fbpx
Wikipedia

Karsten Nohl

October 23, 2023

Karsten Nohl (born 11 August 1981)[1] is a German cryptography expert[2] and hacker. His areas of research include Global System for Mobile Communications (GSM) security, radio-frequency identification (RFID) security, and privacy protection.[3]

Karsten Nohl

Life Edit

Nohl grew up in the Rhineland area of Germany and studied electrical engineering at the Heidelberg University of applied sciences from 2001 to 2004.[1][3] From 2005 to 2008, he earned his PhD at the University of Virginia on Implementable Privacy for RFID Systems.[3] Since 2010 Nohl has served as the Managing Director and Chief Scientist of the Berlin-based consultancy and think tank, Security Research Labs.[3][4][5] Karsten has also served as interim CISO for the Indian corporation Jio from 2014 to 2017, as well as, for the Malaysian corporation Axiata in 2017.[4]

Areas of research Edit

RFID security Edit

Mifare security Edit

Together with Henryk Plötz and CCC Berlin's, Starbug, Nohl gave a presentation in December 2007 on how the encryption algorithm used in Mifare Classic RFID smart cards was cracked. The Mifare Classic Card has been used in many micropayment applications, such as the Oyster card, CharlieCard, or the OV Chipkaart for payment.[6][7][8]

Legic security Edit

Together with Henryk Plötz, Nohl gave a presentation in December 2009 documenting the flawed security of Legic Prime RFID security. The talk demonstrated how the system employed multiple layers of strange and obscure techniques in lieu of standard encryption and cryptographic protocols. This allowed cards to be read, emulated, and even for arbitrary master tokens to be created.[9]

Car immobilizers Edit

At SIGINT-2013, Nohl gave a presentation on the insecurity of electronic car immobilizers used to prevent vehicle theft, documenting vulnerabilities in the three most widely used systems: DST40 (Texas Instruments), Hitag 2 (NXP Semiconductors) and Megamos (EM Micro).[10]

Mobile network security Edit

deDECTed.org Edit

Nohl was part of the project group deDECTed.org[11] [11], which in 2008 at 25C3 pointed out serious deficiencies in the DECT protocol.[12]

In April 2010, Nohl, together with Erik Tews and Ralf-Philipp Weinmann, published details on the cryptographic analysis of DECT proprietary and secret encryption algorithm used (DECT standard cipher), which is based on reverse engineering of DECT hardware and descriptions from a patent specification.[13]

A5/1 Security Project Edit

In the summer of 2009 Nohl introduced the A5/1 Security Project.[14] The project demonstrated an attack on the GSM encryption standard A5/1 using Rainbow Tables. With the help of volunteers, the key tables were calculated in a few months and published on the 26C3 in December 2009.[15]

The GSM Association described Nohl's plans as illegal and denied that wiretapping was actually possible. He replied that his research was purely academic.[16]

As early as 2008, the hacker group THC had begun with the pre-calculation of key tables for A5 / 1, but probably never published the tables because of legal problems.[14]

GSM sniffing Edit

At the 27C3 in December 2010, Nohl, together with Sylvain Munaut, demonstrated how mobile calls can be cut and decrypted with the help of converted cheap mobile phones and the open-source software OsmocomBB.[17] The pair showed that the GSM encryption can be cracked "in about 20 seconds" and that calls can be recorded and played back.[18][19]

GPRS security Edit

At Chaos Communication Camp 2011, Nohl and Luca Melette gave a presentation showing how GPRS networks do not securely encrypt their mobile traffic.[20] The pair stated that they had recorded data transmissions in the networks of several German mobile providers, including Deutsche Telekom, O2 Germany, Vodafone and E-Plus.[2] Several mobile service providers used either no or only insufficient encryption. With a modified mobile phone, mobile traffic could be read from within a radius of five kilometers.[2]

