NEWS
If you are using a GSM phone - the 2G standard used by the majority of the world's mobiles - you are likely to have just a few more months before it will be easy for practically anyone to spy on your communications.
Security researcher Karsten Nohl is launching an open-source, distributed computing project designed to crack the encryption used on GSM phones and compile it into a code book that can be used to decode conversations and any data that gets sent to and from the phone.
He hopes that by doing this it will spur cellular providers into improving the security of their services and fix a weakness that has been around for 15 years and affects about three billion mobile users.
"We're not creating a vulnerability but publicising a flaw that's already being exploited very widely," he said in a phone interview on Monday.
"Clearly we are making the attack more practical and much cheaper, and of course there's a moral question of whether we should do that," he said. "But more importantly, we are informing [people] about a longstanding vulnerability and hopefully preventing more systems from adopting this."
Read this
A-Z of security
- A is for Antivirus
- B is for Botnets
- C is for CMA
- D is for DDoS
- E is for Extradition
- F is for Federated identity
- G is for Google
- H is for Hackers
- I is for IM
- J is for Jaschan(Sven)
- K is for Kids
- L is for Love Bug
- M is for Mircosoft
- N is for Neologisms
- O is for Orange
- P is for Passwords
- Q is for Questions
- R is for Rootkits
- S is for Spyware
- T is for Two-factor authentication
- U is for USB sticks/devices
- V is for Virus variants
- W is for wi-fi
- X is for OS X
- Y is for You
- Z is for Zero-day
This weakness in the encryption used on the phones, A5/1, has been known about for years. There are at least four commercial tools that allow for decrypting GSM communications that range in price from $100,000 to $250,000 depending on how fast you want the software to work, said Nohl, who previously has publicised weaknesses with wireless smartcard chips used in transit systems.
It will take 80 high-performance computers about three months to do a brute force attack on A5/1 and create a large look-up table that will serve as the code book, said Nohl, who announced the project at the Hacking at Random conference in the Netherlands earlier this month.
Using the code book, anyone could get the encryption key for any GSM call, SMS message, or other communication encrypted with A5/1 and listen to the call or read the data in the clear. If 160 people donate their computing resources to the project, it should only take one and a half months to complete, he said.
Participants download the software and three months later they share the files created with others, via BitTorrent, for instance, Nohl said. "We have no connection to them," he added (page two)...
Comments
There is 1 comment. Join the discussion
1. Richard Davies
What this person intends to do is morally wrong and should be prevented by an authority if needs be.
It is one thing to publish the existence of a vulnerability in order to spur people on to fix it, but something entirely different to then provide the means for every man and his dog to exploit it...especially when so many people are affected.
At the moment it seems that the exploit is only available to those with alot of spare cash.
When WEP was cracked, people could simply use another level of encryption, but in this instance it doesn't seem like for most, this will be an option; In alot of places GSM is all that is available and most phones won't give users the facility to use a custom encryption!