Mobile Device Connection Methods – CompTIA Security+ SY0-501 – 2.5

There are a remarkable number of ways that you can use to connect to our portable technologies. In this video, you’ll learn about wired and wireless connections that you can use with a mobile device.

<< Previous Video: Analyzing Security Output Next: Mobile Device Management >>

Our mobile devices are advanced pieces of technology. And they have many different ways to connect themselves to the outside world. One of the most common ways to connect our mobile phones is through a cellular network. This would be our mobile devices, such as our cell phones, being able to communicate over this wireless network that’s separated into different segments called cells. We have an antenna inside of our mobile device, and it’s able to communicate to the antennas that may be in our local area.

There are a number of security concerns with this. One is that you’re able to find a particular device that’s on one of these mobile networks and track exactly where this device may be going. There’s also worldwide access now to this mobile device that’s always on and always connected to this cellular network.

Another common way to connect our mobile device is over a local Wi-Fi network. This is our 802.11 wireless networks that we might have in our home or our office. It obviously would have exactly the same security concerns as any other device on that Wi-Fi network, so we have to be sure that any data that we’re sending back and forth is encrypted. If we’re not using an encrypted channel, or the encrypted channel is not using the proper protocols, then it is possible for someone to sit in the middle of the conversation and see all of the traffic going to and from our mobile device. And since the Wi-Fi network is using a particular set of 2.4 GHz or 5 GHz frequencies, it is also susceptible to frequency interference and denial of service.

Some mobile devices can use satellite communications, or satcom. This is perfect for locations that don’t have an existing wireless network or cellular network, especially if it’s a place that might be in the middle of a natural disaster, or in a very remote area. Instead of using the local cellular network, you instead would use satellite communication.

There are many different technologies that use this satellite communication. Some will use a connection to a geostationary satellite, whereas others will connect to satellites that are rotating around the Earth in a low Earth orbit. Because this is using digital communication, you can send both voice and data over these satcom networks.

These satcom devices have similar security concerns to our traditional mobile phones. There are operating system vulnerabilities and remote code executions you have to be concerned about. So it’s always important to keep all of the software on these devices updated to the latest version.

Another common type of mobile device networking is near field communication, or NFC. NFC is commonly used when you’re communicating from your mobile device to a device that’s very close by, thus the name near field in the near field communication. We often see this used for payment systems. You might be in a store and ready to check out, and you can move your phone very close to the payment terminal, and it acts as if you were using a credit card.

NFC can also be used to help with other wireless technologies. For example, NFC can be used to help the pairing process for Bluetooth between a mobile device and an accessory. And NFC can often be used as an identity system, where you can identify yourself using your phone.

NFC is usually configured to be relatively secure, but there are some security concerns you should be aware of. One is that this is a wireless communication. And although it is a very narrow range of communication, someone with an antenna can still listen in on the communication and capture that data. Usually, you’re not going to be able to hear very much once you get outside of a 10 meter range around your phone.

There’s also the concern of frequency jamming. Someone could prevent you from using this NFC by jamming the frequencies in use and not allowing anything to go back and forth between your mobile device and the other party. There might also be a concern of a replay or relay attack. A man in the middle could be used if there was non-encrypted data. And if the NFC was not configured properly, that could certainly be a security issue. And of course, if you lose your device, then someone else could gain access to that phone and potentially use that NFC instead of you.

A relatively new type of mobile device network communication is ANT or ANT+. This is a wireless sensor protocol that uses a part of the 2.4 GHz range that is reserved for industrial, scientific, and medical or ISM. We’re commonly seeing ANT and ANT+ being used on the Internet of Things devices. This could be something like a fitness device or heart rate monitor.

ANT is not 802.11. It’s not Bluetooth. It’s its own set of protocols specifically designed for these low power devices.

Like any other wireless, device there is the potential here for jamming or denial of service, especially on this very busy 2.4 GHz band. And because encryption is optional in this ANT protocol, it is possible for someone to be able to capture this data and see information inside of that data stream.

Another networking feature built into a number of our mobile devices is infrared or IR. Although in the past we’ve seen infrared used for things like printing, these days we see it used on smartphone, tablets, and smartwatches to be able to control infrared devices, like your entertainment center. You could also use these infrared links to do file transfers between mobile devices. And anything that might be infrared accessible could be controlled using this infrared capability on your mobile device.

And one of the most common connections on our mobile devices is through a USB, or Universal Serial Bus. This is a physical wired connection on our mobile devices. We usually are connecting our computer to our mobile device with USB. And it might also take a form of a Lightning or some type of proprietary connector on your phone.

USB is relatively more secure than some wireless protocols, because you need physical access to the device to be able to plug in that USB connection. A locked device is also relatively secure, because most devices will not allow communication over USB unless the device is unlocked. Mobile phones can also connect via USB and appear as a removable storage device. So security professionals have to be very aware of people using their mobile device to exfiltrate data outside of your local network.