Penetration Testing mailing list archives
Re: Mobile phone pen-testing,
From: cwright () bdosyd com au
Date: 3 Oct 2007 23:25:09 -0000
Hi, First, the nature of your testing does not suit the aims. You will not ensure that you can not be overheard by pen testing your phone. "As a mobile phone user, is there something that we can do to secure mobile phone conversation? " Yes - first ensure that you do not use bluetooth. Run Voip - encrypt it end to end. Ensure key security. "Is it possible to setup a secure channel communication through GSM network? " Yes. There are a number of encryption standards - some even work. (Try to avoid those that do not use tried and true algorithims) "How expensive is the device?" How long is a piece of string. From $50 to $50k Regards, Dr Craig S Wright GSE (Complaince) <--- In reply to ---> Mobile phone pen-testing, Oct 02 2007 11:50AM Wilmar Sulaiman (wilmar sulaiman gmail com) Hi guys, I am looking for a guidance on how to pen test a mobile phone on the GSM network. Well I guess the main objective in this pen test is to ensure that no one is listening to my phone conversation. I am hoping to get a reasonable assurance that no one this includes phone operator can listen t... [ more ] ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Mobile phone pen-testing, Wilmar Sulaiman (Oct 03)
- Re: Mobile phone pen-testing, Jerome Athias (Oct 04)
- <Possible follow-ups>
- Re: Mobile phone pen-testing, cwright (Oct 03)