27C3 - Version 1.6.3

27th Chaos Communication Congress
We come in peace

Speakers
Renaud Lifchitz
Schedule
Day Day 3 - 2010-12-29
Room Saal 3
Start time 17:15
Duration 01:00
Info
ID 4151
Event type Lecture
Track Hacking
Language used for presentation English
Feedback

Android geolocation using GSM network

"Where was Waldroid?"

We introduce a new forensic technique that allows to collect users' past locations on most current Android phones, within a few seconds. It becomes possible to tell where the user was at a given time, or where a phone call took place over the last few hours or days.

The attack is based on GSM BTS cell location and little-known Android logging features and can be extended to track a user's activity over long periods of time.

We will also show how to perform the attack locally and remotely, and ways to protect against these techniques, as well as forensic applications and privacy concerns.

As a part of the presentation we plan to show a live demonstration of both local and remote attacks to retrieve geolocation and activity history of targeted phones. The graphical mapping tool used for the presentation will be released as open source.

Talk keywords: mobile phone hacking, geolocation, android, privacy, forensics

Outline:

  1. WHY ANDROID?
  2. GEOLOCATION: DIFFERENT APPROACHES
  3. ATTACK VECTORS
  4. SPYING USERS... (GETTING MORE THAN LOCATION: TRACKING CALLS&SMS)
  5. HOW TO PROTECT?
  6. TOOL DEMO