So now that Karsten Nohl finally showed everyone how you can be listening to GSM phone calls of other people in 10 Minutes flat using hardware you can almost pick up from anywhere, Something needs to be done fast.
GSM, a 20 year old system has become vulnerable with new processors that can compute faster and faster, to be more specific Karsten used nVidia CUDA’s (Yes, modern nVidia graphic cards in your PC), where hundreds of processors exist on every card with an instruction set large enough to do the computations.
it won’t be long before most networks find solutions, but it is the headsets that are going to be on the market that are the problem, it will probably take some time to get them out of the market and a bit longer to get the off the streets
The bottom line is this, people not so familiar with the security industry think he has done harm to everyone, while in reality, he has done you a favor that you should be grateful for, since he decided this is a public project, because usually, there are people who come to the same results and do not publish them, and you wouldn’t even know that eavesdropping is possible on your mobile phone, and those money driven companies would not be urged to do anything about it.
Don’t have this mixed up with the phone monitoring some governments like the American federal government practice, that one is not a vulnerability of GSM but rather the telecom recording your phone calls, but this one IS a vulnerability, and that girl next door that had a crush on you is listening to your phone calls
Anyway, if you want to know more, or even want to know who the guy living next door is seeing check out the AirProbe website (Official website for this project), and one last thing, i forgot to tell you you need a degree in CS more or less to make any sense of what is on that website, the bottom line is, this one is cracked, take us to the next level Motorola…
For the Karsten’s website see http://www.cs.virginia.edu/~kn5f/.
And for the presentation demonstrating the cracking see this http://events.ccc.de/congress/2009/Fahrplan/attachments/1479_26C3.Karsten.Nohl.GSM.pdf
Mind you that GSM is over 80% of the market, and it is the newer technology, i remember when one company in Israel had older technology where you sometimes hear other people’s conversations very clearly, I remember because one of my friends from Israel had a phone that worked from Jordan, and we could clearly here other people’s conversations, not intentionally, but you would be talking from his phone and suddenly you would hear the other party in addition to 2 more people talking, the plenty of fun it was is beyond the scope of this post
NOTE: It comes as no surprise that GSM has been cracked, for example 256bit SSL Certificates have become the standard these days because it is expected that breaking 128bit SSL Security will be possible in a timely manner in 2011, or to restate this better, in 2011 computers will be fast enough (CPUs and GPUs) to break 1024bit SSL security in a timely manner.
Enjoy the complicated new world my friends where nothing is as it seems….