SIM card DES-hack Edit

At both Black Hat 2013 and OHM 2013, Nohl demonstrated that many SIM cards use the outdated and insecure DES encryption, undermining the privacy and security of mobile phone users.[21][22][23] Through "Over The Air (OTA)" communication, such as SMS messages, it is possible to provide a SIM card with updates, applications, or new encryption keys. Such messages are digitally signed with DES, 3DES or AES.[22][23] Nohl generated a Rainbow Table for 56-bit DES within a year based a on specially signed error message with known plain text.[22][23] The resulting attack scenario: an attacker sends the victim a signed text message.[22][23] With the help of the Rainbow Table it is then possible to crack the DES key of a SIM card in minutes and crack the internal key. (Known Plaintext Attack).[21][22] This allows an attacker to send a signed SMS, which in turn loads a Java app onto the SIM card. These apps are capable of multiple actions, including sending SMS or sharing the location of the device. An attacker could, for example, command a device to send SMS messages to foreign premium services at the cost of the device owner.[22][23] In principle, the Java Virtual Machine should make sure that every Java app can only access predefined interfaces.[23] Nohl found that the Java sandbox implementations of at least two major SIM card manufacturers, including market leader Gemalto, are insecure and it is possible for a Java app to escape the sandbox environment and thus gain access to the entire SIM card.[23] This makes it possible to duplicate SIM cards including the IMSI, authentication key (Ki) and payment information stored on the card.[23]

GSM security map and SnoopSnitch Edit

At the 30C3 in December 2013, Nohl introduced the Android app "GSMmap". Initially designed for use on a Galaxy S2 or S3 (including root access), the app collects information on the level a mobile network secures its traffic. The collected data can be uploaded, with the app user’s consent, to a database that evaluates the security of mobile networks worldwide, based on selected protection capability criteria. The results of this analysis are displayed on the "GSM Security Map" website, where the security level of mobile providers are visualized on an interactive world map and made available for download as "country reports".

At the 31C3 in December 2014, Nohl presented the Android app "SnoopSnitch" as a possible countermeasure against various mobile network security attacks. On various smartphones models with Qualcomm chipset and root access, mobile network traffic can be collected and analyzed locally with "SnoopSnitch,” where the app gives the user information about the encryption and authentication algorithm being used by the network, the possibility for SMS and SS7 attacks, as well as the potential presence of IMSI-catchers.

The data collected via “SnoopSnitch” can also be uploaded, with the user’s consent, to a database to support additional security analysis, which is shared on the "GSM Security Map" website.

SS7 hacking Edit

Also at the 31C3, Nohl presented a side channel attack using Signaling System 7 (SS7) on UMTS communication and described other SS7-based attacks that can allow the reading of text messages, the determination of location coordinates, and various scenarios for fraud.

Android patching Edit

In April 2018, Nohl presented on security in the mobile Android environment.[24] Nohl and his colleagues analyzed Android firmware images from various smartphone vendors. In some cases, a so-called "patch gap" was found, where vendors had not applied all security patches that otherwise should have been present based on the monthly patch level date specified in the firmware. Nohl released an updated version of the open source “Snoopsnitch” app with new features to allow users to run tests on their Android phones to check for a "patch gap" on their device.[25]

Security of payment and booking systems Edit

Attacks on the Electronic Cash protocol Edit

At the 32C3, Nohl and colleagues presented an attack on the EC card protocols ZVT and Poseidon, which are a dialect of ISO 8583.[26][27] Both protocols are the most common payment protocols in German-speaking countries.

Security gaps in travel booking systems Edit

At the 33C3, Nohl and colleagues highlighted security holes in Amadeus, Sabre, and Travelport, three of the largest Global Distribution Systems (GDS) which combined, handle approximately 90% of worldwide flight reservations and a large proportion of hotel, car rental, and other travel bookings.[28]

IT security research Edit

BadUSB Edit

At Black Hat 2014, Nohl and Jacob Lell presented on security risks associated with USB devices.[29][30][31][32] The USB standard is versatile and includes many different classes of devices.[31] Their research is based on the reprogramming of USB controller chips, which are widely used and found in USB sticks.[31] There is no effective protection against reprogramming, so a harmless USB device can be converted and used as a malicious device in many ways.[31]

Possible scenarios for abuse include:

  • A USB device can emulate a keyboard and issue commands on behalf of the logged-in user to install malware on their computer, malware which would also infect other USB devices connected.[31]
  • A USB device can pretend to be a network card, change the computer's DNS setting, and redirect traffic.[31]
  • A modified USB stick or a USB hard drive can load a small virus during the boot process, which infects the operating system before booting.[31]

Preventing such attacks is not yet possible because malware scanners have no access to the firmware version of USB devices and behavior detection is difficult.[31] USB firewalls that can block only certain device classes do not (yet) exist.[31] The usual process to remove malware - reinstalling the operating system - fails here because the USB stick that installs the operating systems may itself already be infected, as well as a built-in webcam or other USB devices.[31]

In addition, a proof of concept for Android devices was released to test the security.[31]

References Edit

  1. ^ a b Goebbels, Teresa (August 11, 2011). "GPRS-Hacker Karsten Nohl: Der perfekte Verbrecher". stern.de (in German).
  2. ^ a b c Bachfeld, Daniel (August 10, 2011). "GPRS-Verbindungen leicht abhörbar". heise online (in German).
  3. ^ a b c d (PDF). Archived from the original (PDF) on 2019-12-06. Retrieved 2019-05-10.
  4. ^ a b "Karsten Nohl Linkedin". Retrieved May 9, 2019.
  5. ^ . Archived from the original on March 4, 2016.
  6. ^ "Press Release: Lost Mifare obscurity raises concerns over security of OV-Chipkaart". January 8, 2008. Retrieved August 11, 2011.
  7. ^ "24C3:Mifare". Retrieved August 11, 2011.
  8. ^ "24C3:Mifare". Retrieved August 11, 2011.
  9. ^ "Legic Prime: Obscurity in Depth". media.ccc.de. December 28, 2009. Retrieved May 9, 2019.
  10. ^ . July 5, 2013. Archived from the original on December 31, 2014.
  11. ^ . Archived from the original on October 27, 2010. Retrieved May 9, 2019.
  12. ^ Krempl, Stefan (December 30, 2008). "25C3: Schwere Sicherheitslücken beim Schnurlos-Telefonieren mit DECT(update)". heise online (in German). Retrieved May 9, 2019.
  13. ^ Bachfeld, Daniel (April 26, 2010). "Kryptanalyse der DECT-Verschlüsselung". Heise Online (in German). Retrieved May 9, 2019.
  14. ^ a b Bachfeld, Daniel (August 26, 2009). "Open-Source-Projekt geht GSM an den Kragen". Heise Online (in German). Retrieved May 9, 2019.
  15. ^ "26C3: GSM: SRSLY?". Retrieved August 11, 2011.
  16. ^ Hochstätter, Christoph H.; Nusca, Andrew (December 29, 2009). "26C3: Deutscher Hacker knackt GSM-Verschlüsselung". ZDNet (in German). Retrieved August 11, 2011.
  17. ^ "27C3:Wideband GSM Sniffing". media.ccc.de. Chaos Computer Club. December 28, 2010. Retrieved August 11, 2011.
  18. ^ Krempl, Stefan (December 28, 2010). "27C3: Abhören von GSM-Handys weiter erleichtert". heise online (in German). Retrieved August 11, 2011.
  19. ^ "27C3 Wideband GSM Sniffing". December 28, 2010. Retrieved August 11, 2011.
  20. ^ "Camp 2011:GPRS Intercept". August 10, 2011. Retrieved May 9, 2019.
  21. ^ a b Kirsch, Christian (July 21, 2013). "ITU warnt vor Gefahr durch SIM-Karten-Hack". heise Security (in German). Retrieved May 9, 2019.
  22. ^ a b c d e f Schmidt, Jürgen (July 21, 2013). "DES-Hack exponiert Millionen SIM-Karten". heise Security (in German). Retrieved May 9, 2019.
  23. ^ a b c d e f g h "Rooting SIM cards". Security Research Labs. Retrieved July 9, 2014.
  24. ^ "Uncovering the Android Patch Gap". Hack in the Box 2018. April 28, 2018. Retrieved April 16, 2019.{{cite web}}: CS1 maint: location (link)
  25. ^ "SnoopSnitch". Retrieved May 9, 2019.
  26. ^ "Outdated payment protocols expose customers and merchants". Security Research Labs. Retrieved December 29, 2015.
  27. ^ Beuth, Patrick (December 22, 2015). "EC Karten: Sicherheitsforscher hacken das EC-Bezahlsystem". Zeit Online (in German). Retrieved December 29, 2015.
  28. ^ "Legacy booking systems disclose travelers' private information". Security Research Labs. Retrieved March 29, 2018.
  29. ^ "BadUSB – On Accessories that Turn Evil by Karsten Nohl + Jakob Lell". Black Hat. August 11, 2014. Retrieved September 15, 2014.
  30. ^ "Black Hat USA 2014". Retrieved September 15, 2014.
  31. ^ a b c d e f g h i j k . Security Research Labs. Archived from the original on April 18, 2016. Retrieved July 14, 2015.
  32. ^ Beuth, Patrick (July 31, 2014). "Jedes USB-Gerät kann zur Waffe werden". Die Zeit (in German). Retrieved September 15, 2014.

External links Edit

  • Security Research Labs: GSM Security Map
  • Snoopsnitch: An Android app for analyzing mobile traffic data. Gives the user information about the encryption and authentication algorithm, SMS and SS7 attacks and IMSI catcher.

October 23, 2023
karsten, nohl, born, august, 1981, german, cryptography, expert, hacker, areas, research, include, global, system, mobile, communications, security, radio, frequency, identification, rfid, security, privacy, protection, contents, life, areas, research, rfid, s. Karsten Nohl born 11 August 1981 1 is a German cryptography expert 2 and hacker His areas of research include Global System for Mobile Communications GSM security radio frequency identification RFID security and privacy protection 3 Karsten Nohl Contents 1 Life 2 Areas of research 2 1 RFID security 2 1 1 Mifare security 2 1 2 Legic security 2 1 3 Car immobilizers 2 2 Mobile network security 2 2 1 deDECTed org 2 2 2 A5 1 Security Project 2 2 3 GSM sniffing 2 2 4 GPRS security 2 2 5 SIM card DES hack 2 2 6 GSM security map and SnoopSnitch 2 2 7 SS7 hacking 2 2 8 Android patching 2 3 Security of payment and booking systems 2 3 1 Attacks on the Electronic Cash protocol 2 3 2 Security gaps in travel booking systems 2 4 IT security research 2 4 1 BadUSB 3 References 4 External linksLife EditNohl grew up in the Rhineland area of Germany and studied electrical engineering at the Heidelberg University of applied sciences from 2001 to 2004 1 3 From 2005 to 2008 he earned his PhD at the University of Virginia on Implementable Privacy for RFID Systems 3 Since 2010 Nohl has served as the Managing Director and Chief Scientist of the Berlin based consultancy and think tank Security Research Labs 3 4 5 Karsten has also served as interim CISO for the Indian corporation Jio from 2014 to 2017 as well as for the Malaysian corporation Axiata in 2017 4 Areas of research EditRFID security Edit Mifare security Edit Together with Henryk Plotz and CCC Berlin s Starbug Nohl gave a presentation in December 2007 on how the encryption algorithm used in Mifare Classic RFID smart cards was cracked The Mifare Classic Card has been used in many micropayment applications such as the Oyster card CharlieCard or the OV Chipkaart for payment 6 7 8 Legic security Edit Together with Henryk Plotz Nohl gave a presentation in December 2009 documenting the flawed security of Legic Prime RFID security The talk demonstrated how the system employed multiple layers of strange and obscure techniques in lieu of standard encryption and cryptographic protocols This allowed cards to be read emulated and even for arbitrary master tokens to be created 9 Car immobilizers Edit At SIGINT 2013 Nohl gave a presentation on the insecurity of electronic car immobilizers used to prevent vehicle theft documenting vulnerabilities in the three most widely used systems DST40 Texas Instruments Hitag 2 NXP Semiconductors and Megamos EM Micro 10 Mobile network security Edit deDECTed org Edit Nohl was part of the project group deDECTed org 11 11 which in 2008 at 25C3 pointed out serious deficiencies in the DECT protocol 12 In April 2010 Nohl together with Erik Tews and Ralf Philipp Weinmann published details on the cryptographic analysis of DECT proprietary and secret encryption algorithm used DECT standard cipher which is based on reverse engineering of DECT hardware and descriptions from a patent specification 13 A5 1 Security Project Edit In the summer of 2009 Nohl introduced the A5 1 Security Project 14 The project demonstrated an attack on the GSM encryption standard A5 1 using Rainbow Tables With the help of volunteers the key tables were calculated in a few months and published on the 26C3 in December 2009 15 The GSM Association described Nohl s plans as illegal and denied that wiretapping was actually possible He replied that his research was purely academic 16 As early as 2008 the hacker group THC had begun with the pre calculation of key tables for A5 1 but probably never published the tables because of legal problems 14 GSM sniffing Edit At the 27C3 in December 2010 Nohl together with Sylvain Munaut demonstrated how mobile calls can be cut and decrypted with the help of converted cheap mobile phones and the open source software OsmocomBB 17 The pair showed that the GSM encryption can be cracked in about 20 seconds and that calls can be recorded and played back 18 19 GPRS security Edit At Chaos Communication Camp 2011 Nohl and Luca Melette gave a presentation showing how GPRS networks do not securely encrypt their mobile traffic 20 The pair stated that they had recorded data transmissions in the networks of several German mobile providers including Deutsche Telekom O2 Germany Vodafone and E Plus 2 Several mobile service providers used either no or only insufficient encryption With a modified mobile phone mobile traffic could be read from within a radius of five kilometers 2 SIM card DES hack Edit At both Black Hat 2013 and OHM 2013 Nohl demonstrated that many SIM cards use the outdated and insecure DES encryption undermining the privacy and security of mobile phone users 21 22 23 Through Over The Air OTA communication such as SMS messages it is possible to provide a SIM card with updates applications or new encryption keys Such messages are digitally signed with DES 3DES or AES 22 23 Nohl generated a Rainbow Table for 56 bit DES within a year based a on specially signed error message with known plain text 22 23 The resulting attack scenario an attacker sends the victim a signed text message 22 23 With the help of the Rainbow Table it is then possible to crack the DES key of a SIM card in minutes and crack the internal key Known Plaintext Attack 21 22 This allows an attacker to send a signed SMS which in turn loads a Java app onto the SIM card These apps are capable of multiple actions including sending SMS or sharing the location of the device An attacker could for example command a device to send SMS messages to foreign premium services at the cost of the device owner 22 23 In principle the Java Virtual Machine should make sure that every Java app can only access predefined interfaces 23 Nohl found that the Java sandbox implementations of at least two major SIM card manufacturers including market leader Gemalto are insecure and it is possible for a Java app to escape the sandbox environment and thus gain access to the entire SIM card 23 This makes it possible to duplicate SIM cards including the IMSI authentication key Ki and payment information stored on the card 23 GSM security map and SnoopSnitch Edit At the 30C3 in December 2013 Nohl introduced the Android app GSMmap Initially designed for use on a Galaxy S2 or S3 including root access the app collects information on the level a mobile network secures its traffic The collected data can be uploaded with the app user s consent to a database that evaluates the security of mobile networks worldwide based on selected protection capability criteria The results of this analysis are displayed on the GSM Security Map website where the security level of mobile providers are visualized on an interactive world map and made available for download as country reports At the 31C3 in December 2014 Nohl presented the Android app SnoopSnitch as a possible countermeasure against various mobile network security attacks On various smartphones models with Qualcomm chipset and root access mobile network traffic can be collected and analyzed locally with SnoopSnitch where the app gives the user information about the encryption and authentication algorithm being used by the network the possibility for SMS and SS7 attacks as well as the potential presence of IMSI catchers The data collected via SnoopSnitch can also be uploaded with the user s consent to a database to support additional security analysis which is shared on the GSM Security Map website SS7 hacking Edit Also at the 31C3 Nohl presented a side channel attack using Signaling System 7 SS7 on UMTS communication and described other SS7 based attacks that can allow the reading of text messages the determination of location coordinates and various scenarios for fraud Android patching Edit In April 2018 Nohl presented on security in the mobile Android environment 24 Nohl and his colleagues analyzed Android firmware images from various smartphone vendors In some cases a so called patch gap was found where vendors had not applied all security patches that otherwise should have been present based on the monthly patch level date specified in the firmware Nohl released an updated version of the open source Snoopsnitch app with new features to allow users to run tests on their Android phones to check for a patch gap on their device 25 Security of payment and booking systems Edit Attacks on the Electronic Cash protocol Edit At the 32C3 Nohl and colleagues presented an attack on the EC card protocols ZVT and Poseidon which are a dialect of ISO 8583 26 27 Both protocols are the most common payment protocols in German speaking countries Security gaps in travel booking systems Edit At the 33C3 Nohl and colleagues highlighted security holes in Amadeus Sabre and Travelport three of the largest Global Distribution Systems GDS which combined handle approximately 90 of worldwide flight reservations and a large proportion of hotel car rental and other travel bookings 28 IT security research Edit BadUSB Edit At Black Hat 2014 Nohl and Jacob Lell presented on security risks associated with USB devices 29 30 31 32 The USB standard is versatile and includes many different classes of devices 