image

It should have been obsolete by now. It has lived it’s life. In an era where an average life of a technology is not more then 5 years, GSM survived a whole 21 years! This in itself is an achievement but nevertheless the very prospect of GSM being broken is scary. There are an estimated 4.3 billion cell-phone in the world out of which 3.5 million use GSM, the reason being that it was the industry standard because of it’s unbreakable security which provided secure conversations to mobile phone users.

The credit goes to a German computer scientist who was only 7 when GSM was made in UK at the GSM consortium, the society which formulated the standard and had been it’s patron ever since.

image

Name: Karsten Nohl

Profession: Computer Scientist

Claim to Fame: Broke the GSM code book putting 3.5 billion GSM user’s privacy at stake

<update> Mr. Nohl is in no way a black hat as one of the commentators pointed out. He must be taken as a Hero to expose the real culprits who brought this upon themselves, the GSM society. There must have been continuous updates to the algorithm.</update>

Out of the 3.5 billion wireless GSM connections, 99 million are in North American region alone. So what does this all mean? Simple. Now anyone with as little as $2000 in his/her pocket will be able to get cheap surveillance hardware and software off the shelf and use this GSM code book which is now available on torrents (sorry, you got to search that yourself) and use it to eavesdrop on your conversations. So much for privacy.

And it further seems that the GSM society has gone nuts. In their widely published statement to whitewash this medicated disaster said:

"We strongly suspect that the teams attempting to develop an intercept capability have underestimated its practical complexity,” GSM said in a statement. The association noted that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted."

This is total idiocy. Why would anyone who wants to eavesdrop on you think about copyright infringement?

We will keep you updated on further developments and possibly share with you the broken key remaining within the lawful limits though.

Update 1:

The battle between AT&T and Verizon over who would be the next carrier for iPhone 4G which is expected to be released in the second quarter of 2010 is going to take more heat since AT&T is GSM and Verizon is CDMA which is still relatively a lot secure then the now-broken GSM. What’s your take on this?

[Reddit this]

[image courtesy of Miloh]

Using brain dumps, you will pass real test on first try. Download the up to date ccna dumps to guarantee pass your certification exam.