Home  ›  News  ›

New Security Flaw Found in LTE Standard

Article Comments  

Jul 3, 2018, 8:38 AM   by Rich Brome
updated Jul 28, 2019, 5:43 PM

Researchers have recently discovered a new security vulnerability affecting all 4G LTE networks. The so-called "aLTEr" attack could allow someone nearby to send your phone's browser to a web site different than the one requested, impersonating your bank's web site, for example. Similarly, it could trick an app into connecting to a different back-end service. aLTEr requires that the attacker use $4,000 equipment and be within about a mile of the victim, among other challenges. Although a successful attack is difficult, it could be used against high-value targets such as politicians, military personnel, journalists, employees of corporate rivals, etc. The flaw is inherent in the LTE standard and unlikely to be fixed. However, because aLTEr relies on DNS spoofing, it can be avoided by only using web sites and services that employ both HTTPS and DNSSEC. Currently, less than 1% of .com web sites employ DNSSEC, although many high-value sites do use it.

Ars Technica »

Related
Eight US States to Support Digital Driver’s Licenses in Apple Wallet

Sep 1, 2021
Residents of Arizona and Georgia will soon be able to add a secure digital version of their driver's license or state ID to the Wallet app on their iPhone and/or Apple Watch. Connecticut, Iowa, Kentucky, Maryland, Oklahoma, and Utah have also announced plans to support Apple's implementation.

iOS 16 Revamps the Lock Screen

Jun 6, 2022
Apple today announced iOS 16, the next version of its core software for iPhones. The new OS features a major revamp of the Lock Screen with new personalization, including font & color options, and widgets that are similar to complications on the Apple Watch.

Google Brings Nearby Share to Windows

Apr 3, 2023
Google has released a public beta version of Nearby Share for Windows computers. Installing the new Nearby Share app on a Windows device makes it easy to exchange files with nearby Android phones and tablets.

iOS 14.8 Patches Nasty Security Flaw

Sep 13, 2021
Apple today released a set of urgent security updates for iOS, watchOS, macOS, and Safari for Mac. The updates fix a previously-unknown zero-day security flaw that enabled "arbitrary code execution" when viewing a maliciously crafted PDF file, which could be transmitted by visiting a web page and/or receiving an iMessage.

New Standard Will Enable Modular Chips

Mar 4, 2022
A number of leading companies in the semiconductor industry have created a new standard for connecting multiple "chiplets" with different functions into one system-on-chip (SoC) package. This will enable a modular approach to designing the main chips that power phones and other devices.

Comments

This forum is closed.

This forum is closed.

No messages

 
 
Page  1  of 1

Subscribe to news & reviews with RSS Follow @phonescoop on Threads Follow @phonescoop on Mastodon Phone Scoop on Facebook Follow on Instagram

 

Playwire
Advertise on this site.

All content Copyright 2001-2024 Phone Factor, LLC. All Rights Reserved.
Content on this site may not be copied or republished without formal permission.