I’ve been working on the project to update ISECOM’s OPST (OSSTMM Professional Security Tester) curriculum, and it’s becoming more and more clear that pen testing curricula – ALL of them – neglect the area of wireless telephone penetration testing. Most of the phone tools are about forensics, not pen testing phones.
So should we just treat them as hosts? Maybe, but they run a lot of services and functions that few or no computer hosts run. How do we test them?
The starting point is learning the phone technology itself. There’s a decent introduction, circa 2007, at Simson.net:
http://simson.net/ref/security_cellphones.htm
***