now. Earlier this month, Apple Insider tested a pair of AirPods purchased in 2016 against a pair from 2018, and found that the older pair died after two hours and 16 minutes. "That's less than half the stated battery life for a new pair," the writer William Gallagher concluded. Desmond Hughes, who is 35 and lives in Newport News, Virginia, has noticed a similar thing about his own set: At first, their charge lasted five hours, but now they sometimes last only half an hour. He frequently listens to one while charging the other -- not optimal conditions for expensive headphones. He's now gearing up to plunk down more money on another pair....

The lithium-ion batteries that power AirPods are everywhere. One industry report forecast that sales would grow to $109.72 billion by 2026, from $36.2 billion in 2018. They charge faster, last longer, and pack more power into a small space than other types of batteries do. But they die faster, too, often after just a few years, because every time you charge them, they degrade a little. They can also catch fire or explode if they become damaged, so technology companies make them difficult, if not impossible, for consumers to replace themselves. The result: A lot of barely chargeable AirPods and wireless mice and Bluetooth speakers are ending up in the trash as consumers go through products -- even expensive ones -- faster than ever....

Of the 3.4 million tons of electronic waste generated in America in 2012 -- an 80 percent increase from 2000 -- just 29 percent was recycled.

The article notes that Wednesday Apple announced a new generation of AirPods -- but "did not say whether the devices would have longer lives."

They also report that Apple "does allow consumers to pay for what it calls a 'battery replacement' for AirPods, but each 'replaced' AirPod is $49."
AT&T

AT&T, Comcast Announce Verification Milestone To Help Fight Robocalls (usatoday.com) 90

"The fight against robocalls can even bring telecom rivals together," reports USA Today: AT&T and Comcast said Wednesday that they can authenticate calls made between the two different phone providers' networks, a potential industry first and the latest in the long-running battle against spam calls... The system, which uses a method developed in recent years, verifies that a legitimate call is being made instead of one that has been spoofed by spammers, scammers or robocallers with a "digital signature." The recipient network then confirms the signature on its side. The companies said consumers will get a notification that a call is verified, but exactly what that will look like is not yet known.

Both AT&T and Comcast will roll out the system to home phone users later this year at no extra charge. AT&T also said it will introduce the feature to its mobile users this year... Other major wireless and traditional home voice providers have pledged support for the verification method, including Verizon, T-Mobile, Sprint, Charter, Cox and Vonage, with several announcing plans to roll out or test the feature in 2019.

The day Comcast and AT&T made their announcement, AT&T's CEO was giving a live interview that was interrupted by a robocall.
Media

Comcast Unveils $5-a-Month Streaming Service Xfinity Flex (cnet.com) 59

Comcast announced a $5-a-month streaming video service Thursday called Xfinity Flex, an offering that aggregates on-demand video from your subscriptions like Netflix Amazon Prime Video and HBO, as well as offering free ad-supported shows to watch and options to rent and buy programming. From a report: It essentially replicates some of the features of a cable service but delivers over the internet rather than... well, cable. But it won't have live channels or DVR, and it won't let you watch a live-TV streaming service like YouTube TV or Sling TV, keeping Flex squarely in the realm of on-demand viewing that's less threatening to Comcast's traditional -- and lucrative -- cable TV packages. Instead, Flex will have built-in ways to upgrade to live TV from Comcast. Xfinity Flex comes with a 4K and HDR-ready wireless set-top box with an X1 voice remote, Engadget adds. It's scheduled to launch March 26th, and will be available to customers who have Comcast internet.
Wireless Networking

Trump Blockade of Huawei Fizzles In European 5G Rollout (bloomberg.com) 280

An anonymous reader quotes a report from Bloomberg: Last summer, the Trump administration started a campaign to convince its European allies to bar China's Huawei from their telecom networks. Bolstered by the success of similar efforts in Australia and New Zealand, the White House sent envoys to European capitals with warnings that Huawei's gear would open a backdoor for Chinese spies. The U.S. even threatened to cut off intelligence sharing if Europe ignored its advice. So far, not a single European country has banned Huawei. Europe, caught in the middle of the U.S.-China trade war, has sought to balance concerns about growing Chinese influence with a desire to increase business with the region's second-biggest trading partner. With no ban in the works, Huawei is in the running for contracts to build 5G phone networks, the ultra-fast wireless technology Europe's leaders hope will fuel the growth of a data-based economy.

The U.K.'s spy chief has indicated that a ban on Huawei is unlikely, citing a lack of viable alternatives to upgrade British telecom networks. Italy's government has dismissed the U.S. warnings as it seeks to boost trade with China. In Germany, authorities have proposed tighter security rules for data networks rather than outlawing Huawei. France is doing the same after initially flirting with the idea of restrictions on Huawei. Governments listened to phone companies such as Vodafone Group Plc, Deutsche Telekom AG, and Orange SA, who warned that sidelining Huawei would delay the implementation of 5G by years and add billions of euros in cost. While carriers can also buy equipment from the likes of Ericsson AB, Nokia Oyj, and Samsung Electronics Co., industry consultants say Huawei's quality is high, and the company last year filed 5,405 global patents, more than double the filings by Ericsson and Nokia combined. And some European lawmakers have been wary of Cisco Systems Inc., Huawei's American rival, since Edward Snowden leaked documents revealing the National Security Agency's use of U.S.-made telecom equipment for spying.

Botnet

New Mirai Malware Variant Targets Signage TVs and Presentation Systems (zdnet.com) 21

An anonymous reader quotes a report from ZDNet: Security researchers have spotted a new variant of the Mirai IoT malware in the wild targeting two new classes of devices -- smart signage TVs and wireless presentation systems. This new strain is being used by a new IoT botnet that security researchers from Palo Alto Networks have spotted earlier this year. The botnet's author(s) appears to have invested quite a lot of their time in upgrading older versions of the Mirai malware with new exploits. Palo Alto Networks researchers say this new Mirai botnet uses 27 exploits, 11 of which are new to Mirai altogether, to break into smart IoT devices and networking equipment. Furthermore, the botnet operator has also expanded Mirai's built-in list of default credentials, that the malware is using to break into devices that use default passwords. Four new username and password combos have been added to Mirai's considerable list of default creds, researchers said in a report published earlier today.

The purpose and modus operandi of this new Mirai botnet are the same as all the previous botnets. Infected devices scan the internet for other IoT devices with exposed Telnet ports and use the default credentials (from their internal lists) to break in and take over these new devices. The infected bots also scan the internet for specific device types and then attempt to use one of the 27 exploits to take over unpatched systems.
The new Mirai botnet is specifically targeting LG Supersign signage TVs and WePresent WiPG-1000 wireless presentation systems.
Microsoft

Microsoft Now Lets You Stream PC Games To an Xbox One and Use a Controller (theverge.com) 85

Microsoft is now letting Xbox One owners stream their PC games to the console and use a controller to play them. From a report: A newly updated app, Wireless Display app, from Microsoft enables the support so you can play Steam games or other titles directly on an Xbox One. You can use a regular Xbox controller to control the remote PC, enabling game play or even the ability to use an Xbox for presentations. Microsoft's Wireless Display app uses Miracast to create a connection between a PC and the Xbox One, and you can cast to the Xbox using the winkey + P combination. There are different latency modes for gaming and watching videos from a remote PC, and the app is ideal if you want to project a stream or video onto the Xbox. You won't be able to stream protected content like Netflix, though.
Network

Portland City Council May Ask FCC To Investigate Health Risks of 5G Networks (inverse.com) 175

An anonymous reader quotes a report from Inverse: Fearing unknown health risks, members of the City Council in Portland, Oregon, will vote Wednesday to oppose the rollout of 5G wireless networks. In a proposed resolution, Mayor Ted Wheeler, along with Commissioners Chloe Eudaly and Amanda Fritz, write that there's evidence suggesting wireless networks can cause health problems -- including cancer. They express concern that the Federal Communications Commission has not conducted enough research to demonstrate that 5G networks are safe, while at the same time prohibiting state and local governments from passing their own regulations on telecommunications technology. And while Wheeler, Eudaly, and Fritz are correct about the FCC's power to dictate how state and local governments manage wireless networks, the connection between 5G networks and cancer is a lot more complicated than they say it is.

"There is evidence to suggest that exposure to radio frequency emissions generated by wireless technologies could contribute to adverse health conditions such as cancer," reads the proposed resolution. This evidence comes from a large-scale study conducted by the National Toxicology Program (NTP), a division of the US Department of Health and Human Services. The final results of this study, published in November 2018, showed a strong association between the type of radiation used for mobile phone signals and certain types of cancerous tumors in lab rats. But that's where the situation gets tough.
The NTP study, which took place over 10 years and involved exposing more than 7,000 rats and mice to radio-frequency radiation, focused on signals used by wireless technology under the 2G and 3G standards. It's nearly impossible to say whether these results will apply to 5G hardware.

