Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Researchers Send Fake Presidential Alerts to Stadium of 50,000 Using LTE Vulnerability
Source: Gizmodo
PRIVACY AND SECURITY
Researchers Send Fake Presidential Alerts to Stadium of 50,000 Using LTE Vulnerability
Melanie Ehrenkranz
Yesterday 2:09pm Filed to: EMERGENCY ALERT SYSTEM
Researchers figured out a way to exploit the system that sends presidential emergency alerts to our phones, simulating their method on a 50,000 seat football stadium in Colorado with a 90 percent success rate.
Researchers at the University of Colorado Boulder published a paper this month that details how they were able to spoof attack the Wireless Emergency Alert (WEA) program, which can send out AMBER alerts, presidential alerts, and both extreme and severe threats to safety.
Emergency alerts are sent to every mobile device within range of the broadcasting cell tower. But the researchers note that a malicious cell tower channel is capable of fooling the system, and in turn sending out an inauthentic emergency alert to all devices within its range.
The researchers tested this LTE vulnerability by creating their own malicious cell tower channel using off-the-shelf hardware and open-source software to deploy their exploit, which in one instance was used in an experiment at Folsom Field at the University of Colorado Boulder.
The researchers didnt perform an actual attack on a live crowd at the stadium or on actual mobile devices, Eric Wustrow, a researcher on the paper, told Gizmodo in an email. The tests performed were instead done in isolated RF shield boxes, Wustrow said, and our analysis of Folsom Field was a combination of empirically gathered data and simulation. A screenshot from the paper below displays what these spoof attacks looked like on both a Samsung Galaxy S8 and an iPhone X.
-snip-
Researchers Send Fake Presidential Alerts to Stadium of 50,000 Using LTE Vulnerability
Melanie Ehrenkranz
Yesterday 2:09pm Filed to: EMERGENCY ALERT SYSTEM
Researchers figured out a way to exploit the system that sends presidential emergency alerts to our phones, simulating their method on a 50,000 seat football stadium in Colorado with a 90 percent success rate.
Researchers at the University of Colorado Boulder published a paper this month that details how they were able to spoof attack the Wireless Emergency Alert (WEA) program, which can send out AMBER alerts, presidential alerts, and both extreme and severe threats to safety.
Emergency alerts are sent to every mobile device within range of the broadcasting cell tower. But the researchers note that a malicious cell tower channel is capable of fooling the system, and in turn sending out an inauthentic emergency alert to all devices within its range.
The researchers tested this LTE vulnerability by creating their own malicious cell tower channel using off-the-shelf hardware and open-source software to deploy their exploit, which in one instance was used in an experiment at Folsom Field at the University of Colorado Boulder.
The researchers didnt perform an actual attack on a live crowd at the stadium or on actual mobile devices, Eric Wustrow, a researcher on the paper, told Gizmodo in an email. The tests performed were instead done in isolated RF shield boxes, Wustrow said, and our analysis of Folsom Field was a combination of empirically gathered data and simulation. A screenshot from the paper below displays what these spoof attacks looked like on both a Samsung Galaxy S8 and an iPhone X.
-snip-
Read more: https://gizmodo.com/researchers-send-fake-presidential-alerts-to-stadium-of-1835806990
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
3 replies, 1115 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (0)
ReplyReply to this post
3 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Researchers Send Fake Presidential Alerts to Stadium of 50,000 Using LTE Vulnerability (Original Post)
Eugene
Jun 2019
OP
customerserviceguy
(25,185 posts)1. I've turned off all of my alerts
I don't need the damn phone going off when I'm sleeping.
Eugene
(62,658 posts)2. There is no opt-out for presidential alerts. They go to every phone.
If you turn off your phone, the alert will come in when you turn it back on.
You can't turn off a presidential alert, but you can turn off other emergency notifications
https://www.usatoday.com/story/tech/talkingtech/2018/10/03/presidential-alert-turn-off-wireless-emergency-alarms/1512600002/
customerserviceguy
(25,185 posts)3. Well, that's way too much power. n/t