 klipko
join:2006-06-28
Portland, OR | reply to PaulTTU
Re: Not a big deal said by PaulTTU:It does not mean that all your GSM calls are now instantly decryptable by strangers. Too add. A person or persons will need sophisticated hardward (RF, bandband, antennas, etc.) and software in order to put into play. Not your standard weekend project. |
|
|
|
 tacomaBleeding Dodger BluePremium
join:2001-05-18
Rancho Cucamonga, CA | said by klipko:said by PaulTTU:It does not mean that all your GSM calls are now instantly decryptable by strangers. Too add. A person or persons will need sophisticated hardward (RF, bandband, antennas, etc.) and software in order to put into play. Not your standard weekend project. Just $4k worth of easily purchased equipment.
Yea, nothing to worry about here folks. |
|
PaulTTU
join:2009-02-12
Cookeville, TN
1 edit | said by tacoma:Just $4k worth of easily purchased equipment. Yea, nothing to worry about here folks. That just gets you the signal, you still have to decrypt it. Decrypting it is still a nontrivial exercise even with the algorithm.
It's also illegal, making off the shelf scanners hard to come by, not that it would stop anyone »en.wikipedia.org/wiki/Scanner_(r···n_the_US |
|
cbs228Geeks Of The World, Unite
join:2000-09-04
Saint Louis, MO
1 edit | said by PaulTTU:It's also illegal, making capable parts hard to come by Hardly. You can do it with one of these and a tiny little bit of electrical design knowledge. In fact, someone even built their own GSM base station using this very same hardware, and they used it to offer basic mobile service at Burning Man. So much for not being able to get operable radios. The basic hardware costs maybe $2000 – $4000 USD, and that's a drop in the bucket for organized crime, corporate spies, political organizations, or even John Smith the identity thief. I'd stop banking by (GSM) phone, if I were you.
As an electrical engineering graduate student, the idea that a few filters, some oscillators, and an A/D converter would be difficult to come by is appallingly laughable. The superheterodyne receiver has been around for decades, and many undergrads and amateur radio operators could make one without much difficulty. The carriers can say what they like, but this threat is very real.
I think that we need to accept that our telephone network is fundamentally insecure and take the necessary steps to fix it.
Edit: fixed quote.
--
At our school, we don't earn a degree when we graduate—we earn π/180 radians!
GENERAL FAILURE READING ©: DRIVE
(A)bort, (R)etry, (F)rivolous Lawsuits, (B)ribe Congress? |
|
| I completely agree. The USRP/USRP2 + GNUradio make the majority of the radio spectrum from ~0 Hz to 5.8 GHz yours to transmit and receive, ignoring any applicable FCC laws for transmission and interference stuffs. Software defined radio is becoming reality.
In order to build your own hardware (and subsequent software), the hard part is programing the software (and hardware should there be and FPGA) and building properly working hardware, NOT in obtaining the physical chips needed to create the device. Although... I did hear about some talk that ?????? (probably the MAFIAA and big time media corporations) want high speed ADCs/DACs, FPGAs, and such be restricted. I think this is ludicrous to suggest doing that. The entertainment industry would have to pay off alot more than just congress, pretty much every IC chip maker would have to paid off. Even then, people would just start salvaging the chips. |
|
KearnstdElf WizardPremium
join:2002-01-22
Mullica Hill, NJ | and ordering from non US based sites. |
|
PaulTTU
join:2009-02-12
Cookeville, TN | reply to cbs228
I fixed the illegal comment to make it more suitable for you. You can get SAW filters and LNA's in the GSM range without a problem for a few dollars. Use an ADC and you have the digital GSM signal. You could use a TI TMS320DM643x and bypass the FPGA programming. You don't need $4k worth of parts, especially if you're only planning on listening in on one connection.
GSM Antenna -> SAW -> LNA -> DSP , $40
Then what? How do you decrypt the signal?
I still trust SSL for banking online, I don't see how an application that uses SSL on my phone would be different, even if I'm broadcasting the encrypted data stream open air. |
|
cbs228Geeks Of The World, Unite
join:2000-09-04
Saint Louis, MO | said by PaulTTU:Then what? How do you decrypt the signal If you read the original research, you will find that the only piece of the decryption puzzle that is missing is a software library for passively analyzing GSM control and data packets—similar to how wireshark extracts, reassembles, and interprets IP packets. This is necessary to determine which bits belong to which calls, and who is calling whom. The open source community hasn't done this yet, but there is nothing that makes this impossible... or even particularly difficult. The GSM control channel is sent completely in the clear, making decoding a relatively trivial process.
More disturbing, however, is the researcher's finding that phones are completely vulnerable to man-in-the-middle attacks from "rogue" base stations. Base stations do not authenticate themselves to handsets—a handset simply assumes that any base station that says "I'm an AT&T cell" or "I'm a T-Mobile cell" automatically has a right to be there. The original researcher was able to use existing, publicly-available software and hardware to create a fake base station that could intercept calls. Doing this obviates the need to break the encryption at all. The attacker would still need to find some way of connecting these calls to the phone network, but anyone motivated enough to do any of this could probably think of something.
said by PaulTTU:I still trust SSL for banking online Indeed, but I was referring to the actual process of calling a bank (i.e., on a voice channel) and asking them (or their automated menu system) to do something.
--
At our school, we don't earn a degree when we graduate—we earn π/180 radians!
GENERAL FAILURE READING ©: DRIVE
(A)bort, (R)etry, (F)rivolous Lawsuits, (B)ribe Congress? |
|
