Posted on 01/02/2011 4:21:18 PM PST by decimon
Mobile calls and texts made on any GSM network can be eavesdropped upon using four cheap phones and open source software, say security researchers.
Karsten Nohl and Sylvain Munaut demonstrated their eavesdropping toolkit at the Chaos Computer Club Congress (CCC) in Berlin.
The work builds on earlier research that has found holes in many parts of the most widely used mobile technology.
The pair spent a year putting together the parts of the eavesdropping toolkit.
"Now there's a path from your telephone number to me finding you and listening to your calls," Mr Nohl told BBC News. "The whole way."
He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves.
"The one piece that completed the chain was the ability to record data off the air," he said.
(Excerpt) Read more at bbc.co.uk ...
/mark
Please let me know if you want on or off the Old Crow ping list.
Depending on who is using it, it is either a great way to work against terrorists or 'Big Brother' on steroids.
Garde la Foi, mes amis! Nous nous sommes les sauveurs de la République! Maintenant et Toujours!
(Keep the Faith, my friends! We are the saviors of the Republic! Now and Forever!)
LonePalm, le Républicain du verre cassé (The Broken Glass Republican)
You probably shouldn’t be saying anything to revealing on a cell phone anyways. I know for a fact that you can listen in on cordless telephone calls with a police scanner too fyi.
Jam me onto the list.
/johnny
Or on an elevator or lots of places. But people do.
Duhhhh!
It was programmed to do this by design, it was simply not intended that other than the cellular companies could do this.
They are human viruses.
Stories like these always kind of creep me out. Some days I feel paranoid, other days not paranoid enough.
Probably no point in putting me on the ping list, since I've not been involved in EW for nearly 40 years.
Individuals and groups poking and prying at technology that is widely available is one of the most useful and productive ways bugs and holes in the technology is discovered. A large number of the bugs that major software vendors patch with each patch cycle are discovered by unaffiliated researchers that report the vulnerabilites so that they may be fixed in later versions.
Or would you prefer we make it illegal to carry out such research so that the bugs and holes are found by less responsible individuals that don't report them so they may be fixed, but rather exploit the holes to use against you instead?
No thanks. Punish hackers publicly, severely (very severely) and do so reliably.
Let’s make tinkering with cars illegal too.
So GSM was in part relying on security through obscurity. That is always a failure in the end.
The encryption system that scrambles this data can be defeated using a huge list of encryption keys, called a rainbow table
If they're using rainbow tables, this is likely the cheaper GSM encryption. BTW, it's France's fault. Seriously. They didn't want strong encryption in the hands of the people, so they had the GSM encryption system dumbed-down.
Mr Nohl said that before now commercial equipment that could spy on calls cost upwards of £35,000.
So this is about proving it can be done on the cheap. That it can be done at all was proven long ago.
Tinkering with other peoples’ cars w/o their permission is illegal. If you want to write a program or an app and hack it, feel free. If you want to tinker with my car you can go to jail. If you want to tinker with the pollution control devices on your own car you will also be in trouble in many states and, lastly, if you want to advise others on how to circumvent the pollution controls on their cars you might well be in trouble as well.
These people have not been accused of illegally intercepting phone calls or tinkering with cell phones belonging to others.
If you want to tinker with the pollution control devices on your own car you will also be in trouble in many states and, lastly, if you want to advise others on how to circumvent the pollution controls on their cars you might well be in trouble as well.
The same tools used for a tune-up are the tools used to mess with emissions controls. Should we make the tools illegal? As for the know-how, I am of the opinion that neither knowledge, nor the spread of it, should be illegal.
You opinion regarding what the law should be is noted
For one, I know that Jefferson would have found the idea of criminalizing the common sharing of discovered knowledge abhorrent.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.