[img]http://www.blogcdn.com/www.engadget.com/media/2010/12/max-smart-shoe-phone.jpg
[/img]It's hardly a fresh idea -- researchers have claimed that GSM
calls could be cracked and listened in on for years. But there's a
difference between being able to do something with a $50,000 machine
and a warrant, and being able to do the same thing with a few $15
Motorola phones, a laptop, open source software and 180 seconds of
spare time. Security Research Labs researcher Karsten Nohl and
OsmocomBB project programmer Sylvain Munaut recently spoke about a new
GSM hack at the Chaos Computer Club Congress in Berlin, and they were
able to walk the audience through the eavesdropping process in a
matter of minutes. According to them, it's not terribly difficult to
use a $15 handset to "sniff out" location data used to correctly route
calls and texts, and once you've nailed that down, you could use
modified firmware to feed raw data into a laptop for decryption. Using
a 2TB table of precomputed encryption keys, a cracking program was
able to break in within 20 seconds -- after that, you're just moments
away from recording a live GSM call between two phones. Of course,
speeches like these are made to encourage security officials to beef
up the layers between you and ill-willed individuals, but it's hard to
say what (if anything) will change. For now, we'd recommend just
flying to each and every person you'd like to speak with. Unless you
live in the Greater New York area -- you're probably better off
risking a hacked conversation than heading out to LGA / JFK / EWR.
No comments:
Post a Comment