The Register® — Biting the hand that feeds IT

Feeds

Cell phone eavesdropping enters script-kiddie phase

Independent researchers have made good on a promise to release a comprehensive set of tools needed to eavesdrop on cell phone calls that use the world's most widely deployed mobile technology. “The whole topic of GSM hacking now enters the script-kiddie stage, similar to Wi-Fi hacking a couple years ago, where people started …

This topic is closed for new posts.
Byles
Black Helicopters

You stalker

So I won't need my wife's phone to read her text messages any more? Perfect!

some vaguely opinionated bloke
WTF?

Oslow?

Is that the bit of Norway where the average height above sea level is -1m?

Arctic fox
FAIL
Reply Icon

Likely but.........

....if you actually lived here (do you?) you would be aware that most of the rest of my mother's homeland is fairly, what shall I say, vertical? Where I live moreover the landscape is VERY steep.

Anonymous Coward
Pint
Reply Icon

No, it's the bit...

where it takes a week to get served with a beer.

(whereas the rest of Norway it just takes a week's work to buy it)

A J Stiles
Big Brother

Blame the Government

The telephone companies had the ability -- and, originally, the intention -- to make GSM properly secure end-to-end. Governments ordered them not to, so they could spy on the people who pay their wages. You know, in case they were terrorists or drug dealers or something that they haven't banned yet.

Seems nobody is ever going to learn that "secure back door" is a contradiction in terms.

Fraser
Reply Icon

Err...

The monitoring carried out by government is at the exchange/switch, not over the air.

Anonymous Coward
Anonymous Coward

BitTorrent?

So how long before the phone companies seed the torrents with 1.7GB of rubbish, just as the music companies did for MP3s?

There's no real story here. No encryption scheme is unbreakable, a commercially viable lifespan is the best you can hope for. You don't need to upgrade to a more secure system just because it exists, the upgrade has a cost in terms of infrastructure and client equipment replacement. You upgrade when the risk of damage outweights that cost. For most people, most of the time, security of conversations is irrelevant. If it were otherwise they wouldn't have them in public places.

Just as with WEP, once computers get fast enough, a scheme that's not viable to break today will become breakable easily tomorrow, and the cost of a better one will become affordable. When the cost/harm equation tips to the right side, it will be replaced. Happened to WEP, happened to satellite./cable TV, it'll happen to GSM.

If what you have to say is really that confidential, it's worth the cost of a plane ticket to say it in person, or a separately-encrypted datastream.

copsewood
Boffin
Reply Icon

No encryption unbreakable ?

Depends upon your value of unbreakable. An energy calculation of all the possible states of an AES256 key suggests you can't try them all given the limited energy in the universe. Doesn't stop you from guessing an AES key and getting it right first time, but you are a lot more likely to win the lottery 10 times in a row without a break. You might also find a non-linearity in AES256 making it susceptible to brute forcing or meet in the middle attacks given enough known plaintexts with a mere 2^128 operations or so and an unfeasibly large rainbow table assuming bits can be stored using single atoms in future. However, no cryptography expert who has found any serious flaw in it seems currently to want the valuable international reputation that would go with an effective published attack, suggesting not even the NSA are aware of one.

Graham Marsden

"MSI detach can be used...

"... to prevent a given cell phone from receiving SMS messages and incoming calls. All that's needed is the target's phone number"

Great! Now how do I get the phone number of the annoying twat who is sitting in the Quiet Carriage on the train yakking at the top of their voice and ignoring the signs saying "NO MOBILE PHONES"...?

Richard Taylor 2
Pirate
Reply Icon

There is a better solution

A simple homebrew or purchased $50 disruptor. Every time the eejit rings or answers his phone - zap

Anonymous Coward
Paris Hilton

IMSI Catchers

Haven't these devices been around for years? They are even legal in some countries.

max allan

Not really script kiddy yet

If you read the descriptions of how to do this, you need some fairly expensive kit, then you need to capture the entire GSM spectrum to deal with channel hopping (I would have thought they could have figured out the sequence, but apparently not) then reassemble it into a stream and then you can decrypt it and play it back.

(I think that's what's going on anyway, I may be wrong!)

The coding/processing side of decryption looks like it's script kiddie level but not the data capture.

Yet...

Anonymous Coward
Anonymous Coward
Reply Icon

Yip thats my take on it as well.

