[sbe-eas] Upcoming FCC changes to EAS rules (September meeting agenda)
Sean Donelan
sean at donelan.com
Fri Sep 9 19:35:37 EDT 2022
Outside of the Blackhat/DefCon conference? No.
Its technically possible, and demonstrated to work. Works best with very
old phones. Each new generation 3G/4G/5G/6G improves security. I haven't
checked if it would work on 5G (probably would, just haven't checked
myself). 6G is under development.
Reason why: the WEA standards designed to get alerts to the public, even
when parts of the network are broken (i.e. the parts that do
authentication & billing). Adding more security would slow/break stuff.
The risk assumed limited to a geographic area. But if you want to see
what happens, watch the Ukraine and Russia cell companies. A lot of
theoritical stuff suddenly made practical.
On Fri, 9 Sep 2022, Rob Dale wrote:
> Good find! This one makes me wonder:
>
> • Requiring wireless providers to take steps to ensure that only
> valid alerts are displayed on consumer devices.
>
>
> Has there ever been a ‘fake WEA’ somehow put on a user’s phone? I can’t even
> begin to imagine how that could be done…
More information about the sbe-eas
mailing list