The Athens Affair

@article{Prevelakis2007TheAA,
  title={The Athens Affair},
  author={Vassilis Prevelakis and Diomidis D. Spinellis},
  journal={IEEE Spectrum},
  year={2007},
  volume={44},
  pages={26-33}
}
How some extremely smart hackers pulled off the most audacious cell-network break-in ever. On 9 march 2005, a 38-year-old Greek electrical engineer named Costas Tsalikidis was found hanged in his Athens loft apartment, an apparent suicide. It would prove to be merely the first public news of a scandal that would roil Greece for months. The next day, the prime minister of Greece was told that his cellphone was being bugged, as were those of the mayor of Athens and at least 100 other high-ranking… 

Can they hear me now?: a security analysis of law enforcement wiretaps

It is demonstrated that the standard CALEA interfaces are vulnerable to a range of unilateral attacks by the intercept target, and stop-gap mitigation strategies are identified that partially mitigate some of the identified attacks.

The real security issues of the iPhone case

Rather than rely on out-of-date approaches to law enforcement, the FBI must develop 21st-century investigative capability and strengthen smartphones' security provided by encrypted communications is counterproductive to long-term security.

Securing the next generation mobile network

A cooperative NGMN security architecture is proposed in this paper that identifies and isolates/eliminates security attacks and utilizes an anomaly-based attack detection mechanism.

A new approach to internet banking

A proposal for a more robust defence system which uses a small security device to create a trusted path to the customer, rather than depend upon trusting the customer’s computer, is proposed and how successful it is likely to be in practice is evaluated.

Bugs in our Pockets: The Risks of Client-Side Scanning

It is argued that CSS neither guarantees efficacious crime prevention nor prevents surveillance, and by its nature creates serious security and privacy risks for all society while the assistance it can provide for law enforcement is at best problematic.

User-targeted Denial-of-Service Attacks in LTE Mobile Networks

A case study of how a targeted user connected to an LTE network provider could be denied SMS and voice services therefore denying 2-factor authentication and a analysis of the 3GPP LTE standard specifications that allow such attacks.

Anonymous device authorization for cellular networks

A provably-secure anonymous proof of blocklist non-membership for cellular network is described, based on the RSA accumulators and zero-knowledge proofs introduced by Camenisch and Lysyanskaya and expanded upon by Li, Li and Xue.

Sending Out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways

From this data, a range of services sending extremely sensitive plaintext data and implementing low entropy solutions for one-use codes are identified, and insights into the prevalence of SMS spam and behaviors indicating that public gateways are primarily used for evading account creation policies that require verified phone numbers are offered.
...