5Ghoul: The 14 Shambling 5G Flaws Used For Disruptive Attacks On Smartphones

December 13, 2023 by 5 Comments

A team of researchers from the ASSET Research Group in Singapore have published the details of a collection of vulnerabilities in the fifth generation mobile communication system (5G) used with smartphones and many other devices. These fourteen vulnerabilities are detailed in this paper and a PoC detailing an attack using a software defined radio (SDR) is provided on GitHub. The core of the PoC attack involves creating a malicious 5G base station (gNB), which nearby 5G modems will seek to communicate with, only for these vulnerabilities to be exploited, to the point where a hard reset (e.g. removal of SIM card) of the affected device may be required.

Hardware Setup for 5Ghoul PoC testing and fuzzer evaluation. (Credit: Matheus E. Garbelini et al., 2023)
Hardware Setup for 5Ghoul PoC testing and fuzzer evaluation. (Credit: Matheus E. Garbelini et al., 2023)

Another attack mode seeks to downgrade the target device’s wireless connection, effectively denying the connection to a 5G network and forcing them to connect to an alternative network (2G, 3G, 4G, etc.). Based on the affected 5G modems, the researchers estimate that about 714 smartphone models are at risk of these attacks. Naturally, not just smartphones use these 5G modem chipsets, but also various wireless routers, IoT devices, IP cameras and so on, all of which require the software these modems to be patched.

Most of the vulnerabilities concern the radio resource control (RCC) procedure, caused by flaws in the modem firmware. Android smartphones (where supported) should receive patches for 5Ghoul later this month, but when iPhone devices get patched is still unknown.

First Hacks: The Brand New Nokia 5G Gateway Router

December 27, 2021 by 28 Comments

Aside from being the focus of a series of bizarre conspiracy theories, 5G cellular networks offer the promise of ultra-fast Internet access anywhere within their range. To that end there are a new breed of devices designed to provide home broadband using 5G as a backhaul. It’s one of these, a Nokia Fastmile, that [Eddie Zhang] received, and he’s found it to be an interesting teardown and investigation. Spoiler: it runs Android and has exploitable bugs.

A privilege escalation bug in the web administration tool led to gaining the ability to export and modify configuration files, but sadly though a telnet prompt can be opened it’s not much use without the password. Uncovering some blocked-off ports on the base of the unit revealed a USB-C port, which was found to connect to an Android device. Via ADB a shell could be opened on Android, but on further  investigation it was found that the Fastmile is not a single device but two separate ones. Inside is a PCB with an Android 5G phone to handle the connection, and another with a completely separate home router.

With access to the Android side and a login prompt on the router side that was as far as he was prepared to go without risking bricking his Fastmile. It only remained to do a teardown, which reveals the separate PCBs with their own heatsinks, and an impressive antenna array. Perhaps these devices will in time become as ubiquitous as old routers, and we’ll see them fully laid bare.

It’s a shame that we’ve had to write more about the conspiracy theories surrounding 5G than real 5G devices, but maybe we’ll see more teardowns like this one to make up for it.

Don’t Worry, This Box Will Protect You From 5G!

May 21, 2020 by 128 Comments

As part of an investigation into opposition to 5G mobile phone networks in the English town of Glastonbury the BBC reporter [Rory Cellan-Jones] shared details of a so-called 5G protection device that was advertised as casting a bubble of 5G-free space around its owner. This set [The Quackometer] writing, because as part of his probing into the world of snake-oil, he’s bought just such a unit and subjected it to a teardown.

What he has is a plastic project box with a graphic on top, a switch and green LED on the side, and a battery compartment on its rear. Opening the battery compartment reveals a standard 9 V alkaline cell, but the real interest comes when the cover is removed. There is a copper cylinder with a coil of wire round it, though the wires from the coil to the battery have been cut. The active part of the device is simply a battery powering an LED through a switch, as he puts it the device is a £50 ($61) poor quality torch (flashlight). Of more interest is the copper cylinder, which he identifies as a short piece of copper water pipe with two end caps. He doesn’t open it up, leaving us to expect that whatever mystical component deals with the RF must be concealed within it. This is not the usual Hackaday fare, but we know our readers are fascinated by all new technologies and will provide plenty of speculation as to how it might work in the comments.

The BBC story is worth a read to give a little background. If you are a non-Brit and you have heard of Glastonbury it is probably for the famous summer music festival held on a neighbouring farm, but the town is also famous for its connections with Arthurian legend and in recent decades for having become a centre for New Age mysticism. It has also become something of a hotbed of activism against the spread of 5G mobile networks, and has made the news this week because of concerns over the impartiality of a report condemning the technology released by its local government. If you have an interest in the 5G saga then brace yourselves for this document being used to lend a veneer of official credibility.

We’ve spent a while covering 5G issues, and given that some aspects of the story are shaping up to be a gift to technical journalists that keeps on giving, no doubt we’ll bring you more in due course. Devices such as the one featured here could even supplant audiophile products as a source of technical wonderment!

Thanks [Deus Ex Silicium] for the tip.

