GSM has been attacked in many different ways in the past years. But regardless of the protocol issues, there are also flaws in the logic of the mobile operators’ services. One may think that finding an issue which affects only one specific operator in some country couldn't affect other operators. However, this is not the case as most of the operators are using the same equipment and have the same implementation of their services in all of the countries as the operator's group prefers to have a uniform service.
This presentation examines different implementation flaws of mobile services which allows you to perform things like accessing someone else's online account, getting free Internet on your mobile device even when roaming, placing free mobile phone calls.
Bogdan Alecu (@msecnet) works as a System Administrator for an IT services company and, during his free time, he is an Independent Security Researcher. He received his BSc in Business Information Systems from the "Alexandru Ioan Cuza" University of Iasi. Bogdan has researched for many years in mobile security, starting with Voice over IP and continuing with GSM. One of his research in the GSM security could allow a potential attacker to perform a remote SMS attack which can force mobile phones to send premium-rate text messages. Bogdan is also a frequent speaker at security conferences like DeepSec, EUSecWest, and DefCamp. For more details about him check http://www.m-sec.net