"Since the available research doesn't address 5G, the Portland City Council's resolution demands that the FCC embark on another such research project to assess the health effects of 5G," reports Inverse. "Presumably, it would take just as long to conduct another study on the hypothesized connection between 5G and cancer, but by that time, the industry will almost certainly have moved on to 6G -- or 7G."
Television

Apple Confirms March 25th Event, Expected To Announce New TV Service (theverge.com) 38

Apple is holding an event on March 25th where it's expected to announce its long-rumored TV streaming and Apple News subscription services. The invitation shows an animated countdown GIF with the caption "It's show time," hinting that the new TV service will play a big role. The Verge reports: Rumors of an event at the end of March began last month, saying that the company will reportedly focus exclusively on services. Although, there is always a chance that we could see the anticipated announcements of revamped AirPods, a new entry-level iPad, and the long-delayed AirPower wireless charging pad. This is not the first time that Apple has used this tagline for an event: the company first used it for a September 2006 event where it announced that it would start offering movies on iTunes, along with the first reveal of the iTV (which would be renamed Apple TV on release in 2007). It's certainly a fitting teaser for the upcoming event. Just like in 2006, we could see Apple's media offerings for its devices expand yet again.

Along with the TV service, which is rumored to launch later this spring, Apple is also expected to take the wraps off its Apple News subscription service. The Apple News service will reportedly look to offer a Netflix-style bundle for magazines and subscription newspapers all in one convenient place. An early report from The Wall Street Journal indicated that Apple was having trouble with negotiations, reportedly demanding a staggering 50 percent of revenue from the service.

Government

Ajit Pai's Rosy Broadband Deployment Claim May Be Based On Gigantic Error (arstechnica.com) 121

An anonymous reader quotes a report from Ars Technica: Pai's claim was questionable from the beginning, as we detailed last month. The Federal Communications Commission data cited by Chairman Pai merely showed that deployment continued at about the same rate seen during the Obama administration. Despite that, Pai claimed that new broadband deployed in 2017 was made possible by the FCC "removing barriers to infrastructure investment." But even the modest gains cited by Pai rely partly on the implausible claims of one ISP that apparently submitted false broadband coverage data to the FCC, advocacy group Free Press told the FCC in a filing this week.

The FCC data is based on Form 477 filings made by ISPs from around the country. A new Form 477 filer called Barrier Communications Corporation, doing business as BarrierFree, suddenly "claimed deployment of fiber-to-the-home and fixed wireless services (each at downstream/upstream speeds of 940mbps/880mbps) to census blocks containing nearly 62 million persons," Free Press Research Director Derek Turner wrote. "This claimed level of deployment stood out to us for numerous reasons, including the impossibility of a new entrant going from serving zero census blocks as of June 30, 2017, to serving nearly 1.5 million blocks containing nearly 20 percent of the U.S. population in just six months time," Turner wrote. "We further examined the underlying Form 477 data and discovered that BarrierFree appears to have simply submitted as its coverage area a list of every single census block in each of eight states in which it claimed service: CT, DC, MD, NJ, NY, PA, RI, and VA." In reality, BarrierFree's website doesn't market any fiber-to-the-home service, and it advertises wireless home Internet speeds of up to just 25mbps, Free Press noted.
BarrierFree appears to have ignored the FCC's instructions to report service only in census blocks in which an ISP currently offers service and instead simply "listed every single census block located in eight of the states in which it's registered as a CLEC [competitive local exchange carrier]."

As a result of BarrierFree's claimed level of deployment, it skewed the FCC's overall data significantly. "Pai claimed that the number of Americans lacking access to fixed broadband with speeds of at least 25Mbps down and 3Mbps up 'has dropped by over 25 percent, from 26.1 million Americans at the end of 2016 to 19.4 million at the end of 2017,'" reports Ars. "With BarrierFree's erroneous filing removed, 'the number of Americans lacking access to a fixed broadband connection at the 25Mbps/3Mbps threshold declined to 21.3 million, not 19.4 million,' Free Press wrote."
Patents

