THE LAW OF MOBILE HACKING - Black Hat Briefings · THE LAW OF MOBILE HACKING JENNIFER STISA GRANICK...

Preview:

Click to see full reader

Citation preview

THE LAW OF MOBILE HACKING

JENNIFER STISA GRANICK ZWILLGEN PLLC

JENNIFER@ZWILLGEN.COM WWW.ZWILLGENBLOG.COM

@GRANICK ON TWITTER

AUGUST 4, 2011

»  Installing Code on the Phone

»  Studying Malware Distribution

»  SMS Trojans/SPAM

»  Spoofing the Base Station

»  Hacking Other Peripherals

»  Hacking your Work Phone

»  Listening to Calls, Reading SMSs

»  Location Tracking

»  Securing from Law Enforcement Access

MOBILE SECURITY AND LEGAL ISSUES

INSTALLING CODE LOCKED PHONES (e.g. iPHONE) DON’T ALLOW CODE INSTALLATION

‒  SDK LICENCE

‒  EULA

‒  TECHNOLOGICAL RESTRICTIONS

ANTI-CIRCUMVENTION PROVISIONS ‒  ACTS OF CIRCUMVENTION

‒  TRAFFICKING IN CIRCUMVENTION DEVICES

COPYRIGHT OFFICE RULEMAKING: ‒  INTEROPERABILITY WITH COMPUTER PROGRAMS TO RUN ON THE

HANDSET

STUDYING MALWARE LIMITED DISTRIBUTORS APP STORE/MARKETPLACE: REVERSE ENGINEERING PROHIBITED

APP LICENSE MAY HAVE A NO REVERSE ENGINEERING TERM

TECHNIQUES FOR DOING THE RESEARCH ‒  AVOID AGREEING TO THE EULA

‒  USE A NON-INFRINGING COPY

‒  DESTROY COPY WHEN RESEARCH DONE

‒  CLEAN ROOM

SMS TROJANS

CAN SPAM ACT OF 2003

THE COMPUTER FRAUD AND ABUSE ACT (18 U.S.C. 1030)

TELEMARKETING CONSUMER FRAUD AND ABUSE PREVENTION ACT (15 U.S.C. 1601-1608)

TELEPHONE CONSUMER PROTECTION ACT (47 U.S.C. 227)

FEDERAL TRADE COMMISSION'S AMENDED TELEMARKETING SALES RULE

BASESTATION SPOOFING (SEE, E.G. CHRIS PAGET’S IMSI CATCHER FROM 2010)

FCC REGULATIONS RE: Licensed frequencies

CALL INTERCEPTION: WIRETAP ACT

TRAFFIC INTERCEPTION: PEN REGISTER/TRAP AND TRACE

NETWORK IMPERSONATION

HACKING PERIPHIALS SECURITY CAMERAS, TRAFFIC CONTROL SYSTEMS, HOME AUTOMATION SYSTEMS CONTROLLABLE OVER THE PHONE

NETWORK

UNAUTHORIZED ACCESS: ‒  ARE THEY COMPUTERS?

‒  REQUISITE DAMAGE, LOSS?

HACKING YOUR OWN PHONE EMPLOYMENT AGREEMENT

NON-DISCLOSURE AGREEMENT

TRADE SECRET MISAPPROPRIATION

CFAA?

LISTENING TO CALLS READING SMS

INTERCEPTION OF CONTENT

ACCESSING STORED CONTENT

WHAT IS STORED?

WHAT IS ELECTRONIC STORAGE?

SERVICE PROVIDER EXCEPTIONS

LOCATION TRACKING NEWS OF THE WORLD-STYLE

SOMETIMES, TRANSACTIONAL DATA IS CONTENT ‒  WIRETAPPING OR PEN/TRAP?

GPS TRACKING

STALKING

INTRUSION INTO SECLUSION

OTHER PRIVACY TORTS?

GOVERNMENT ACCESS

CELL TOWER TRIANGULATION AND ECPA

GPS TRACKING, FOURTH AMENDMENT, LEAHY BILL

ECPA STATUS OF SMS MESSAGES: QUON V. ARCH WIRELESS

SEARCH INCIDENT TO ARREST

BORDER SEARCHES

Please turn in your completed feedback form at the

registration desk.

JENNIFER STISA GRANICK ZWILLGEN PLLC

JENNIFER@ZWILLGEN.COM WWW.ZWILLGENBLOG.COM

@GRANICK ON TWITTER

Recommended

Hacking Google AdWords - DEF CON® Hacking … · Hacking Google AdWords ... • Use general Google hacking techniques • Bust anyone who is “Google hacking”! Other Interesting
Documents
Hacking for Dummies - index-of.co.ukindex-of.co.uk/Hacking/Hacking For Dummies/Hacking For Dummies 5.pdf · Hacking for Dummies (Access to other peoples systems made simple – &
Documents
BlackHat Hacking - Hacking VoIP
Internet
Hacking Rapid Share Complete Hacking Process
Documents
JENNIFER STISA GRANICK (SBN 168423)cyberlaw.stanford.edu/files/publication/files/2018-03-26.ECF_.copy_.Petitioners...Mar 26, 2018  · MISC. CASE NO.: 16-mc-80206-KAW PETITIONERS’
Documents
A Hacking Atlas: Holistic Hacking in the Urban Theater€¦ · of hacking and holistic hacking, and hacking spaces (and seven types of hacking spaces, each described below) are introduced
Documents
JENNIFER STISA GRANICK (SBN 168423) RIANA … Technologists Apple Brief Final.pdf1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 JENNIFER STISA GRANICK (SBN
Documents
HACKING AUTHENTICATION CHECKS IN WEB … · INDEX •Hacking Authentication Checks in Web Applications Hacking Application Designs Hacking J2EE Container Managed Authentication Hacking
Documents
Granick D. the Ministry as Maximising Unit in Soviet Industry
Documents
JENNIFER STISA GRANICK (SBN 168423) RIANA … Technologists Apple Brief...the execution of a search warrant on a black lexus is300, california license plate 35kgd203 ed no. cm 16-10
Documents
Hacking Rapidshare Complete Hacking Process
Documents
HACKING AND WAYS TO PREVENT HACKING
Documents
What is hacking | Types of Hacking
Technology
Computer Crime Year In Review - DEF CON · Computer Crime Year In Review: MySpace, MBTA, Boston College and More Jennifer Stisa Granick, EFF Civil Liberties Director Kurt Opsahl,
Documents
Hacking / Hacking Exposed 6: Network Security Secrets ...media.techtarget.com/searchMidmarketSecurity/downloads/Hacking_exposed... · Hacking / Hacking Exposed 6: Network Security
Documents
Ethical Hacking and Countermeasures - Varutra · Hacking Concepts o Hacking vs. Ethical Hacking o Effects of Hacking on Business o Who Is a Hacker? o Hacker Classes ... Ethical Hacking
Documents
Hacking Rural Medicine - Hacking 101
Health & Medicine
Hacker Court Carole Fennelly, Jonathan Klein, Richard Salgado, Jesse Kornblum, Don Cavender, Rebecca Bace, William Tafoya, Richard Thieme, Jennifer Granick,
Documents
Hacking & Ethical Hacking
Documents
A Hacking Atlas: Holistic Hacking in the Urban Theater · 2018-12-05 · of hacking and holistic hacking, and hacking spaces (and seven types of hacking spaces, each described below)
Documents