Home Tags 3G

Tag: 3G

TP-Link 3G/Wi-Fi modem spills credentials to an evil text message

So why can it read scripts sent by SMS anyhow? TP-Link's M5350 3G/Wi-Fi router, has the kind of howling bug that gives infosec pros nightmares.…

TIM Brasil selects Bwtech’s NetChart to further improve the quality of...

Using NetChart to standardize its network configuration, TIM Brasil managed to enhance its quality performance indicators.Rio de Janeiro, 6 April 2017 – To help improve the quality of their LTE network, TIM Brasil have made the decision to add 4G capabilities to their existing Configuration Management platform NetChart.
Since 2013, TIM Brasil has used NetChart from Bwtech to standardize network configuration parameters of the 2G and 3G networks.

TIM Brasil, one of the largest mobile... Source: RealWire

Algar Telecom selects Bwtech’s NetChart to monitor the performance and configuration...

Uberlandia, 9 March 2017 Brazil’s Algar Telecom has selected Bwtech’s NetChart to supervise its multi-vendor Radio Access Network and standardize the network configuration parameters to ensure the best possible user experience.

A unique combination of ease of use and flexibility via a single user interface with a comprehensive set of standard functionalities and features was cited as a major reason for selecting NetChart.

The partnership will enable the Algar engineering team to monitor their 2G,... Source: RealWire

In Verizon’s wake, T-Mobile adds hotspot data, HD video streaming to...

T-Mobile under CEO John Legere doesn’t like to cede the spotlight to a rival carrier.

True to form, T-Mobile struck back at Verizon’s new unlimited plan late Monday as the “un-carrier” announced new features to bring its unlimited plan in line with Verizon’s.The new features to T-Mobile’s unlimited plan, dubbed T-Mobile One, include a monthly allowance of 10GB for mobile hotspot over LTE.

After hitting the 10GB limit, T-Mobile drops mobile hotspot users down to 3G speeds.

T-Mobile also added HD video streaming quality. Previously, video streams on T-Mobile One were limited to 480p resolution—standard definition.To read this article in full or to leave a comment, please click here

Drone ID Takes Off to Deliver IoT Security

As increasing numbers of Drones take to the skies, the new Drone ID effort backed by AirMap and DigiCert aims to help provide identification and security. When a drone flies overhead, how can its owner be identified? That's a question that is not easil...

Persistent ad and dialler trojans found on 28 Android phones

Mostly landfill Androids from odd places, but Lenovo makes the list too More than two dozen cheap Androids have been found to host pre-installed malicious apps capable of downloading persistent adware and making phone calls. The phones, which include Lenovo's A6000 and A319, were discovered bearing the pre-installed malicious apps by security researchers with antivirus firm Dr Web. Dr Web reckons resellers and firms in the supply chain are to blame. It says there are likely to be many more compromised handsets bearing the apps capable of quietly downloading various trojans from remote servers. Most of the downloads appear to be adware, a class of malware more irritating than dangerous, other than to the wallet of those who end up paying excess data charges. Mobile adware mostly strikes in China and Russia. Entire companies have been found pushing advertising malware apps onto devices, ignoring the option to steal passwords and data using the acquired root privileges. One firm based in Xingdu, China, was this year fingered for slinging the Hummingbad malware and was said to be making $US300,000 a month through some 10 million infected devices. Dr Web's researchers described a trojan which activates on boot and connects to its command and control to download configuration files when a WiFi connection is established. "The file contains information about the application that the trojan should download [and] covertly install," the researchers said. "Android.DownLoader.473.origin actively distributes the advertising program H5GameCenter that is detected by Dr.Web as Adware.AdBox.1.origin [which] displays a small box image on top of running applications that cannot be removed from the screen." Affected devices include the following handsets: MegaFon Login 4 LTE Irbis TZ85 Irbis TX97 Irbis TZ43 Bravis NB85 Bravis NB105 SUPRA M72KG SUPRA M729G SUPRA V2N10 Pixus Touch 7.85 3G Itell K3300 General Satellite GS700 Digma Plane 9.7 3G Nomi C07000 Prestigio MultiPad Wize 3021 3G Prestigio MultiPad PMT5001 3G Optima 10.1 3G TT1040MG Marshal ME-711 7 MID Explay Imperium 8 Perfeo 9032_3G Ritmix RMD-1121 Oysters T72HM 3G Irbis tz70 Irbis tz56 Jeka JK103 Lenovo A6000 Lenovo A319 Trojans found on Lenovo A319 and A6000 devices classified as Android.Sprovider.7 are built into the Rambla application providing access to an Android software catalog by the same name. Its unencrypted payload executes functions including the ability to download and install Android installation apps, open browser links, call dedicated phone numbers, throw top-of-screen ads, and update its main malware module. "Android.DownLoader.473.origin and Android.Sprovider.7 were incorporated into Android firmware because dishonest outsourcers who took part in creation of Android system images decided to make money on users," the researchers say. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub

Covert downloaders found preinstalled on dozens of low-cost Android phone models

reader comments 21 Share this story Dozens of low-cost Android phone models come preinstalled with apps that covertly download and install adware and other unwanted programs, researchers said. At least 26 phone models come preinstalled with a downl...

365squared selected by Smart Axiata to provide A2P SMS monetization and...

Malta, 28 November 2016: Smart Axiata Co., Ltd. (Smart), the leading mobile telecommunications operator in Cambodia, has partnered with 365squared, an international managed services provider specialized in revenue assurance and managed solutions, to remove the effects of spam for Smart’s subscribers and monetize its application-to-person (A2P) SMS traffic through the 365secure service. This service was successfully deployed for Smart in Cambodia in October 2016 to help deliver a better service for more than 8 million Smart subscribers and provide new revenue opportunities.

Fraudulent SMS messages delivered through grey routes damage mobile network operators’ (MNOs) reputation by delivering spam messages to end user subscribers. The innovative 365secure service monitors and filters SMS traffic from any source on a 24/7 basis.

365squared logo

365secure ensures that Smart has peace of mind that SMS traffic is under control, subscribers are fully protected and that monetization of SMS traffic terminating on the network is guaranteed.

“The addition of Smart to our client portfolio is proof that 365squared’s managed solutions guarantee mobile network operators monetization of SMS traffic terminating on the network,” commented Tonio Ellul, CEO, 365squared. “This partnership highlights our strong organic growth as a key player in the market, especially in Asia. We are very excited to be working with Smart.”

Thomas Hundt, CEO of Smart Axiata said: “Spam messages are disliked by everyone. The partnership with 365squared stands on our desire to strengthen customer relationships based on trust. By filtering intrusive and uninvited messages we provide to our customers peace of mind and therewith step up our customer experience efforts further.”

The fully comprehensive 24/7 managed service provided by 365squared ensures that Smart subscribers are fully protected from unwanted spam and potential security threatening application-to-person (A2P) messages. The 365secure service also provides Smart with detailed traffic analytics and reporting thanks to the proprietary 365analytics software.

ENDS

About 365squared
365squared is an international managed services provider to the mobile network operator community. Working with mobile network operators (MNOs) across the globe, and with a global presence, 365squared’s commitment is to eliminate loss of revenue from international SMS termination, generate new revenue by monetizing application-to-person (A2P) SMS traffic, and to protect customers from spam and fraudulent SMS. 365squared offers a complete end-to-end managed service ensuring its client, MNOs, secure the maximum revenue opportunity and the best customer experience. For more information about 365squared, please visit www.365squared.com/.

About Smart Axiata, Cambodia
Smart Axiata Co., Ltd., a leading mobile telecommunications company of Cambodia, serves currently over 8 million subscribers under the 'Smart' brand. Smart Axiata is part of Axiata Group Berhad, one of the largest telecommunications groups in Asia with over 300 million subscribers in 10 countries across the region.

In January 2014, Smart launched its 4G LTE network and became the first and only mobile operator in Cambodia to provide true 4G services. 4G LTE powered by Smart, the fastest mobile Internet in Cambodia, is now available in 25 key provincial capitals as well as other key provincial cities. Smart also provides 2G, 2.5G, 3G and 3.75G mobile services, supporting the very latest in multimedia and mobile Internet services as well as international roaming across more than 190 countries. Its extensive nationwide network coverage now covers more than 98% of the Cambodian population.

Through its partnership with Apple, Smart is the one and only telecom operator partner of Apple in Cambodia being able to offer iPhone’s and iPad’s. Smart moreover is the exclusive partner of Universal Music in Cambodia. Being a strong advocate of digital innovation, Smart has launched various ranges of value added services and digital services such as SmartLuy, Smart Life Insurance, SmartPay and Smart Music.

