Security of cell phone networks

Status
Not open for further replies.
D

Drew99GT

Joined
Oct 11, 2002
Messages
22,216
Location
Colorado Springs
How secure are cell phone networks, specifically for data? I'm thinking about using my LG Vortex Android phone to do mobile banking and more specifically, mobile stock trading. Are the data connections over cell phone networks as secure as a regular internet connection? Is it all encrypted? I read that a hacker recently hacked the cell phone encryption! I'd most likely be using Fidelity's Android App and I can't find out if it uses HTTPS to encrypt data. I'm assuming HTTPS on the phone browser is the same as on a regular computer and internet connection?

Would getting a VPN service for my phone make the data connection completely encrypted? I've read the VPNs for cell phones only work if you're on a WIFI connection but it doesn't work for the actual cell phone network?

Thanks for any help guys. I've tried researching this stuff but haven't really found concrete answers.
 
How would you see the "https" in your browser?

What if someone set up their own cell tower and intercepted everything? The govt does it to spy on el queda (and us).

I like a banking site that shows me a challenge photo every time I half log in, so I know I haven't been side tracked.

You could as easily have someone snooping over your shoulder while you enter your password.
 
Originally Posted By: eljefino
How would you see the "https" in your browser?

What if someone set up their own cell tower and intercepted everything? The govt does it to spy on el queda (and us).

I like a banking site that shows me a challenge photo every time I half log in, so I know I haven't been side tracked.

You could as easily have someone snooping over your shoulder while you enter your password.


That challenge photo is to prevent you from locking out someone else's account because you mistyped the account number.

On my iPhone I can see the URL and if it is https. On an app I did a cursory search and couldn't confirm if it was truly secure with SSL or what not.
 
It shouldn't matter how secure the cell network's encryption is for that purpose. One way or the other, you're transferring your data over a public network.

Either you have end to end encryption or you don't. Fidelity Investments should be easily able to answer questions about how secure their app. is or isn't.
 
Use HTTPS if you can. A lot of sites with any secure data do already anyhow. That ensures end to end encryption of some hardened level. The cell networks themselves often don't encrypt anything. Due to the nature of a time-division multiplexed signal, the complexity of it is so high its just assumed to be safe, as tapping it would require thousands of thousands of dollars of highly specialized equipment.

And if that happens, you won't stop them from tapping your data. Use HTTPS. Even that can technically be cracked, but it is a lot tricker often.
 
If you are using https, if I understand correctly, only encrypted information leaves your browser over the TCP/IP stack.

So someone who could get your data would have to crack the encryption to see what you are sending and receiving.
 
Originally Posted By: javacontour
If you are using https, if I understand correctly, only encrypted information leaves your browser over the TCP/IP stack.

So someone who could get your data would have to crack the encryption to see what you are sending and receiving.



OK, so that would mean the HTTPS encryption would be encrypted over the cell phone network as it goes from the phone, through the cell network, and on to the internet(s)?

I did find out that the Fidelity app does use HTTPS encryption.

Thanks for the help and info guys.
 
Yes.

Cell phone networks are no more and no less secure than traditional wired internet. (Well ok, anyone can scan the airways, fewer can access the wires.)

It's what done end-to-end that makes the transaction more or less secure.

E-mail and regular http are like writing something on a post card and sending it.

Traditional internet may only expose such traffic to those who operate the infrastructure. Any wireless means allows anyone who can pick up the broadcast to see your post card.

Sending it via https encrypts the postcard. The same folks can still see it, but unless they go to great lengths, they probably cannot make out your encrypted message.

The bigger concern I see is not with the internet medium, but the security at each end of the communication. How secure is your device and how secure are the brokers computers.

Because it doesn't matter how securely the information travels if it's compromised at one end or the other.

I suspect it's the end points that are targeted because from the server side, the payoff is more information for those attempting to steal information.
 
The wireless communication's security is the last thing you need to worry about (other than someone using your wireless account with a hacked phone and ring up some long distance bill).

Like yonyon and java said, after the signal reach the tower, it has to travel on a public network and therefore anything need security needs end to end encryption like https.

I'd be more concern about the phone's OS and the server's security. There was a news article in Hong Kong that some of the new Samsung phones got an infection that will overlay a haunted spirit pattern on photos taken. Imagine what they can do to your finance if the same loophole is applied.
 
Status
Not open for further replies.

Similar threads

PandaBear
VPN tunnel between 2 homes over the internet, what kind of equipments?
Replies
16
Views
530
uc50ic4more
1
Switched from T-Mobile to US Mobile
7 8 9
Replies
161
Views
27K
Balsam Bob
OVERKILL
  • Locked
Salt Typhoon hacking group gained access to 9 US telecom company networks
Replies
0
Views
246
OVERKILL
JHZR2
Chromebook Security
2 3
Replies
49
Views
1K
Hall
1 SX
How To: Use a GSM carrier (AT&T/T-mobile) in conjunction with CDMA (Verizon) on i-Phone with e-Sim activation.
Replies
3
Views
3K
PandaBear
Back
Top Bottom