The Chaos Computer Club has told the FT that in the couple of months it will be releasing code capable of cracking GSM with just a laptop and an antenna. In comments made to the German edition of the Financial Times, the hacking group claims that governments, and criminals, are already using the technique which can break the …
Smells like conspiracy
I bet the nerds club got some Qualcomm funding for that one. Their mistake, of course, was announcing what they plan to do before doing it (probably thought that they could milk it at both ends). Some GSM consortium who may risk loosing some money in all of this will probably just pay to have them all killed.
"will probably just pay to have them all killed"
Met up with a couple of old-skool CCC members at a music festival in Berlin two summers ago and spent a few hours chatting about biometric ids and their plans to steal Merkel's fingerprints (which they subsequently went and did). Awesome bunch of guys, couldn't praise their commitment to resisting state invasion of private life enough.
AC for obvious reasons.
GSM has been under attack for a *long* time.
That security by obscurity BS did them no favours. IIRC Israeli researchers were talking a crack which neede 1/2 an hour with the handset, but that was years ago.
The joker in the pack, as the writer points out, is the rising level of processing power individuals can bring to bear on the job.
I'm surprised that its taken a group like Chaos so long to get round to them.
"low-level drug dealers who've long relied on the security of GSM for their business"
No they don't, that's silly; the authorities already have all the wiretapping abilities they need to listen to dealers' calls, provided through lawful access facilities in the core network where the signals aren't encrypted any more, the police don't have to go and sniff signals out of the air.
What low level drug dealers rely on for their security is the anonymity of unregistered phone ownership, not the fact that the signals are encrypted over the first hop from their handset to the base station.
true... and I make sure to always talk in code when summoning my dealer
Dear Reg Editors
Seriously, WTF ? That's two utterly retarded articles from Bill Ray now, This is not the Grauniad FFS, I do not expect to see this type of sub Daily Mail crap in my much beloved El Reg news feed.
"which should have implications for celebrities using mobile phones, but will probably have a more immediate impact on low-level drug dealers who've long relied on the security of GSM for their business."
Should have flagged up some serious danger signs. It is crass, unsubstantiated, ridiculous bullshit which clearly demonstrates the authors lack of understanding of both communications security and "low level drug dealers".
Could you please, please, please either find someone to write about security who knows what they're talking about (no, step away from the keyboard, Goodin), or at least get Dziuba to do it so it is _entertaining_ bullshit.
They already know what you're calling for, they just want to know when and how often you call.
I friend who is a security researcher talked with the CCC guys about this stuff already last year AFAIRecall, they in fact had at athat time made various arrangements to make all the code etc public in case of their "disappearance".
Remember Tron: http://en.wikipedia.org/wiki/Tron_%28hacker%29
Hmm, I can't wait..
I'll get the relevant aerial/software e.t.c. and be able to hear
"Yeah, I'm on the train".
"Oh OK, I'll put your dinner in the oven".
What I actually want is a way to listen into text messages - I bet some filth flies through those airwaves, especially late at night! :)
Who uses A5/1 anyway?!?
When I was in Jersey on business my mobile roamed onto Airtel-Vodafone. Apart from having terrible lag on the call, any call that I had did not use any GSM encryption (i.e. ciphering was off) as indicated by an unlocked padlock on my phone screen during calls. Calls to both Airtel-Vodafone in Jersey and my home network Vodafone in the UK resulted in no change and claims from Customer Services of "all calls are secure". A5/1... that would be nice to have!
Most modern 2G GSM phones support A5/3 in addition to A5/1. If a phone supports A5/3 and the mobile network is willing to use A5/3 then this will be used instead of A5/1.
They were too busy off working on Projekt Blinkenlights
Laptop and an antenna?
Did nobody tell them about the Nokitel code?!
Selective and subjective policing/monitoring creates political prisoners?
"@James 47 # .... They already know what you're calling for, they just want to know when and how often you call." .... By Alt0n Posted Tuesday 25th August 2009 16:28 GMT
Could that be argued as wilful entrapment, should a prosecution/persecution ensue?