When you can download it from an appstore onto some off -the shelf hardware - then and only THEN will it be script kiddy level. But seriously why should it ever be at that level. I have seen and known enough morons who are point and click nightmares that making thinks too simple. Too much dumbing down goes on, a torrent of the rainbow table is about as much pointy clicky as I'd like to see on this

My front door is secure as I have the key, I would not go handing out keys to strangers, especialy those of parralels to script kiddies which would be asbo kid. Anybody making this any easier than it already is, is frankly doing just that. Those that need to get involved and anybody who wants to know this can, they just have to be responsible and knowing how to do it as it stands is about as close a trade-off for responsible as I'm confortable with. That said I did move to 3G over a year ago now becasue I've watched too many X-Files :D.

Oh and if your on a train and dont have a jammer and it's a non-phone train -- take apicture of them with the no-phone sign in the background - they soon stop there call. If they confront you just say its for my websight - moronsontrains.com or whatever and then ignore them. Pick train with active CCTV and dont be afriad to point that out as well as a precedence that they allowe filming/picture taking in that space but not phone calls ;). But thats only if there a load larry type talking general non urgent chat. If there on there phone to there mum, don't even think about stepping in as nobody can argue with that in any situation.

Trevor_Pott
Reply Icon

@Max Allan

What it means is that individual corporations can now use it to spy on each other rather than requiring the resources of a largish government. We haven't gotten to the point of individuals spying on each other, but it is only now a matter of time...

boltar
Thumb Down

I'm sure GCHQ has been able to do this for years...

... along with most other western and russian intelligence agencies so I'm not sure what this programmer thinks he's achieving other than being a self important prick and bigging up his ego by showing off his skills. But I guess for the sort of social and emotional inadequates who have nothing else better to do with their lives than sit in their bedrooms and hack stuff I guess thats enough.

John Smith 19
Troll
Reply Icon

Do not feed

that is all.

Paul Smith
Big Brother

@boltar

What makes you think that GCHQ can (or would want) to do this. If they want to listen to a call, they go through the phone company with bribery or blackmail, the same way any self respecting journalist would.

boltar

@Paul smith

"What makes you think that GCHQ can (or would want) to do this."

On site flexibility obviously. Why go to the bother of tapping into a base station or some other network facility when you can just switch on your kit and grab as many phone conversations as you want off the air for later decoding. If your following a suspect he could go anywhere and use any phone so how will you know before the even twhich phone company to talk to or employee to bribe with all the associated hassle that goes with it?

Dino Saur
Alert

Bit of an understatement

"It has yet to be adopted as mobile operators fret that the change will be expensive and won't work on older handsets."

What you mean is that it will cost the operator a whole new network (or biggest part thereof) and won't work with any handset designed which doesn't incorporate A5/3. That's something you more than 'fret' about. At least for the cost aspect.

Operators **don't care** that it doesn't work with most handsets. They only care when their biggest corporate customers start to get scared that someone can listen to their calls. They have introduced counter-measures against A5/1 cracking, but they generally only increase the time taken, not prevent it. When they introduce A5/3, do you think we'll see any adverts about improved security? No, it'll only be discussed with the types who want more security.

But look out for some of our biggest and oldest mobile operators suddenly announcing major upgrade programs for their networks.

EmperorFromage
Black Helicopters

Who watches the SIM card makers ?

The venerable Swiss crypto maker Crypt AG was little match for the subversive skills of the NSA when they wanted a back door into Iranian diplomatic communications. I have a suspicion SIM card makers are even more of a pushover when the men in black come knocking with polite requests for copies of embedded crypto material embedded in SIM cards as they leave the factory floor.

This way, the NSA won't even have to break A5/3 when doing intercepts in foreign territories

Wpgwill
Happy

VOIP Over 3G..

Perhaps for paranoid people, there is another good reason to use it.

ForthIsNotDead
Black Helicopters

Well...

Ring ring.... Ring Ring...

"Hello darling! What's up?"

"Hello sweety! All's fine. Was going to take the dog for a walk but weather doesn't look too good. What time are your coming home?"

"Ooh, I'll be back about 6.00 - traffic permitting."

"OK, great. I'm cooking us a nice chilli. Could you stop off at Tesco's and buy some red beans. I just looked and we don't have any."

"OK love. Will do. See you later. Love you!"

"Love you too! Mwah!"

"Mwah"

<click>

That's about the sum total of my mobile telephone conversations. If anyone wants to evesdrop on that, well, be my guest. But you'd probably get more entertainment watching the telly...

We need a <shrug> icon!

John Sturdy
Black Helicopters
Reply Icon

That's cause for arrest!

That's obviously just the kind of conversation used to disguise a coded message. Tell us the code, or else!

This topic is closed for new posts.