Wednesday, August 26, 2009

Huge GSM flaw allows hackers to listen in on voice calls

Note: This post comes from my friend "Mike". The previous post from the on this threat was full of egregious error and incorrect
statements regarding; "such as in countries still under ITAR* restrictions"

"* International Traffic in Arms Regulations - US restrictions on the export of cryptographic technology."

It should be noted that the majority of encryption regulations (and explicitly "
commercial encryption", such as (GSM) are under the jurisdiction of the Dept. of Commerce, Export Administration Regulations. The encryption rules were transferred from Department of State (ITAR) to the Commerce Department (BIS) in 1996. The only remaining "encryption regulations" under the US Munitions List (USML) are specific to "military and space applications" (ie., part 121, Category XI, Category XIII, and Category XV). Thanks to "Mike" for setting the record straight! J.D.L.

Recently at the Hacking at Random (HAR) conference, held in the Netherlands, Karsten Nohl detailed plans for cracking standard GSM cell phone encryption, known as A5/1, and will be making the results available for anyone to use. GSM stands for Global System for Mobile communications and is the most commonly used cell phone standard in the world, and is used in Europe, Africa, Asia, New Zealand, Australia, America and Canada.

The GSM flaw is massive and would affect not only businesses but individuals also as once the hack is complete it means anyone with a $500 radio card and a laptop will be able to listen in to GSM calls, making it easier for criminals to obtain personal data and making listening in on normal voice calls a real and everyday threat.


No comments: