Mobile Device Connection Methods – CompTIA Security+ SY0-501 – 2.5

Mobile Device Connection Methods – CompTIA Security+ SY0-501 – 2.5


Our mobile devices are
advanced pieces of technology. And they have many different
ways to connect themselves to the outside world. One of the most common ways
to connect our mobile phones is through a cellular network. This would be our mobile
devices, such as our cell phones, being able
to communicate over this wireless network
that’s separated into different
segments called cells. We have an antenna inside
of our mobile device, and it’s able to communicate
to the antennas that may be in our local area. There are a number of
security concerns with this. One is that you’re able to
find a particular device that’s on one of these mobile
networks and track exactly where this device may be going. There’s also worldwide access
now to this mobile device that’s always on
and always connected to this cellular network. Another common way to
connect our mobile device is over a local Wi-Fi network. This is our 802.11
wireless networks that we might have in
our home or our office. It obviously would have exactly
the same security concerns as any other device
on that Wi-Fi network, so we have to be sure that
any data that we’re sending back and forth is encrypted. If we’re not using
an encrypted channel, or the encrypted channel is
not using the proper protocols, then it is possible
for someone to sit in the middle of
the conversation and see all of the traffic going
to and from our mobile device. And since the Wi-Fi network
is using a particular set of 2.4 GHz or 5
GHz frequencies, it is also susceptible to frequency
interference and denial of service. Some mobile devices can use
satellite communications, or satcom. This is perfect
for locations that don’t have an existing wireless
network or cellular network, especially if it’s
a place that might be in the middle of
a natural disaster, or in a very remote area. Instead of using the
local cellular network, you instead would use
satellite communication. There are many
different technologies that use this satellite
communication. Some will use a connection
to a geostationary satellite, whereas others will
connect to satellites that are rotating around the
Earth in a low Earth orbit. Because this is using
digital communication, you can send both voice and
data over these satcom networks. These satcom devices have
similar security concerns to our traditional
mobile phones. There are operating system
vulnerabilities and remote code executions you have
to be concerned about. So it’s always
important to keep all of the software on these devices
updated to the latest version. Another common type of
mobile device networking is near field
communication, or NFC. NFC is commonly used
when you’re communicating from your mobile device
to a device that’s very close by, thus the name
near field in the near field communication. We often see this used
for payment systems. You might be in a store
and ready to check out, and you can move your phone very
close to the payment terminal, and it acts as if you
were using a credit card. NFC can also be used to
help with other wireless technologies. For example, NFC can be
used to help the pairing process for Bluetooth between a
mobile device and an accessory. And NFC can often be
used as an identity system, where you can identify
yourself using your phone. NFC is usually configured
to be relatively secure, but there are some
security concerns you should be aware of. One is that this is a
wireless communication. And although it is a very
narrow range of communication, someone with an
antenna can still listen in on the communication
and capture that data. Usually, you’re not
going to be able to hear very much once you get
outside of a 10 meter range around your phone. There’s also the concern
of frequency jamming. Someone could prevent you
from using this NFC by jamming the frequencies in use
and not allowing anything to go back and forth
between your mobile device and the other party. There might also be a concern
of a replay or relay attack. A man in the middle
could be used if there was non-encrypted data. And if the NFC was not
configured properly, that could certainly
be a security issue. And of course, if
you lose your device, then someone else could
gain access to that phone and potentially use
that NFC instead of you. A relatively new type of mobile
device network communication is ANT or ANT+. This is a wireless
sensor protocol that uses a part of
the 2.4 GHz range that is reserved for industrial,
scientific, and medical or ISM. We’re commonly seeing ANT and
ANT+ being used on the Internet of Things devices. This could be something like
a fitness device or heart rate monitor. ANT is not 802.11. It’s not Bluetooth. It’s its own set of protocols
specifically designed for these low power devices. Like any other
wireless, device there is the potential here for
jamming or denial of service, especially on this
very busy 2.4 GHz band. And because encryption is
optional in this ANT protocol, it is possible for someone to
be able to capture this data and see information inside
of that data stream. Another networking feature
built into a number of our mobile devices
is infrared or IR. Although in the past
we’ve seen infrared used for things like
printing, these days we see it used on smartphone,
tablets, and smartwatches to be able to control
infrared devices, like your entertainment center. You could also use
these infrared links to do file transfers
between mobile devices. And anything that might
be infrared accessible could be controlled using
this infrared capability on your mobile device. And one of the most
common connections on our mobile devices is through
a USB, or Universal Serial Bus. This is a physical
wired connection on our mobile devices. We usually are
connecting our computer to our mobile device with USB. And it might also take
a form of a Lightning or some type of proprietary
connector on your phone. USB is relatively more secure
than some wireless protocols, because you need physical
access to the device to be able to plug in
that USB connection. A locked device is
also relatively secure, because most devices will not
allow communication over USB unless the device is unlocked. Mobile phones can
also connect via USB and appear as a
removable storage device. So security professionals have
to be very aware of people using their mobile device
to exfiltrate data outside of your local network.

Leave a Reply

Your email address will not be published. Required fields are marked *