Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
How I DOS'd My Cell Phone Using EC2 (memestreams.net)
27 points by ardell on Feb 2, 2009 | hide | past | favorite | 9 comments


Read this together with this story http://news.ycombinator.com/item?id=462592 about people using VoIP and caller ID spoofing to prank call 911 and dispatch SWAT teams.

Scary stuff. A sophisticated enough criminal could plan to pull a crime, while at the same time DOSing the 911 call center so any legitimate 911 calls would get lost in the noise.


VoIP ... DOSing the 911 call center

Wouldn't work. "911" isn't a real phone number; it's special-cased into the phone network so that if the phone network is overloaded the 911 call will get through and a non-911 call will get disconnected. VoIP services don't have direct access to 911 systems but instead proxy (once they figure out where you're calling from and thus which 911 center to route your call to).

If you tried to DoS 911 services via VoIP, you might make it impossible to get a call through to 911 via that VoIP service, but you wouldn't block landline 911 calls.


I am he who DOS'd my cell phone.

I don't really understand what you mean - do you mean that 911 won't accept more than X calls from a single VOIP provider, after they proxy the call? Because the limit is humans answering the calls, isn't it? Is that done on a grid too, so operators from multiple regions can handle overload in one area?

Anyway, I would imagine a more likely attack would be on private PBXes. Only terrorists would want to take down 911, which should be resistant to call floods, but a much larger pool of criminals would seek to disable private phone systems.


Do you think the 911 quotas for all the VoIP systems added together amount to more than the staff for the 911 center, in some locale? How about the number of emergency responders? Even if not, you could still DoS the VoIP service your target was using.


Ahh, didn't realize that, but interesting to know.

What I meant though is that you could create enough call volume so that there wouldn't be enough operators to handle all the calls.


That is definitely a disturbing thought, and one the author noted at the end. Still, you have to admit, "I DOS'd my cell phone" is a funny thing to be able to say!


"The voice was me as 'Vinnie' threatening my life. "

It sounds like he's developing harassment-ware.


It was a demo promoting a gangster film.


Oddly enough, in a recent episode of 'Burn Notice', they caused all of the phones in an office to ring simultaneously in order to make their escape during a con. They presented it more as a PBX hack, but it does sound a lot like the security concerns you mention.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: