Home  ›  News  ›

New Security Flaw Found in LTE Standard

Article Comments  

Jul 3, 2018, 8:38 AM   by Rich Brome   @rbrome

Researchers have recently discovered a new security vulnerability affecting all 4G LTE networks. The so-called "aLTEr" attack could allow someone nearby to send your phone's browser to a web site different than the one requested, impersonating your bank's web site, for example. Similarly, it could trick an app into connecting to a different back-end service. aLTEr requires that the attacker use $4,000 equipment and be within about a mile of the victim, among other challenges. Although a successful attack is difficult, it could be used against high-value targets such as politicians, military personnel, journalists, employees of corporate rivals, etc. The flaw is inherent in the LTE standard and unlikely to be fixed. However, because aLTEr relies on DNS spoofing, it can be avoided by only using web sites and services that employ both HTTPS and DNSSEC. Currently, less than 1% of .com web sites employ DNSSEC, although many high-value sites do use it.

more info at Ars Technica »
more info »

Related

AD

Comments

This forum is closed.

This forum is closed.

No messages

 
 
Page  1  of 1

Subscribe to news & reviews with RSS Follow @phonescoop on Twitter Phone Scoop on Facebook Subscribe to Phone Scoop on YouTube Follow on Instagram

 

All content Copyright 2001-2018 Phone Factor, LLC. All Rights Reserved.
Content on this site may not be copied or republished without formal permission.