|
|
|
|
|
|
by patcheudor
3230 days ago
|
|
|
I gave up on burner phones because they were typically old and terribly vulnerable with no possible way to update - think older Android phones. Although, I did win the WiFi Village Fox & Hound hunt a few years back using a Samsung S4, but I had that thing locked down to using only a WiFi strength meter app and of course it was running CyanogenMod back when that was still a thing. These days I update, backup, and lock down my daily use iPhone before going. See my post earlier in the comments for more details on that. In terms of what was happening in the last two years at DEF CON that could get you with all the steps I took, OpenLTE networks were tricking phones into attaching to them and the most disturbing thing I saw of that was middling of TLS. However, it was of course with a self-signed certificate so as long as you didn't accept the cert, you were likely fine. If you had an older phone and one without all the latest updates and wasn't configured to be mostly silent, then your experience could be very different. There are a surprisingly high number of SMS exploits which still work to this day on a large number of phones and of course SS7 has architectural weaknesses which will likely never be fixed. |
|
|
I am sure that many folks would be very interested in seeing any supporting data/captures. This is incredibly uncommon.