Don A. Bailey (Security Consultant, iSEC Partners)

Presentation Title I’m Going Hunting. I’m the Hunter.
Presentation Abstract

Recently, a spotlight has been focused on location information and how accessible it is via attacks against smart phones and the global GSM network. But, what about devices whose intent is solely to track an individual or a physical asset? How can these devices be attacked and impersonated?

The presenter will reveal how common consumer focused assisted GPS (A-GPS) devices can be manipulated into sending a malicious individual location data and subscriber related information that should only be accessible to the device’s owner and the manufacturer. The techniques used to obtain this information bypass the manufacturer’s security controls, allowing the attacker to obtain this information in a stealthy fashion. The subscriber does not know that this information is being obtained, and there is no record or log of the request.

Next, techniques will be uncovered that demonstrate how to forge location requests. In other words, the presenter will demonstrate how to spoof a moving object. Since these devices are often used to protect vehicles and uncover theft of goods on a particular vehicle, an attacker could impersonate the real route of a commercial vehicle while in reality driving in the opposite direction.

Finally, the presenter will demonstrate methods used to hunt down these devices on the telephone network, making almost any A-GPS device susceptible to potential data interception. The presenter will wrap the talk up by detailing how these devices can be uncovered in an immediate vicinity using a USRP and the GSM network. Along the way, tools will be unveiled that implement the aforementioned attacks and a demo will be provided to show how each attack works.

About Don A. Bailey

Don A. Bailey is a Security Consultant with iSEC Partners, Inc. With over six years in the field, Don has discovered many unknown security vulnerabilities in well used software, analyzed new and proprietary protocols for design and implementation flaws, and helped design and integrate security solutions for up and coming internet software.

While Don’s primary expertise is in developing exploit technology, he is also well versed at reverse engineering, fuzzing, enterprise programming, binary analysis, root kit detection and design, and network penetration testing. In addition, Don has helped develop and enhance risk management programs for several Fortune 500 companies in recent years and has been invited to speak about risk management from a CISO perspective at government organized conferences.

For the past five years, Don has presented research at several international security conferences discussing topics such as stealth root-kit design, zero-day exploit technology, DECT, GSM, and microcontroller security. Most recently, Don spoke at Blackhat Abu Dhabi 2010 and ToorCon San Diego 2010 regarding vulnerabilities in the global telephone network and the GSM protocol.