android

BarCamp Yangon

Submitted by tomo on February 26, 2014 - 12:12pm

Skip to:
Sessions
Android vs iOS
Bitcoin
Beercamp
Summary

Size matters. Size doesn't matter.

Yangon, Myanmar holds the largest BarCamp in the world. Or so they say, but who's counting? I can confirm that it's a two day affair, like BarCamp Phnom Penh (where a few of my compatriots were from) and of similar size to Cambodia's main and largest BarCamp. Even our homely one-day BarCamp Saigon is roughly the same in crowd size according to my eyeball count. The number of sessions, at around 160 over two days, is also about the same per day as are the popularity and attendance in the classrooms in which they are held. There were even many sparsely attended talks (such as my own!) But size isn't everything.

Read the rest of this article...

Gone are the days of whistling a 2600 Hz tone into your rotary phone. Or the era of using redboxes to get free calls from payphones - where can you find a payphone anymore nowadays? So where have all the phreakers gone? Who even remembers what phone phreaking means, and what the significance of Cap'n Crunch cereal is?

Vietnam, like many developing countries, is a country where wireless infrastructure, cellular networks and wifi, leapfrogged traditional wired networks: telephone, cable TV. Payphones (or "cardphones" which used prepaid cards since coins were inconsistently minted and still not always accepted as legal tender in Vietnam), which became increasingly common in the late 90s, are nearly extinct in Vietnam now due to mobile phones.

Throughout the world, phone systems have been converted from analog to digital. From a phreaking standpoint, it's easier for the phone companies to secure their systems as they don't need to use in-band methods (using the channel for system operators as what's used by customers) of managing their systems. Even the cellular networks are all digital and encrypted now so you can no longer just snoop in on your neighbor's conversations using a special phone (or clone another user's ESN on the old AMPS networks). Unfortunately, this means there is no tone or sound that you can play into your mobile handset in order to get free calls or anything else.

Nowadays, free long distance calling - for decades the big prize for phreakers - is ubiquitous. PBXs are freely downloadable software that anyone can run. And we don't even need physical phones to make phone calls anymore - we have software phones using Voice over IP (VoIP) which can call the plain old telephone system or simply call other softphones on the Internet.

So what does modern phone phreaking mean?

Answer: VoIP hacking, virtual PBX hacking, voicemail hacking (not really phreaking, just unauthorized access of systems), femtocell hacking for the truly adventurous, and GSM decryption for the cryptos with a lot of computing resources.

Caller ID spoofing

Caller ID is a feature that's in all cell phones, and many land lines also have this ability to see the phone number of the person that's calling you. This is how you know to answer your mother's phone call and ignore your girlfriend's, or the other way around. But did you know you could control what number is seen by the called party?

How? Example: One way is to have a real phone company set your forwarding number, which is a fake origin, and then it will be used as your caller ID value when you call out from your (VoIP) phone. Another way is to route calls through your own PBX (Asterisk).

PBX hacking

Back in the day when PBXs were only affordable to large corporations and getting access to one meant you had great resources available to you like calling out to long distance numbers for free. But now there are cheap and even free open source virtual PBX solutions that run on normal PCs running Linux like Asterisk. And of course these can be hacked. If you're running Asterisk you run the risk of remote hackers DoSing your server or hacking the Linux server that's running Asterisk. Once they're on there they can also have their way with the PBX.

Femtocell hacking

Femtocells are stations that are set up to provide buildings or rural areas which have weak signals with access to cellular networks via internet connections. Subscribers can buy femtocells from their phone companies and set them up themselves - and can even take their femtocell with them to a foreign country (yes!) and have access to their home country's phone network without incurring roaming charges. These femtocells, whose manufacturer varies by telco, may be running Linux and may be hackable (rootable) and if so can be used to eavesdrop on calls and SMSs as well as spoof and use credits from subscribers' accounts without authorization. It's like taking over a cell tower. But not all telcos even offer these for sale and it's not enough for you to just get one from a manufacturer.

GSM encryption cracking

In the old days of cell phones you could easily listen in on calls made around you. But since GSM the call traffic is encrypted from the phone to the cell tower. However, it can be possible to crack weak A5/1 GSM encryption using something called COPACOBANA. Or you could probably use Amazon EC2 to affordably and instantly bring up the enormous CPU resources combined with some rainbow tables needed to crack the cipher. Don't assume that your mobile phone calls are secure.

Voicemail hacking

Voicemail (VMB) hacking isn't that new. And not all phone providers even offer voicemail services on their lines. But for those who do it's often easy to get into another subscriber's mailbox. Spoof your caller ID to look like theirs and often you won't be asked for any passcode to enter your voicemail. Other ways are to guess or social engineer the PIN code which you can then use to access the mailbox. Old voicemail systems used to have default codes which you could use to have fun like creating your own VMBs.

See: http://en.wikipedia.org/wiki/News_International_phone_hacking_scandal

Another kind of hacking: mobile phone rooting and modification

Generally, when I use the word "hacking" above it refers to unauthorized access of systems. But sometimes the system you want to "hack" is your own property. Mobile phones today are powerful computers running advanced software based on open source code. But it doesn't mean that the manufacturers want to give you free reign or access to what's inside. Fortunately, hacker communities exist to find holes in our phones which enable them to be "rooted" after which we can control the software running on them and by controlling the software we can control our hardware.

As always, especially in Vietnam, protect your accounts and privacy when online with an encrypted connection to a VPN.

Attachments: 

Speeding up your slow Android smart phone

Submitted by tomo on October 12, 2012 - 8:10pm

Some time after getting a new phone or after wiping and reinstalling the phone's OS (or upgrading to a new version of Android), the phone starts to bog down and feel laggy compared to before. The hardware is the same (well, maybe the phone's battery has lost some charging capacity but the memory and CPU are still as good as when they were manufactured), so it must be something software-related, right? I mean, this problem happens with Windows PCs too (but not with Linux/OpenBSD...).

Not the thousands of stored SMSs and phone call logs

At first, I thought it might be the thousands of SMSs (and hundreds of phone calls) stored on my phone, which I keep for convenience. On my old Symbian OS Nokia these SMSs would really slow the phone down and so I would have to delete messages every month. But there's no good reason a modern phone can't handle nearly unlimited messages as easily as just a handful. But I gave it a shot, deleting all SMSs (first backing the messages and call logs with SMS Backup & Restore app) and phone calls, but it had no effect.

Not task killers

So then I wondered what mobile apps might be slowing the phone down. There are various task killer apps in the app marketplace and they will help you free up memory. I kinda of wanted to see a more granular view of what resources the various apps were using, like Task Manager or Activity Monitor. So I opened up Terminal Emulator and ran 'top' which doesn't redraw the screen like it would in other terminals, but simply writes out all processes to the screen again on each refresh. So it's slightly harder to understand.

Using an automated task killer is controversial. It's possible that using an automated task killer will confuse Android's memory manager.

Not the version of Android

Upgrading Android. Right after you load a fresh ROM onto your phone it is probably going to be as fast and responsive as it ever will be. Then some months down the line it's running slowly.

Remove widgets, V6 Supercharger your memory mangement, and turn off GPS

Here are the things that do help speed up your Android phone.

1) Remove some widgets and live wallpapers.

2) Advanced users: V6 Supercharger Script

3) In the end I think turning off GPS helped the most. This is likely due to location apps polling your location nearly constantly when it's on.

Syndicate content
© 2010-2014 Saigonist.