Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

cell network security

P

phonewentwest

macrumors regular
Original poster
Jul 11, 2008
112
0
is sending data over the AT&T cell network, or any cell
network, (reasonably) secure? for example logging in
to a bank or credit card site to pay pills and such.
 
phonewentwest said:
is sending data over the AT&T cell network, or any cell
network, (reasonably) secure? for example logging in
to a bank or credit card site to pay pills and such.
Click to expand...

Sending data over any internet connection, wired or wireless, is insecure without encryption.

That said, the reverse is also true: if you're logging into your bank or credit card site and that site uses SSL encryption, then the connection is just as secure as it would be using a wired internet connection.

Bottom line: there is no difference in the (in)security or data sent over 3G/EDGE/any cellular data network as opposed to a wired internet connection. If you're sending stuff in the clear, it doesn't matter if you're using your cell phone or a DSL/cable modem. A determined hacker can just a easily obtain the data s/he wants from either connection if it's not sufficiently encrypted.
 
Unencrypted data over a wireless cellular data network would be a little safer than over, say, a broadband connection.

In a wireless network, your IP address tends to change quite a bit, even within the same day your phone can get assigned different IP addresses through a data session. Over broadband, it's most likely fixed.

If you are worried about someone wiretapping your celllular connection, that is extremely complicated and requires high tech equipment.
 
GSM and UMTS are encrypted, so the connection between your phone and the cell tower is encrypted, meaning no one can grab the data (or phone calls or SMS for that matter) you're sending out of the air and turn it into anything useful. Once it hits the cell tower and goes across data lines, it's just like your home broadband connection. If you're using SSL, it will remain encrypted until it hits the webserver, if not, then all bets are off.

Using the 2G or 3G network is way more secure than using a wifi network with no network key (or WAP, which is almost as useless as no encryption at all)
 
yg17 said:
GSM and UMTS are encrypted, so the connection between your phone and the cell tower is encrypted, meaning no one can grab the data (or phone calls or SMS for that matter) you're sending out of the air and turn it into anything useful. Once it hits the cell tower and goes across data lines, it's just like your home broadband connection. If you're using SSL, it will remain encrypted until it hits the webserver, if not, then all bets are off.

Using the 2G or 3G network is way more secure than using a wifi network with no network key (or WAP, which is almost as useless as no encryption at all)
Click to expand...

Honestly that isn't entirely true. The folks I work with can grab the data being sent over the air. I used to think the same as you, until they showed me what they do. It isn't very encouraging...
 
Does the VPN feature work over 3G connections?

I subscribe to a VPN (Strong VPN) that works great with my laptop. Never set it up for my iPhone though.
 
diamond.g said:
Honestly that isn't entirely true. The folks I work with can grab the data being sent over the air.
Click to expand...

The "folks you work with" are working too hard. There are proven, easier ways for data sent in the clear to be obtained by unscrupulous people (or even slightly-but-not-much-more-scrupulous people who may or may not have search warrants) than to eavesdrop on the UMTS stream. But, to each his own...
 
diamond.g said:
Honestly that isn't entirely true. The folks I work with can grab the data being sent over the air. I used to think the same as you, until they showed me what they do. It isn't very encouraging...
Click to expand...

For that you require extremely expensive equipment. It's not like you can do it like others do cracking WEP over WiFi... You can decode cellular transmissions over the air, but its extremely expensive to do. Not worth it to do to regular citizens.
 
scaredpoet said:
The "folks you work with" are working too hard. There are proven, easier ways for data sent in the clear to be obtained by unscrupulous people (or even slightly-but-not-much-more-scrupulous people who may or may not have search warrants) than to eavesdrop on the UMTS stream. But, to each his own...
Click to expand...
I sometimes think that our government isn't working all that hard... ;)
fehhkk said:
For that you require extremely expensive equipment. It's not like you can do it like others do cracking WEP over WiFi... You can decode cellular transmissions over the air, but its extremely expensive to do. Not worth it to do to regular citizens.
Click to expand...
True, but the potential exists (and is readily usable by our government).
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back