Defcon 15: Hacking EVDO

[King Tuna]’s Hacking EVDO was a popular talk. Things are really just starting on this front. Now that some of the newer cards have unlocked firmware (probably thanks to the need for sofware update EVDO revisions), It’s now possible to edit the firmware. With the door open, people can start mucking around with ESN’s and we’ll probably see some ESN duplication exploits soon.

20 thoughts on “Defcon 15: Hacking EVDO

  1. my “phone as modem plan” with sprint is 39.99 a month for unlimited service. However if you just wanted evdo for your wireless device it is 15.99 a month…but no modem access…
    funny story. i bought a Moto Q from ebay and had it activated. after two weeks the evdo stopped working on the Q but started to work on my RAZR (my original phone). I called sprint about the Q not working but i never mentioned the RAZR to them. After a few days they fixed the Q and the RAZR still has unlimited data service…
    Anybody had this happen to them?

    1. yes. currently. im not sure if they will catch on. surely so. I’ve been getting bolder and bolder as far as not only increaseing data amount, but also the duration. I go through a rural company so things are all haphazardly made to work. almost like they know just enough to be careless.

  2. actually you can get unlimited ev-do for 15.99 with sprint through the data cable on your phone or bluetooth by simply disabling the nai in the hidden settings. look it up, i access internet at 230 kbps off my a900 all the time.

  3. Forrest… evdo REV A is $59/m regardless whether you have a evdo card or not.

    Eliot, long time no talk. EVDO VOIP in rev A is MUCHO better at 80ms than Rev 0 was at stinkin 400ms.

    But heck, even my vonage over PRO DSL still sounds crappy at times. Eh.

    HSUPA or EVDO Rev B should be perfect. But by that time, we have Wimax on the grid so who knows.

  4. FYI: Here in Slovenia almost every major settlement has HSDPA connection via Mobitel provider and it flies with full 3.6Mbit/sec. Monthy fee for 1GB limit is 21 euros.

  5. Wait…when did EVDO become a subscription service? With my verizon phones (I have 4 different phones on a family share), all of them have EVDO coverage and it doesnt cost a thing. I think the subscription service you guys are talking about is VCast, at least, thats what verizon calls it, I dont know what Sprint calls their service. But then, I could be wrong.

  6. There was no information. The presentation was “We’ve found an EVDO card that has unlocked firmware. We can do cool stuff like change ESN’s using QPST, but it’s a felony. We don’t know what all we can do and would like your help. Come to the vendor area and buy some EVDO cards.

    The only valuable piece of information was this:
    Assuming you have an EVDO phone with an EVDO plan, you can read the ESN from your phone using QPST, then write that ESN to your unlocked EVDO laptop card and have free 300-700kbps internet on your laptop as long as your phone is off. If Verizon sees your ESN coming from two devices simultaneously, you’re in deep shit (that whole felony thing).

    There ya go – King Tuna’s 50 minute presentation in 1 minute.

  7. can somebody please help me out? I have an EVDO which I use in browsing, though it is linked with a CDMA network in my country, which I have to subscribe to every month before gaining access.

    I would like to get a crack that I can use in breaking into the EVDO, so that I would be able to brwose with the EVDO without subscribing every month.

    I would be glad if any one can get this for me.