Smart Axiata was recognized as Cambodia’s Mobile Service Provider 2016 by Frost & Sullivan following the Asia Pacific Emerging Market Telecom Service Provider of the Year Award in 2015. In that same year, Smart Axiata was also awarded as the Best Telecommunications Company Cambodia 2015 & 2016 and Best CSR Company Cambodia 2015 & 2016 by Global Banking & Finance Review.

The company's workforce consists of more than 1000 people including local and foreign experts. Smart is committed to its customers, employees and the people of Cambodia in delivering its promise of improving their lives. "Live. Life. Be Smart."

For more information about Smart Axiata, please visit www.smart.com.kh.

-END-

Media Contact
Felicity Theaker
Account Executive
Proactive International PR
felicity.theaker@proactive-pr.com
+44 (0) 1636 812 152

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November...

Product Cisco Bug ID Fixed Release Availability Cisco SocialMiner CSCvc32449 11.6.1 (15-Jun-2017) Cisco Unified MeetingPlace CSCvc23583 Cisco WebEx Node for MCS CSCvc23453 Cisco Jabber Guest CSCvc23580 11.0.1 (28-Feb-2017) Cisco Application and Co...

FBI’s stingray quickly found suspect after local cops’ device couldn’t

Enlargenereocystis reader comments 2 Share this story OAKLAND, Calif.—According to new government affidavits filed earlier this week, the Oakland Police Department (OPD) used its stingray without a warrant in 2013 for several hours overnight as a way to locate a man accused of being involved in shooting a local police officer. When that effort was unsuccessful, the OPD called in the FBI, which was somehow able to locate the suspect in under an hour, and he surrendered to OPD officers. That suspect, Purvis Ellis, is the lead defendant in the case of United States v.

Ellis et al
.

The case involves four men who are charged with the January 21, 2013 attempted murder of local police officer Eric Karsseboom in the parking area in front of a Seminary Avenue apartment complex in East Oakland.

The men are also charged with running an alleged local gang, centered around Seminary Avenue (known as "SemCity"). While these new filings fill out the timeline a bit more, they also raise new questions in Ellis, which has provided a rare insight into how this surveillance device, also known as a cell-site simulator, is used in practice to find suspects, and the seeming lengths the government is willing to go to keep it quiet.

The tool has come under increasing scrutiny by lawmakers and activists in recent years.
Since this case began, the Department of Justice, which oversees the FBI, and the State of California now require a warrant when a stingray is used in most circumstances. According to the government, Ellis, who is not accused of being the actual shooter, was the target of both the Oakland Police Department’s and the FBI’s stingrays. (The victim of the shooting, Karsseboom, previously identified co-defendant Deante Kincaid as the man who actually fired the non-fatal shot that struck Karsseboom in the wrist.) Earlier this month, US Magistrate Judge Donna Ryu ordered the government to formally declare how the stingrays were used to find Ellis, who was either in the apartment building or immediately present for the shooting of Karsseboom. He ultimately surrendered to the OPD when he emerged from Apartment #112 at about 11am on January 22, 2013. His attorney, Martha Boersch, told Ars that she was unable to comment on her client’s precise location during the encounter with Karsseboom, who only testified that his encounter involved the other three defendants.
It is also unclear why the stingray solely targeted Ellis when the other three suspects had fled the scene by the time the stingray was activated at the Seminary Ave. apartment complex. These new filings are the government's attempt to address Ryu's judicial order.

All of the discussion regarding stingrays, among other issues pending before the court, are part of the criminal discovery process, which has been ongoing for nearly three years. “We’re nowhere near setting a trial date,” US District Judge Phyllis Hamilton told both sides during a Wednesday hearing in federal court in Oakland. Four men remain accused All parties agree that Karsseboom was shot at about 6:15pm on January 21. Karsseboom arrived at the apartment not in uniform and not in a market patrol car—he was sent there to look for a car the OPD believed was involved in an earlier shooting. Karsseboom told a state court hearing in 2013 (before the case was moved to federal court) that did not declare he was a cop until after the trigger was pulled, at which point the three men he says confronted him ran away. Karsseboom later recalled the shooting during that preliminary examination, but in retrospect, court documents show that details start becoming murky at this point. OPD declared the scene "secure" by 6:29pm.

But a few hours after the incident, OPD Officer Steve Valle received a call from a confidential informant who is labeled in court documents only as "X." X told Valle that she or he received a call where X learned the names of two people involved in the original, January 20 shooting: Deante Kincaid and Damien McDaniel. X said two others were present: Purvis Ellis and someone named Lil’ Joe, later identified as Joseph Pennymon. (Kincaid, McDaniel, and Pennymon are the other three co-defendants in US v.

Ellis
.) Enlarge / Deante "Tay Tay" Kincaid, is accused of being the one who fired the shot against Oakland Police Officer Eric Karsseboom. Thizz Entertainment The government has argued that while two stingrays were used to locate Ellis, it did not need a warrant given “exigent circumstances,” a particular situation that provides an exception to the 4th Amendment.

According to American criminal procedure law, an exigent circumstance involves imminent bodily harm or injury, the destruction of evidence, or the flight of a suspect. Prosecutors argued that because the three men involved in the altercation were at large, there was a clear exigency.

Ellis’ defense, meanwhile, has countered that because the OPD had declared the scene “secure” 14 minutes after Karsseboom was shot, there was no exigency.

This issue remains unresolved. Calling in the feds The new Monday filings consist of a pair of affidavits, one from an FBI special agent whose name was redacted and another by an OPD officer, whose name was also withheld. The OPD officer wrote that she or he was alerted to the incident at 6:40pm and was told to respond.

But given that the officer was off-duty, and as most OPD officers live outside the city, the officer told the court that it would have taken up to two hours to return to Oakland.

By the time the officer arrived on scene with what seems to have been an OPD surveillance van, it was around 9:00pm. The Oakland cop wrote that her or his team finally turned on the stingray at about midnight, in the early morning hours of January 22. The officer continued: Prior to operating the cell site simulator, OPD first contacted the telephone carrier of the subject cellular telephone and completed the required exigent circumstance request form to obtain a pen register/trap trace and subscriber information for phone number 510-904-7509 to assist in locating the cellular telephone with the cell site simulator.
I did not begin operating the device until after OPD obtained this information from the telephone provider. Prosecutors did not respond to Ars’ request for further information about how authorities obtained Ellis’ number, why he was targeted, or how long the OPD's stingray was in operation. It's likely that the “subscriber information” MetroPCS provided included not only the name on the account but also the IMSI number associated with that number, which allowed the stingray to begin its search. The affidavit seems to suggest (but does not outright say) that the OPD stingray was in operation continuously for nearly 10 hours. As Ars reported previously, according to an OPD log that was later redacted, a notice soon went out at 5:24am: "PING SUSP PHONE IN BLDG TWDS REAR STILL." In addition to a Computer Aided Dispatch log notation from 3am, this message seems to be the second indication in all of the publicly available records that some sort of cell phone surveillance was taking place. Despite seemingly being able to ping Ellis’ phone, the OPD wasn’t actually able to locate it—so then they called in the FBI.

According to the FBI affidavit, the special agent was notified at about 7:00am on January 22 and got to work.

The FBI showed up at about 9:00am and had its stingray set up by about 10:00am, at which point the OPD shut down its cell-site simulator. The FBI agent wrote: Upon powering the cell site simulator on, it detected the presence of the subject cellular telephone within the apartment building located at 1759 Seminary Street, Oakland, California. Once the cell site simulator identified the subject cellular device, it only obtained the signaling information relating to that particular phone.

As previously noted, such signaling information did not include content such as e-mails, texts, contact lists, images, or other data from the phone, nor did it provide subscriber account information. At one point, in an effort to reduce the error radius and increase the accuracy of the location of the cellular telephone, a cell site simulator augmentation device was deployed into the interior of the apartment building.

This device is used in conjunction with the cell site simulator and has no data storage capability whatsoever.

As before, during this operation of the cell site simulator, only limited signaling data and identifying information was collected from the targeted cellular telephone.

At all times during the deployment of the cell site simulator and the augmentation device, the equipment and I were located in publicly accessible areas in and around the target apartment building. The stingray seems to have been successful—Ellis emerged from Apartment #112 just before 11:00am and was taken into custody.

The FBI shut down its operation immediately and “all data for this incident was purged.” Similarly, the OPD affidavit noted that it “did not retain any information regarding the information encountered by its cell site simulator.” Was Oakland’s stingray obsolete? Ars presented these new affidavits to two privacy activists, who both seem to believe that the FBI had a more advanced stingray at the time. In September 2014—nearly two years after the Seminary Ave. shooting—Ars reported that Oakland was one of a handful of cities across America that was pursuing a “Hailstorm” upgrade to its existing stingray system.

The Hailstorm is necessary because older models cannot penetrate a more modern 4G LTE connection. “It's unclear from the Oakland declaration how continuous the operation of their equipment was,” Brian Hofer, chair of the City of Oakland Privacy Advisory Commission, told Ars. His newly created commission has been scrutinizing the city’s procurement process for surveillance and has pushed for new policies overseeing its use. “We believe that Oakland only had an older 2G/3G Stingray, based on public records in our possession,” he continued. “It is possible that the FBI already possessed a Hailstorm or similar 4G capable device at this time, or an older 2G/3G system but with enhanced amplification, or maybe Oakland's equipment was simply malfunctioning." Daniel Rigmaiden, who was the defendant in the most well-known stingray case, US v. Rigmaiden, agreed with this analysis. “The FBI was probably using whatever is the top of line at the time, while OPD was likely using whatever public records may tell us,” he said. “In any event, it probably just came down to the FBI being better at using the equipment (the OPD person may have had some technical problems), or maybe the equipment used by OPD was too old to work with the target phone.
If I had to guess, OPD tried all night, finally conceded, and then called in the pros.

This is a good argument as to why local governments don't need this equipment, i.e., if the FBI is willing to just step in at anytime.” Rigmaiden also speculated that the FBI’s “augmentation device” was a KEYW device or something similar. He also noted that he believes the policies to immediately delete all data are “just a cover to destroy information that could reveal technical details on the equipment.” “It's ridiculous to think that all data needs to be deleted from a Stingray in order to protect the privacy of third parties (or whatever their other reasons are),” he said, speculating that this could be a Brady violation, a legal ruling where the government has found to not provide evidence that could be exculpatory to the defense. “Like any computer, it's very easy to delete some files or data while saving other files or data,” he continued. “When law enforcement clears a stingray of data, it could very easily save and preserve the data collected on the target phone. When this is not done, it is a Brady violation—like what the attorneys argued in Ellis.

This isn't an ‘all or nothing’ scenario. You can delete third-party data from a stingray while preserving relevant evidence for the defense.

The fact that this is not done is what alarms me.

The fact that the OPD has no set policy to destroy Brady material (while the FBI does) is just incidental to me.
It's more alarming to me that law enforcement continues to get away with destroying evidence.

These are serious charges and this is evidence that would be helpful to the defense.
It was wrong for the OPD and FBI to delete it.”

Actively exploited iOS flaws that hijack iPhones patched by Apple

Enlarge / iPhone Spyware known as Pegasus intercepts confidential data.Lookout reader comments 47 Share this story Apple has patched three high-severity iOS vulnerabilities that are being actively exploited to infect iPhones so attackers can steal confidential messages from a large number of apps, including Gmail, Facebook, and WhatsApp, security researchers said Thursday. The spyware has been dubbed Pegasus by researchers from mobile security provider Lookout; they believe it has been circulating in the wild for a significant amount of time. Working with researchers from University of Toronto-based Citizen Lab, they have determined that the spyware targeted a political dissident located in the United Arab Emirates and was launched by an US-owned company specializing in computer-based exploits.

Based on the price of the attack kit—about $8 million for 300 licenses—the researchers believe it's being actively used against other iPhone users throughout the world. "Pegasus is the most sophisticated attack we’ve seen on any endpoint because it takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile—always connected (WiFi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists," Lookout and Citizen Lab researchers wrote in a blog post. "It is modular to allow for customization and uses strong encryption to evade detection." After the exploits surreptitiously jailbreak a target's iPhone, Pegasus immediately starts trawling through a wealth of its resources.
It copies call histories, text messages, calendar entries, and contacts.
It's capable of activating the cameras and microphones of compromised phones to eavesdrop on nearby activities.
It can also track a target's movements and steal messages from end-to-end encrypted chat apps. As Ars has reported, Apple has already issued updates that patch the three vulnerabilities that make the infections possible. While such attacks are likely to target only the most high-value targets—say, Fortune 500 executives and high-profile dissidents—all iOS users should install the fixes as soon as possible. The researchers have dubbed the exploit Trident because it relies on three separate vulnerabilities, indexed as CVE-2016-4654, CVE-2016-4655, and CVE-2016-4656.

The exploit targeting UAE dissident Ahmed Mansoor arrived in a text message two weeks ago that promised secret information about detainees tortured in UAE jails. Mansoor forwarded the messages to Citizen Lab researchers who determined that the linked webpages led to a chain of exploits that would have jailbroken his iPhone and installed the Pegasus spyware. "In this case, the software is highly configurable," Thursday's blog post continued. "Depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others.

The kit appears to persist even when the device software is updated and can update itself to easily replace exploits if they become obsolete." Analysis of the underlying code indicates that it dates back 2013, when iOS version 7 was still in use.
In addition to targeting Mansoor, the researchers believe that other high-value people are also being targeted for purposes of corporate espionage.

The spyware was developed by NSO Group, an Israeli-based division of US-headquartered company Francisco Partners Management.

According to an article published last November by Reuters, Francisco Partners paid $120 million in 2014 to acquire a majority stake in NSO and was exploring a sale that could value the division at $1 billion. NSO Group is so secretive that it has regularly changed its name, Reuters also reported.
It had earnings of about $75 million. The sophisticated attack chaining together three separate iOS vulnerabilities is a testament to both the security of Apple's mobile operating system and the skill of outside attackers at bypassing those considerable protections. Last year, a software broker calling itself Zerodium offered $1 million for iOS exploits that gave attackers complete control of underlying iPhones.

The company pledged to pay a total of $3 million.

Apple, meanwhile, pays a maximum of $200,000 for comparable exploits.

The prices mean that attacks are likely to target only the highest value people as opposed to more opportunistic mass campaigns. The Trident/Pegasus attacks mark the third time Mansoor has been targeted by so-called "legal intercept" malware.

Citizen Lab has uncovered evidence that he was targeted by exploit software known as FinFisher in 2011 and by similar spyware from Italy-based Hacking Team in 2012.

Citizen Lab has also found evidence that NSO Group's exploit infrastructure was used against a Mexican journalist after reporting on corruption by the country's head of state. NSO Group has used fake domains that impersonate the Red Cross, the UK government's visa application processing website, news organizations, and major technology companies. Lookout and Citizen Lab have published additional reports here and here that among other things detail the exploits and a list of behavioral anomalies more advanced iPhone users can use to identify infected devices.

BlackBerry’s new round of patent lawsuits targets BLU—and Android

reader comments 55 Share this story Over the years, BlackBerry has amassed a giant portfolio of patents, but it hasn't used them to sue others—until now.BlackBerry has filed three patent infringement lawsuits in as many weeks.

The struggling phone company's offensive barrage began with a case filed against IP telephony company Avaya on July 27. Last week, BlackBerry filed two lawsuits against budget cell phone maker BLU's products, alleging that BLU infringes a whopping 15 patents. The dual lawsuits against BLU suggest that BlackBerry's new turn toward patent licensing isn't going to be a one-off event, but rather a more extended campaign.
In a May earnings call, BlackBerry CEO John Chen told investors he's in a "patent licensing mode" and is hoping to monetize his company's 38,000 patents. The new lawsuits also suggest that BlackBerry has patents it believes describe Android features, so don't be surprised if more Android phones are in the crosshairs soon. One of the two cases filed last week accuses user-interface features that are more about Android than they are about BLU.

A small manufacturer like BLU could make for a good "test case" against a maker of Android phones. In the first lawsuit against BLU (PDF), BlackBerry says BLU infringes seven patents: 8,489,868, a software code-signing system 8,402,384, a "dynamic bar" display 8,411,845, a phone log display 6,271,605, a battery disconnection system 8,745,149, describing a way of time-stamping messages and 8,169,449, a system for making composite images from multiple applications. In the second lawsuit (PDF), Blackberry alleges infringement of eight US patents, mostly related to transmitting signals.

They are: 7,969,924, "Method and apparatus for state/mode transitioning" 8,483,060, "Method for configuring a telecommunication system" 8,406,118, "Scattered pilot pattern and channel estimation method for MIMO-OFDM systems" 8,472,567, "Detecting the number of transmit antennas in a base station" 8,265,034, "Method and system for a signaling connection release indication" 8,625,506, "System and method for determining establishment causes" 7,933,355, "Systems, devices, and methods for training sequence, transmission and reception" 7,050,413, "Information transmission method, mobile communications system, base station and mobile station in which data size of identification data is reduced" Both suits were filed last Tuesday in the Southern District of Florida.

That's the district including BLU's headquarters, located in the Miami suburb of Doral. The second complaint notes that on November 21, 2015, BlackBerry sent BLU a list of patents "required to practice, inter alia, the 2G, 3G, and LTE standards." At that time, BlackBerry offered to license the patents on "fair, reasonable, and nondiscriminatory terms." The first complaint, with the more user interface-oriented allegations, doesn't mention the November notice. Neither BlackBerry nor BLU responded to requests for comment for this story.