31 Their research is based on the reprogramming of USB controller chips which are widely used and found in USB sticks 31 There is no effective protection against reprogramming so a harmless USB device can be converted and used as a malicious device in many ways 31 Possible scenarios for abuse include A USB device can emulate a keyboard and issue commands on behalf of the logged in user to install malware on their computer malware which would also infect other USB devices connected 31 A USB device can pretend to be a network card change the computer s DNS setting and redirect traffic 31 A modified USB stick or a USB hard drive can load a small virus during the boot process which infects the operating system before booting 31 Preventing such attacks is not yet possible because malware scanners have no access to the firmware version of USB devices and behavior detection is difficult 31 USB firewalls that can block only certain device classes do not yet exist 31 The usual process to remove malware reinstalling the operating system fails here because the USB stick that installs the operating systems may itself already be infected as well as a built in webcam or other USB devices 31 In addition a proof of concept for Android devices was released to test the security 31 References Edit a b Goebbels Teresa August 11 2011 GPRS Hacker Karsten Nohl Der perfekte Verbrecher stern de in German a b c Bachfeld Daniel August 10 2011 GPRS Verbindungen leicht abhorbar heise online in German a b c d Karsten Nohl CV PDF Archived from the original PDF on 2019 12 06 Retrieved 2019 05 10 a b Karsten Nohl Linkedin Retrieved May 9 2019 Impressum der Security Research Labs GmbH SRLABS Archived from the original on March 4 2016 Press Release Lost Mifare obscurity raises concerns over security of OV Chipkaart January 8 2008 Retrieved August 11 2011 24C3 Mifare Retrieved August 11 2011 24C3 Mifare Retrieved August 11 2011 Legic Prime Obscurity in Depth media ccc de December 28 2009 Retrieved May 9 2019 Schedule SIGINT 2013 July 5 2013 Archived from the original on December 31 2014 deDECTed org Archived from the original on October 27 2010 Retrieved May 9 2019 Krempl Stefan December 30 2008 25C3 Schwere Sicherheitslucken beim Schnurlos Telefonieren mit DECT update heise online in German Retrieved May 9 2019 Bachfeld Daniel April 26 2010 Kryptanalyse der DECT Verschlusselung Heise Online in German Retrieved May 9 2019 a b Bachfeld Daniel August 26 2009 Open Source Projekt geht GSM an den Kragen Heise Online in German Retrieved May 9 2019 26C3 GSM SRSLY Retrieved August 11 2011 Hochstatter Christoph H Nusca Andrew December 29 2009 26C3 Deutscher Hacker knackt GSM Verschlusselung ZDNet in German Retrieved August 11 2011 27C3 Wideband GSM Sniffing media ccc de Chaos Computer Club December 28 2010 Retrieved August 11 2011 Krempl Stefan December 28 2010 27C3 Abhoren von GSM Handys weiter erleichtert heise online in German Retrieved August 11 2011 27C3 Wideband GSM Sniffing December 28 2010 Retrieved August 11 2011 Camp 2011 GPRS Intercept August 10 2011 Retrieved May 9 2019 a b Kirsch Christian July 21 2013 ITU warnt vor Gefahr durch SIM Karten Hack heise Security in German Retrieved May 9 2019 a b c d e f Schmidt Jurgen July 21 2013 DES Hack exponiert Millionen SIM Karten heise Security in German Retrieved May 9 2019 a b c d e f g h Rooting SIM cards Security Research Labs Retrieved July 9 2014 Uncovering the Android Patch Gap Hack in the Box 2018 April 28 2018 Retrieved April 16 2019 a href Template Cite web html title Template Cite web cite web a CS1 maint location link SnoopSnitch Retrieved May 9 2019 Outdated payment protocols expose customers and merchants Security Research Labs Retrieved December 29 2015 Beuth Patrick December 22 2015 EC Karten Sicherheitsforscher hacken das EC Bezahlsystem Zeit Online in German Retrieved December 29 2015 Legacy booking systems disclose travelers private information Security Research Labs Retrieved March 29 2018 BadUSB On Accessories that Turn Evil by Karsten Nohl Jakob Lell Black Hat August 11 2014 Retrieved September 15 2014 Black Hat USA 2014 Retrieved September 15 2014 a b c d e f g h i j k Turning USB peripherals into BadUSB Security Research Labs Archived from the original on April 18 2016 Retrieved July 14 2015 Beuth Patrick July 31 2014 Jedes USB Gerat kann zur Waffe werden Die Zeit in German Retrieved September 15 2014 External links EditSecurity Research Labs GSM Security Map Snoopsnitch An Android app for analyzing mobile traffic data Gives the user information about the encryption and authentication algorithm SMS and SS7 attacks and IMSI catcher Retrieved from https en wikipedia org w index php title Karsten Nohl amp oldid 1180100792, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.