• GSM security has been broken, hackers can eavesdrop cell phones now
    47 replies, posted
[quote] Karsten Nohl and Sylvain Munaut demonstrated their eavesdropping toolkit at the Chaos Computer Club Congress (CCC) in Berlin. The work builds on earlier research that has found holes in many parts of the most widely used mobile technology. The pair spent a year putting together the parts of the eavesdropping toolkit. "Now there's a path from your telephone number to me finding you and listening to your calls," Mr Nohl told BBC News. "The whole way." He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves. "The one piece that completed the chain was the ability to record data off the air," he said. In a demonstration at the CCC, the pair took attendees through all the steps that led from locating a particular phone to seizing its unique ID, then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent. Key to grabbing the data from the air were cheap Motorola phones which can have their onboard software swapped for an open source alternative. "We used the cheap Motorola telephones because a description of their firmware leaked to the internet," he said. This led to the creation of open source alternative firmware that, he said, has its "filters" removed so it could see all the data being broadcast by a base station. The eavesdropping work builds on earlier work to list GSM encryption keys This allows attackers to home in on the data they need to eavesdrop, said Mr Nohl. The encryption system that scrambles this data can be defeated using a huge list of encryption keys, called a rainbow table, that Mr Nohl generated in a separate research project. "Any GSM call is fair game," he said. GSM is the name of the technology used on the vast majority of mobile phone networks around the world. The GSMA, which represents operators and phone makers, estimates that there are more than five billion GSM mobiles in use around the world. The GSMA has not responded to requests for comment about the research. [/quote] [url]http://www.bbc.co.uk/news/technology-12094227[/url] Glad i'm on Verizon [b]The GSMA, which represents operators and phone makers, estimates that there are more than five billion GSM mobiles in use around the world.[/b]
Oh noes, i better turn off my GSM.
Good thing I don't have any friends to talk to. :gbsmith:
I'm surprised it wasn't done sooner
I don't have a cell phone.
Good thing all I ever do is text. [quote]then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent.[/quote] :smith:
I know a couple people that wanted to stick to CDMA because they were afraid something like this would happen... Now, it seems, they were right
The likelihood of someone doing this to you is slim to none. It's proof of concept.
[QUOTE=Noth;27107035]I know a couple people that wanted to stick to CDMA because they were afraid something like this would happen... Now, it seems, they were right[/QUOTE] Unfortunately in some countries (like most of Europe) GSM has been the only thing used since mobile phones started being popular it seems, so we can't all use the excuse that it was a change. The Germans are far too good at this shit, wasn't it some Germans who managed to eavesdrop on DECT phones a few years ago? Edit: Same group possibly.
damnit so that's how my friend knew about my call to beastly dragon dildo land sly dog
To echo the OP, glad I'm on Verizon. CDMA <3
[img]http://static.facepunch.com/fp/ratings/clock.png[/img]
oh wow, big deal, eavesdropping on my dull phone calls.
Now everyone is going to be paranoid when talking on the phone.
Ehh.... Why the fuck do people let freaking hackers have conventions? What's next? Al-Qaeda Congress at Berlin?
Good thing my phone is off 24/7
I saw this at Defcon. [url]http://www.defcon.org/html/defcon-18/dc-18-speakers.html[/url]
[QUOTE=Uncle_Earl;27109114]Ehh.... Why the fuck do people let freaking hackers have conventions? What's next? Al-Qaeda Congress at Berlin?[/QUOTE] Hackers do not do harm, they just find vulnerabilities in your stuff.
[QUOTE=Uncle_Earl;27109114]Ehh.... Why the fuck do people let freaking hackers have conventions? What's next? Al-Qaeda Congress at Berlin?[/QUOTE] Since when were telecoms engineers as dangerous as a nutjob with a bomb and a kalasnikov?
Eh, I doubt a most people have anything to fear for, the most that can happen is that some lonely guy now knows about their sex life.
[QUOTE=Mr. Someguy;27106956]I don't have a cell phone.[/QUOTE]
[QUOTE=Uncle_Earl;27109114]Ehh.... Why the fuck do people let freaking hackers have conventions? What's next? Al-Qaeda Congress at Berlin?[/QUOTE] [url]http://en.wikipedia.org/wiki/Hacker_%28computing%29#Hacker_definition_controversy[/url]
Oh boy oh boy hackers are going to listen to my phone calls between my mom to pick me up. What ever will I do.
[QUOTE=dass;27110664]What ever will I do.[/QUOTE] Prepare to get raped
[QUOTE=johan_sm;27110933]Prepare to get raped[/QUOTE] My body is ready.
[QUOTE=Noth;27107035]I know a couple people that wanted to stick to CDMA because they were afraid something like this would happen... Now, it seems, they were right[/QUOTE] Switching to my CDMA PDA phone.
Welcome to 2010. I mean 2011, fuck.
Um. Not like the companies themselves haven't been spying on us anyway.
Good thing I'm on Sprint. Good 'ol CDMA.
[QUOTE=Uncle_Earl;27109114]Ehh.... Why the fuck do people let freaking hackers have conventions? What's next? Al-Qaeda Congress at Berlin?[/QUOTE] [url]http://en.wikipedia.org/wiki/Full_disclosure[/url] If everyone knows about a problem, it gets fixed very fast.
Sorry, you need to Log In to post a reply to this thread.