How to Fend Off a SIM-card Attack on Your Cell Phone: Kevin Lee, Princeton University

November 09, 2021 00:33:27
How to Fend Off a SIM-card Attack on Your Cell Phone: Kevin Lee, Princeton University
Cookies: Tech Security & Privacy
How to Fend Off a SIM-card Attack on Your Cell Phone: Kevin Lee, Princeton University

Show Notes

Kevin Lee recently co-wrote a fascinating study about how easy it is for an attacker to gain control of another person’s cell phone. From there, the attacker can use the phone’s multi-factor authentication tool – usually a security code provided over a text message -- to do all kinds of damage, including making unauthorized purchases. As part of the study, his research team managed to fool five wireless carriers, including Verizon Wireless, AT&T and T-Mobile, into moving a customer’s account to a different phone’s SIM card without their permission. He’s a doctoral student in computer science at Princeton, affiliated with the Center for Information Technology Policy. 

Episode Transcript

No transcript available...

Other Episodes

Episode 3

September 22, 2020 00:26:09

Bulletproofing the Ballot Box: Andrew Appel, Eugene Higgins Professor of Computer Science, Princeton University

There’s been a lot of anxiety lately about the security of the American balloting infrastructure, but Andrew Appel has been thinking about this question for years. He has research specialties in public policy and security and privacy. He’s a well-known specialist in election technology who is often quoted in the media, and has served as an expert witness on the subject before government committees. He’s famous for having once shown how easy it was to reprogram a popular voting machine to play Pac-Man. In this episode, he discusses how the pandemic has scrambled the situation for the 2020 general election, and how Americans might feel confident with the result of an election held largely by mail. He talks about which in-person voting machines are more secure than others. And he discusses the perils of Internet voting. ...


Episode 1

September 15, 2020 00:25:44

How Consumer Tech Can Manipulate You (and Take Your Data): Arvind Narayanan, associate professor of computer science, Princeton University, Part One (premiere episode)

While we're using electronic gadgets, apps, platforms and websites, they are often using us as well, including tracking our personal data. The premiere episode of our new podcast features Arvind Narayanan, associate professor of computer science here at the Princeton University School of Engineering and Applied Science. He is a widely recognized expert in the area of information privacy and fairness in machine learning. This conversation was so good, we split it into two episodes. This is the first half of our conversation.   In this half, he discusses “cross-device tracking,” in which one electronic device (say, your work laptop) sends you ads based on your browsing activity on another device (say, your mobile phone). He talks about which web browsers are more likely to allow third-party trackers to record your activity. And he talks about steps you can take to protect yourself against these trackers.   ...


Episode 8

November 23, 2021 00:26:04

Those Pesky Privacy Policies: Lorrie Cranor, Carnegie Mellon University

Does anyone actually read privacy policies? What's in them, and why can't we usually understand them? On our second season finale, we’ll talk with Professor Lorrie Cranor, director of the CyLab Usable Privacy and Security Laboratory at Carnegie-Mellon University. The lab brings together more than 100 faculty from across campus to study security and privacy and help shape public policy in those areas. One of her specialties is how humans interact with security and privacy technologies, to make sure the mechanisms we build are not just secure in theory, but are actually things that we can use. Her TED Talk about password security has been viewed more than 1.5 million times. But today, we’ll talk about another pesky aspect of our digital lives – privacy policies, those mysterious terms and conditions we sign off on – often without reading them -- before we can use an app on our smartphone or laptop.  ...