On 5G And The Fear Of Radiation

April 8, 2020 by 178 Comments

The world around us is a scary place, with a lot of visible and invisible dangers. Some of those invisible dangers are pretty obvious, such as that of an electrical shock from exposed wiring. Some are less obvious, for example the dangers of UV radiation to one’s skin and eyes commonly known, but also heavily underestimated by many until it’s too late. In the US alone, skin cancer ends up affecting about one in every five people.

Perhaps ironically, while the danger from something like UV radiation is often underestimated, other types of electromagnetic radiation are heavily overestimated. All too often, the distinction between what is and isn’t considered to be harmful appears to be made purely on basis of whether it is ‘natural’ radiation or not. The Sun is ‘natural’, ergo UV radiation cannot be harmful, but the EM radiation from a microwave or 5G wireless transceiver is human-made, and therefore harmful. This is, of course, backwards.

Rather than dismissing such irrational fears of radiation, let’s have a look at both the science behind radiation and the way humans classify ‘danger’, such as in the case of 5G cell towers. Continue reading “On 5G And The Fear Of Radiation”

5G Is For Robots

October 30, 2019 by 45 Comments

Ecclesiastes 1:9 reads “What has been will be again, what has done will be done again; there is nothing new under the sun.” Or in other words, 5G is mostly marketing nonsense; like 4G, 3G, and 2G was before it. Let’s not forget LTE, 4G LTE, Advance 4G, and Edge.

Just a normal everyday antenna array in a Seattle parking garage.

Technically, 5G means that providers could, if they wanted to, install some EHF antennas; the same kind we’ve been using forever to do point to point microwave internet in cities. These frequencies are too lazy to pass through a wall, so we’d have to install these antennas in a grid at ground level. The promised result is that we’ll all get slightly lower latency tiered internet connections that won’t live up to the hype at all. From a customer perspective, about the only thing it will do is let us hit the 8Gb ceiling twice as faster on our “unlimited” plans before they throttle us. It might be nice on a laptop, but it would be a historically ridiculous assumption that Verizon is going to let us tether devices to their shiny new network without charging us a million Yen for the privilege.

So, what’s the deal? From a practical standpoint we’ve already maxed out what a phone needs. For example, here’s a dirty secret of the phone world: you can’t tell the difference between 1080p and 720p video on a tiny screen. I know of more than one company where the 1080p on their app really means 640 or 720 displayed on the device and 1080p is recorded on the cloud somewhere for download. Not a single user has noticed or complained. Oh, maybe if you’re looking hard you can feel that one picture is sharper than the other, but past that what are you doing? Likewise, what’s the point of 60fps 8k video on a phone? Or even a laptop for that matter?

Are we really going to max out a mobile webpage? Since our device’s ability to present information exceeds our ability to process it, is there a theoretical maximum to the size of an app? Even if we had Gbit internet to every phone in the world, from a user standpoint it would be a marginal improvement at best. Unless you’re a professional mobile game player (is that a thing yet?) latency is meaningless to you. The buffer buffs the experience until it shines.

So why should we care about billion dollar corporations racing to have the best network for sending low resolution advertising gifs to our disctracto cubes? Because 5G is for robots.

Continue reading “5G Is For Robots”

5G Power Usage Is Making Phones Overheat In Warm Weather

July 21, 2019 by 52 Comments

As reported by ExtremeTech, the brand new 5G network is running into a major snag with mobile devices as Qualcomm 5G modems literally cannot handle the heat. After just a few minutes of use they’re going into thermal shutdown and falling back to measly 4G data rates. Reports by both PCMag and the Wall Street Journal (paywall) suggest that 5G-enabled phones consistently see problems when used in environments where temperatures hit or exceed 29.5 °C (85.1 °F).

The apparent cause is the increased power draw required by current 5G modems which make heavy use of beam forming and other advanced technologies to increase reception and perform processing on the received data. Unlike 4G and older technologies, 5G needs to have multiple antennas (three or more) to keep a signal, especially when you grab your shiny new smartphone with your millimeter-wave blocking hands.

The spin-off from all of this seems to be that perhaps 5G technology isn’t ready for prime-time, or that perhaps our phones need to have bigger batteries and liquid cooling to keep the 5G modem in it happy. Anyone up for modding a liquid cooling loop and (tiny) radiator into their phone?

How 5G Is Likely To Put Weather Forecasting At Risk

April 16, 2019 by 90 Comments

If the great Samuel Clemens were alive today, he might modify the famous meteorological quip often attributed to him to read, “Everyone complains about weather forecasts, but I can’t for the life of me see why!” In his day, weather forecasting was as much guesswork as anything else, reading the clouds and the winds to see what was likely to happen in the next few hours, and being wrong as often as right. Telegraphy and better instrumentation made forecasting more scientific and improved accuracy steadily over the decades, to the point where we now enjoy 10-day forecasts that are at least good for planning purposes and three-day outlooks that are right about 90% of the time.

What made this increase in accuracy possible is supercomputers running sophisticated weather modeling software. But models are only as good as the raw data that they use as input, and increasingly that data comes from on high. A constellation of satellites with extremely sensitive sensors watches the planet, detecting changes in winds and water vapor in near real-time. But if the people tasked with running these systems are to be believed, the quality of that data faces a mortal threat from an unlikely foe: the rollout of 5G cellular networks.

Continue reading “How 5G Is Likely To Put Weather Forecasting At Risk”