Learn, hack!

URL

https://media.blackhat.com/bh-us-10/whitepapers/Bailey_DePetrillo/BlackHat-USA-2010-Bailey-DePetrillo-The-Carmen-Sandiego-Project-wp.pdf

File name

BlackHat-USA-2010-Bailey-DePetrillo-The-Carmen-Sandiego-Project-wp.pdf

File size

151.7 KB

MD5

d5caf33d50a1fdcc13b4ed221e1c5ab8

SHA1

43a08866287a5c8392f848b1885e943f1c15ff45

The global telephone network is often an opaque and muddy environment where many false assumptions of privacy are made by its users. Providers do their best to compartmentalize as much privacy-centric data as possible. However, information must be shared for the sake of network interoperability. The speakers will discuss gaps in privacy protection and how they can be leveraged to expose who you are, your location, and the privacy of those in contact with you. Demonstrations will reveal how location data can be augmented and used in several fashions. First, the speakers will show how information can be leveraged to develop fairly accurate physical boundaries of a particular mobile switching center and how this information changes over time. Second, the speakers will overlay cellular tower data to depict coverage in a particular mobile switching center. Next, the speakers will demonstrate how to visualize an individual traveling across adjacent mobile switching centers and the cell towers they are likely to associate with. Finally, the speakers will demonstrate how known location values for many subscribers can reveal location information for handsets where location information can't be obtained directly. Lastly, the speakers will elaborate on mitigation strategies for these attacks at the subscriber level and potential mitigation strategies for the provider level.