In this presentation, we will check out a part of the protocol procedures that hasn’t been looked at yet, specifically mobile-terminated services. GSM differs between mobile-terminated and mobile-originated services. E.g. the caller in a call setup follows mobile-originated protocol procedures, while the receiving call is treated as a mobile-terminated service setup. In this presentation, we will have a detailed overview of what happens during the delivery of a such a service. How does a call exactly reach your phone? Specifically, we will look at how to disturb and abuse these procedures. This includes:
Nico Golde has been working on several aspects of mobile telecommunication and the involved security threats in the last years. His interests range from GSM/UMTS protocols, to systems security (mostly unix based systems) to end-user device security. In the past he has done work on the SMS client implementations of various mobile phones and found issues in phones from most major vendors. He also participated in dissecting the security of the increasingly popular femtocell technology. Currently Nico is working with the product security team at Qualcomm.