Black Hat: listening to the GSM networks

Two researchers have pointed out security flaws of the GSM standard at a conference Black Hat.

The GSM mobile phone is now largely dominant throughout the world, but it is not immune to security vulnerabilities. This was reiterated by two researchers last month showing how it was possible in less than 30 minutes, to reach listen mobile calls in an area of 30 km radius) from applications and ” relatively inexpensive equipment.

Last week, they presented at a conference Black Hat Europe in recent improvements to their work, which will enable them to have access to 95% of traffic GSM networks, always in less than 30 minutes.

At the mercy of prying ears?
The two researchers put forward a certain weakness for the security of the GSM standard, which has changed little despite numerous warnings. For Steve Muller, one of the demonstrators: “We hope that the mobile operators will finally be concerned about the security of their networks. In ten years, they did nothing. The only language they understand is that of income. But when they start losing, then they concerned about it. ”

For it is in 1998 that calls A5 Encryption / A5 and 1 / 2 unveiled their vulnerability. And if listening equipment are expensive (up to $ 1 million), the method invented by Steve Muller and David Hulton is much more economical.

By studying the transmission between a mobile phone and base station to the initiation of a call encrypted, they managed to decode the mechanism. And now they plan to commercialize their technology, which would generate eavesdropping on GSM networks relatively easily … if their plan succeeds.

Leave a comment