Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Phreaking Cellular - Misc. :: bam.htm

Bell Atlantic Cellular Phone Weak Encryption



Vulnerability

    Bell Atlantic Cellular Phone encryption

Affected

    Bell Atlantic Cellular Phone (Mobile)

Description

    Kevin Seales found following while experimenting with text  paging
    on cellular  phone from  Bell Atlantic.   It is  said following on
    their web site:

        Bell  Atlantic  Mobile  has  encrypted  your phone number as a
        courtesy, however the  protocol for encryption  is proprietary
        and we cannot guarantee its security. Bell Atlantic Mobile  is
        not responsible for the number or content of messages lost  or
        misdirected  due  to  interruptions  or  fluctuations  in  the
        Internet.

    Kevin found that its not even encrypted, its simply encoded.   Its
    fairly simple and straight forward  so no details, but below  is a
    decoding program.

    #include <stdio.h>

    int main(void)
    {
      char mobile_id[19];

      printf("This program takes the Mobile ID Bell Atlantic gives you to\n");
      printf("put on your web page and decodes it to give you the real phone\n");
      printf("number.\nCoded by Kevin Seales, kevin@drunks.com\n\n");
      printf("Enter Mobile ID Number:  ");
      scanf("%s", &mobile_id);

      printf("The Real Mobile ID Number is: ");
      printf("%c%c%c", mobile_id[19],mobile_id[18],mobile_id[17]);
      printf("-");
      printf("%c%c%c", mobile_id[3],mobile_id[12],mobile_id[14]);
      printf("-");
      printf("%c%c%c%c\n", mobile_id[6],mobile_id[16],mobile_id[8],mobile_id[9]);

    }

Solution

   I don't know, but BA should at least start using encryption.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH