Recently at the Hacking at Random (HAR) conference, held in the Netherlands, Karsten Nohl detailed plans for cracking standard GSM cell phone encryption, known as A5/1, and will be making the results available for anyone to use. GSM stands for Global System for Mobile communications and is the most commonly used cell phone standard in the world, and is used in Europe, Africa, Asia, New Zealand, Australia, America and Canada.The GSM flaw is massive and would affect not only businesses but individuals also as once the hack is complete it means anyone with a $500 radio card and a laptop will be able to listen in to GSM calls, making it easier for criminals to obtain personal data and making listening in on normal voice calls a real and everyday threat.
Stan Schatt, Vice President and Practice Director, Healthcare and Security at ABI Research, commented, "Potentially this news could have as profound an impact on the cell phone industry as the breaking of WEP encryption had on the wireless LAN industry." He continued on to say "… average folks also have to fear criminals learning valuable information about their bank accounts, personal affairs, etc. Equally if not more important, our research shows that employees talk about corporate sensitive information on their cell phones a good deal of the time....If people do nothing, we are likely to start to hear stories of sensitive information being compromised, acquisition information being leaked, personal financial security information being compromised, etc. We could see tales of blackmail and extortion on the rise.""
The hack had been known about and was fabled to be in existence since as early as 1996, but had never been discovered. Simon Bransfield-Garth, CEO of Cellcrypt, said, "Everybody has known for quite some time that a theoretical hack of GSM existed. This news means that the theoretical risk will become a very real one within the next six months." He went on to say that recently conducted research - which will be released soon - found that "79% of people discuss confidential issues by phone every few days with 64% making such calls daily."
The hack is said to be "incredibly simple" to perform and would affect day-to-day use of mobiles. If the hack became widespread, it would be likely that personally identifiable information that is shared over a phone could be easily stolen - such as bank details, social security numbers, credit card details, addresses, and full names.
Hacking at Random has made available Karsten Nohl's powerpoint presentation here.
Cellcrypt has published guidelines for managing the security of voice calls on their website.
Image credit: Slides taken from Karsten Nohl's slideshow
Really?
Really?
I find that to be very high too... I can't think of much of anything that I talk about that could compromise my information...
I mean, should I not be telling random people my SS#?
For those who want out of their AT&T contracts....I think this would be great ammunition that is factual.
Trolling much??
Trolling much??
3G and 4G are not just used for data. In fact GSM is nowhere to be found in the official 3G standard -- 3G is (aka IMT-2000) is a set of standards that define a third generation wireless communication medium. EDGE is the evolutionary upgrade to GSM.
Trolling much??
3G and 4G are not just used for data. In fact GSM is nowhere to be found in the official 3G standard -- 3G is (aka IMT-2000) is a set of standards that define a third generation wireless communication medium. EDGE is the evolutionary upgrade to GSM.
Where did I state that GSM is in the official 3G standard?? My point was Intel008 response was irrelevant, as the lack of security in GSM has nothing to do with the iPhone and AT&T contracts.
It is a pretty logical assumption that if this GSM flaw has no fix (because if they knew of it years ago, why haven’t they fixed it yet) then what phone manufacture is going to continue to produce GSM based phones if the customer demand goes away due to security concerns. As a tech supporting large enterprise organizations, would you want to have a bridge call discussing a critical business app and sharing confidential information on your GSM phone knowing that its possible someone could be listening? I think not…..
See......http://www.crn.com/mobile/219400220;jsessionid=YYZWYH1VFECA3QE1GHOSKH4ATMY32JVN
and just to add humor to it all......dslreports.com is reporting AT&T is showing their customers just how lame AT&T can be and why this GSM flaw hasn't been fixed over all this time they have known about it.....see the dslreports article for a good laugh....... http://www.dslreports.com/shownews/ATT-App...ngestion-104128
Keep it up AT&T and Verizon will have that iPhone in no time....
Last edited by kouhii00 on 25 Aug 2009 - 22:39
In fact, where I live (Australia), I get better call quality on GSM.
It was broke that's the whole point? This isn't a flaw that was brought in by a phone's OS this is a flaw in the entire GSM standard
Anyway, I'd be more worried about the government listening in on you than a small time hacker.
Anyway, I'd be more worried about the government listening in on you than a small time hacker.
I'd be more worried about the hacker. He can do a lot more damage than the government. The government still has to go through and/or around the law. Plus you can fight the government, hard to fight someone you don't know.
Anyway, I'd be more worried about the government listening in on you than a small time hacker.
if the government want's it can listen to you, is a very simple process. every year thousands of conversations are record and listen to.
I work as an engineer for one of the 5 UK operators and you people really need to swot up on you mobile telecoms knowledge.
2G uses GSM
3G (including HSDPA and HSUPA) uses WCDMA
2G can transmit data over GSM (including EDGE modulation) using GPRS and 3G likewise uses GPRS
3G is unaffected (data and voice) as it uses A5/3 encryption.
Honestly I am shocked by the lack of knowledge............. call yourselves l33t geeks :-)
Of course your correct that if your not within coverage of a 3G cell then you'll be handed over to 2G. However, the rollout of 3G enabled sites is still on going and the coverage is increasing week by week.
I think that what will happen is that the encryption card found with the MSC's will be updated/reconfigured to use the A5/2 or A5/3 encryption scheme. Its more money for Nokia and Ericsson and the operators will be able to advertise they are unaffected by the exploit.
I aint worried and I don't think anybody else should be. Considering how long GSM has been in the public domain I think it's impressive that the original encryption scheme has lasted so long.
A5/3 is recommended on the 3G standard but not all carriers support it, some in fact use A5/1. If this is because of export controls (strong crypto and all that) I do not know.
Encryption algorithms on GSM share the same key, so a way to crack security is to use a device called IMSI catcher to force the handset to use a lower security protocol.
The encryption implementation is on the phone not on the SIM card so in order to close this loophole you might need to replace all phones or disable the old ones out there.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.