Samsung Patents Wireless TV With No Power Cable (techradar.com) 55

An anonymous reader quotes a report from TechRadar: Could Samsung be on the cusp of a fully wireless TV? A recent patent hints that a Samsung TV without any pesky cables could be around the corner. Spotted by LetsGoDigital, the patent was filed in March 2018 but only released publicly in late February of this year. The patent revolves around a wireless power transceiver, which would make the prospective television the first of its kind to transmit power across the room rather than relying on a power cable -- increasingly seen as an eyesore next to Samsung's premium design sets. The transceiver takes the form of a magnetic bar attached to the rear of the television, given that panels themselves are too thin to house anything of this kind. It would then require a separate power transmitter (plugged into the mains) to keep the TV running.
Communications

Democrats Introduce 'Save the Internet Act' To Restore Net Neutrality (cnet.com) 174

As expected, Speaker Nancy Pelosi and other House and Senate Democrats on Wednesday introduced the Save the Internet Act, which aims to restore open internet rules that were repealed in 2017. From a report: The Obama-era rules, which lasted from 2015 to 2018, banned broadband providers from slowing or blocking access to the internet or charging companies higher fees for faster access. Democrats in Congress have said the repeal allows for large broadband and wireless companies to "control people's online activities." "86 percent of Americans opposed Trump's assault on net neutrality, including 82 percent of Republicans," said Pelosi during the press conference on Wednesday. "With 'Save The Internet Act,' Democrats are honoring the will of the people." Massachusetts Sen. Ed Markey tweeted out a copy of the bill on Wednesday, saying nearly every Democrat in the Senate had joined him to introduce it.
Medicine

Wireless Skin Sensors For Newborns Will Let Parents Cuddle Fragile Babies 35

the_newsbeagle writes: In newborn intensive care units (NICUs) today, tiny fragile babies lie in incubators, wired to a variety of monitors that track their vital signs. This mess of wires makes it complicated for nurses to pick up the babies for routine tasks like diaper changes, and makes it hard for new parents to pick up their infants for cuddling. Skin-to-skin contact between parents and infants has been proven not only to help with bonding, but also to have a host of medical benefits for the infants, so the wires that tether babies to their beds are a real problem. At Northwestern University, an electrical engineer who works on flexible, stretchable electronics teamed up with a pediatric dermatologist to invent a solution. They devised a system of stick-on wireless biosensors (with a gentle adhesive that's safe even for thin preemie skin) that actually provide more information than today's standard setup. The system "is composed of two sensors, one that sticks to the chest to record electrocardiograms (providing heart rate), another that sticks to the foot to record photoplethysmograms (measuring blood oxygenation) and skin temperature," reports IEEE Spectrum. "The foot sensor required the engineering team to create software that could compensate for movement artifacts in the data. Time-syncing these two sensors also provides a continuous measurement of blood pressure; the system knows when the heart pumps out a pulse of blood and when it arrives at the foot, and that time measurement correlates well with blood pressure."

"The sensors use near-field communication (NFC) to connect to a module that can be attached to the baby's bed, and which both receives the data and sends wireless power to the sensors," the report adds. "That module transmits the data via bluetooth to a mobile phone or tablet."
Cellphones

Comcast Set Mobile Pins To '0000,' Helping Attackers Steal Phone Numbers (arstechnica.com) 30

An anonymous reader quotes a report from Ars Technica: A bad security decision by Comcast on the company's mobile phone service made it easier for attackers to port victims' cell phone numbers to different carriers. Comcast in 2017 launched Xfinity Mobile, a cellular service that uses the Verizon Wireless network and Comcast Wi-Fi hotspots. Comcast has signed up 1.2 million mobile subscribers but took a shortcut in the system that lets users switch from Comcast to other carriers. To port a phone line from Comcast to another wireless carrier, a customer needs to know his or her Comcast mobile account number. Carriers generally use PINs to verify that a customer seeking to port a number actually owns the number. But Comcast reportedly set the PIN to 0000 for all its customers, and there was apparently no way for customers to change it. That means that an attacker who acquired a victim's Comcast account number could easily port the victim's phone number to another carrier. Comcast told Ars that "less than 30" customers were affected by the problem, that it has implemented a fix, and that the company will eventually roll out a real PIN-based system to further protect customers. But Comcast declined to describe the recent fix in any way, saying that information could help attackers. Comcast also did not say when its new PIN-based system will be ready. Here's what Comcast had to say about the changes it's made and will make: "We have also implemented a solution that provides additional safeguards around our porting process, and we're working aggressively towards a PIN-based solution. We are reaching out to impacted customers to apologize and work with them to address the issue. We take this very seriously, and our fraud detection and prevention methods, policies and procedures are continually being reviewed, tested and refined."
AT&T

AT&T Wins Fight With US Over Purchase of Time Warner (reuters.com) 55

An appeals court has approved AT&T's purchase of Time Warner, despite the Trump administration's drawn-out attempts to block the $85.4 billion acquisition. The U.S. Justice Department said it would not fight the decision. Reuters reports: The three-judge panel on the U.S. Court of Appeals for the District of Columbia ruled unanimously in favor of the deal earlier on Tuesday, saying that the government's case that the merger would result in higher consumer prices was "unpersuasive." The decision ended a 15-month effort by the Justice Department to block it. It was AT&T's second major court victory against the Justice Department, setting the stage for the No. 2 wireless carrier to integrate its WarnerMedia business as well as its new Xandr advertising unit.

The deal has been seen as a turning point for a media industry that has been upended by companies like Netflix and Alphabet's Google which put content online with no need for a cable subscription. The merger, which was announced in October 2016, closed on June 14 shortly after Judge Richard Leon ruled the deal was legal under antitrust law. AT&T agreed it would have no role in setting Turner's prices to distributors and the number of Turner employees would remain largely unchanged.

Security

New Flaws In 4G, 5G Allow Attackers To Intercept Calls and Track Phone Locations (techcrunch.com) 46

An anonymous reader quotes a report from TechCrunch: A group of academics have found three new security flaws in 4G and 5G, which they say can be used to intercept phone calls and track the locations of cell phone users. The findings are said to be the first time vulnerabilities have affected both 4G and the incoming 5G standard, which promises faster speeds and better security, particularly against law enforcement use of cell site simulators, known as "stingrays." But the researchers say that their new attacks can defeat newer protections that were believed to make it more difficult to snoop on phone users. [Rafiul Hussain, one of the co-authors of the paper, along with Ninghui Li and Elisa Bertino at Purdue University, and Mitziu Echeverria and Omar Chowdhury at the University of Iowa are set to reveal their findings at the Network and Distributed System Security Symposium in San Diego on Tuesday.

The paper, seen by TechCrunch prior to the talk, details the attacks: the first is Torpedo, which exploits a weakness in the paging protocol that carriers use to notify a phone before a call or text message comes through. The researchers found that several phone calls placed and cancelled in a short period can trigger a paging message without alerting the target device to an incoming call, which an attacker can use to track a victim's location. Knowing the victim's paging occasion also lets an attacker hijack the paging channel and inject or deny paging messages, by spoofing messages like Amber alerts or blocking messages altogether, the researchers say. Torpedo opens the door to two other attacks: Piercer, which the researchers say allows an attacker to determine an international mobile subscriber identity (IMSI) on the 4G network; and the aptly named IMSI-Cracking attack, which can brute force an IMSI number in both 4G and 5G networks, where IMSI numbers are encrypted.
AT&T, Verizon, Sprint and T-Mobile are all affected by Torpedo, "and the attacks can be carried out with radio equipment costing as little as $200," the report adds. One U.S. network is reportedly vulnerable to the Piercer attack, but the researcher wouldn't name which one.
Verizon

Verizon Asks FCC To Let It Lock New Smartphones For 60 Days (theverge.com) 81

Verizon is asking the FCC to let it keep new smartphones locked to its network for 60 days, as part of an initiative to prevent identify theft and fraud. "After the 60-day period, the phones would unlock automatically, the telecom says in a note published to its website and authored by Ronan Dunne, Verizon's executive vice president," reports The Verge. "Verizon says it should have the authority to do this under the so-called 'C-block rules' put in place following the FCC's 2008 wireless spectrum auction." From the report: "We believe this temporary lock on new phones will protect our customers by limiting the incentive for identity theft. At the same time, a temporary lock will have virtually no impact on our legitimate customers' ability to use their devices," Dunne writes. "Almost none of our customers switch to another carrier within the first 60 days. Even with this limited fraud safety check, Verizon will still have the most consumer-friendly unlocking policy in the industry. All of our main competitors lock their customers' new devices for a period of time and require that they are fully paid off before unlocking."

Verizon is just putting itself in line with the rest of the industry here. AT&T already requires your phone be activated for 60 days for you to unlock it, and the company even requires you to wait two weeks to unlock your old phone if you're upgrading to a new one. T-Mobile requires you wait 40 days, and also limits users to two unlocks per year per line. Sprint has a 50-day limit, and only unlocks devices from the onset if the phones are prepaid.

Slashdot Top Deals