funsec mailing list archives
New attacks on GSM mobiles and security measures shown
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 2 Jan 2012 11:16:44 -0500
http://www.h-online.com/open/news/item/28C3-New-attacks-on-GSM-mobiles-and-security-measures-shown-1401668.html At the 28th Chaos Communication Congress (28C3) in Berlin, security researchers have demonstrated a new technique for attacking GSM mobile phones. Karsten Nohl from Security Research Labs and his colleague Luca Melette have demonstrated a technique for using a mobile phone emulator based on open source software to make calls and send texts to expensive premium rate phone numbers. Nohl says that the attack carries a high risk of abuse and is already being actively used by criminals. In contrast to other known attacks, most of which are aimed at listening in on phone conversations, this attack poses a threat to anyone with a GSM mobile phone. The new threat is based on prior work by the team of cryptographic experts. At last year's congress, Nohl and his team demonstrated a method of rapidly decrypting and listening in on GSM phone calls using an upgraded low cost mobile phone, a laptop and the open source application Osmocom. The technique exploited a known vulnerability in the widely used A5/1 encryption algorithm. To use the technique, an attacker needed to know the Temporary Mobile Subscriber Identity (TMSI) and secret key. ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- New attacks on GSM mobiles and security measures shown Jeffrey Walton (Jan 02)