Hi Karsten:
I will like to give you more info.
Preliminary info: It is totally legal to listen, decrypt or decode your own
mobile phone worldwide. I have an international radio license from United
Nations, and read all legal stuff about this with lawyers.
What could be illegal, is to distribute or use against another party.
The problem is that cell operations do not want to invest in upgrading the
technology, now OBSOLETE. As you know, GSM Rainbow Tables are available
worldwide since 1998. Many Spy Shops are NOW selling the equipment for u$s
500.000.-! (i could post all sellers)
It could decode and listen to a conversation in 2-3 seconds MAXIMUM. The main
problem for them is the active channels to monitor 4-8-12-16. More control
channels, more hardware, more expensive.
Academic research is totally legal. Radio first code was MORSE. So, GSM is
similar. The problem is that commercial people do not want to upgrade their
technology ($$$). And prefer to persuade people investigation.
Nowadays, WPA-Wireless is also easily intercepted, 3G or KASUMI could be
decoded also, AES256 U.S. official govermement algorythm could be attack easily
since Asiacrypt2009, etc. NSA or any agency are implementing their own private
distributed networks (check accessdata.com)
What I suggest is to use private and stronger crypto systems. Solution: PRIVATE
Networks. (Like TETRAPOL)
Javier
> From: [email protected]
> To: [email protected]
> Date: Wed, 30 Dec 2009 12:07:50 +0100
> Subject: [A51] No demonstration at 26C3 today
>
> Dear list,
>
> Congratulations to the discussion we started on the security of A5/1.
> This was the primary goal and we did it in very challenging time
> frame. Thanks to everyone!
>
> The demonstration planed for today is canceled. Let me explain the
> reasons and perhaps start a discussion on how the project should
> progress from here:
>
> A. The GSMA and some of its members make strong claims that what we
> do is illegal. We do not believe that is the case and that this
> research has not once crossed the line into illegality. However, not
> being lawyers ourselves and knowing how complex wire-tapping laws are,
> we want to reconfirm with our counsel that using the rainbow tables
> for academic purposes is legal.
>
> B. Starting the discussion on how much security GSM deserves was one
> of our main goals. We did it. The next steps must not contradict this
> positive message we want to get across. I'll put this as a question to
> the list: Do we risk killing a positive dialogue with operators and
> suppliers by providing attack tools too fast? I understand that we are
> 15 years into hacking GSM, but it did hit some industry players as
> news this week. Would it be fair to give them a few extra weeks to
> digest what should have been known years ago?
>
> Please let me know what you all think ...
>
> Cheers,
>
> -Karsten
> _______________________________________________
> A51 mailing list
> [email protected]
> http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
_________________________________________________________________
Windows Live Messenger GRATIS: lo que faltaba en tu BlackBerry
http://www.messengerentublackberry.com?ocid=WL_BB_LandPage_TagLine_______________________________________________
A51 mailing list
[email protected]
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
