A usrp1 is not enough by current estimates. A usrp2 OTOH is. And you need 2 daughterboards.
On Sun, Jan 03, 2010 at 01:26:25AM +0100, GeleGrodan wrote: > The problem with comparing with aircrack-ng is that together with a > supported wifi-card (often built-in in laptops, or bought for ca 20usd) you > have a complete tool for capture and cracking, out of box. > If you compare that with this project, the cracking/decoding is just half > the part, you still need expensive hardware to capture the traffic. But > sure, if the tool is well made, its just a matter of money. > So if I understand everything correctly, what you need (in hardware) to > CAPTURE somebody's phone-call is: > USRP > Daughterboard > Some antenna > +Software of course > 700USD+150USD+35USD = 885USD > (http://www.ettus.com/order) > > Or am I missing something? > > On Fri, Jan 1, 2010 at 21:05, Fabio Pietrosanti (naif) < > [email protected]> wrote: > > > Hi all, > > > > this is a provocative email. > > > > IMHO we need "practical", really practical ability for hackers to > > "easily" make gsm hacking and gsm interception. > > > > We need something like aircrack-ng for WiFi, we need that anyone with > > basic knowledge and not that big costs could start playing and hacking > > gsm. > > > > Why? > > > > Because if we don't reach that goal the problem will be always there, > > GSM equipment is not going to be replaced easily. > > > > What's already happened with other technologies like 802.11/WEP? > > > > Until well known, cheap and easy to use attack tools was diffused the > > industry did not reacted by making WPA1, WPA2 and working on security > > awareness. > > > > The real sense of full disclosure is this. > > > > GSM is sensitive, mobile voice and data interception is a strong > > matter and companies, governments and various agencies does not want > > anyone being able to break it. > > > > The interception tool exists. > > > > But they costs a lot of money (200-600k) and officially can be brought > > only by governments (even if most private agencies have it...). > > So only private spies, organized crimes, law enforcement, secret > > services and military can use it. > > > > And the general feeling of the man walking the street is that "calls > > and data are secure". > > Because they don't feel the risk, a real risk for the system, for the > > economy, for the industry, for the democracy itself. > > > > If people does not "taste" the risk, they will not react. > > > > Is the "public" is not *strongly aware* about the problem, then > > problem for them DOES NOT EXISTS (like has been done in past 15 years). > > > > Mobile networks are building block of the information society, and > > information society is the building block of the information and > > services economy where we live. > > > > All past GSM hacking attempt got serious attention from authorities > > and big lobbies, there was always "legal" problem and "pressure" on > > the project founders. > > > > I think we should think about it seriously, Karsten also told in > > various talk about such kind of "pressure". > > > > The project should probably increase it's resilience to possible > > attacks to the project itself, with the creation of always up-to-date > > mirror of the informations and development environment, sharing of > > mailing lists subscribers to always keep the community up&running. > > > > Then on top of that framework it would be fine to get some financing > > for additional development and refinement and eventually even build > > some business around it to make it economically sustainable and reach > > the "point-click-sniff" tool. > > > > It's a very difficult step but if we want to really change the > > landscape of the mobile security we should reach a level that will > > "force" the industry to upgrade or when not possible to explicitly do > > awareness about the risk. > > > > On Windows Vista if i connect to an open wifi network i receive the > > advice that the network is insecure and someone could sniff the traffic. > > > > Well, let's force them to do awareness on the users if the don't want > > to upgrade, users should always know what they are using and what are > > their risks. > > > > Telecommunication companies account 3 quarter of the european high > > yield bonds (http://www.cadwalader.com/assets/article/HighYieldBondMk.pdf > > ), they are plenty of debt to invest in selling dumb sing and logos > > for mobile, restricting network neutrality of the internet and a lot > > of very nasty and lobbystic stuff. > > > > > > I would like to see them to invest more in securing the information > > society, that is the foundation of their business required to sustain > > their debt. > > > > Let's do everything to make the project reach a "point-click-sniff" > > tool, at least on software side. > > > > Let's release everything, with very precise documentation, so privacy > > activists can demonstrate the risks to the masses. > > Let's mirror everything across trusted networks. > > Let's get public donations and private funding to carry on the > > development. > > Let's increase documentation and community strength to expand the > > knowledge. > > > > That's my personal point of view, all you guys have made an excellent > > job, now we should not stop. > > > > We should goes on, let anyone insisting on privacy activism in the > > world, on information society right to "access" the technology that > > demonstrate how the industry acted. > > > > We need more people involved that will start using the "tools" around > > the policy and activism scene, that will make the process unreversible. > > > > Without an easy to use attack tool available for anyone that want to > > show up which are the risks, all this effort not reach the result. > > > > Citizens and politicians will not care about it, and worst things will > > do all the bests to say that "everything it's ok, it was just a fun > > stuff by some bunch of young hackers!". > > > > Fabio > > _______________________________________________ > > A51 mailing list > > [email protected] > > http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51 > > > _______________________________________________ > A51 mailing list > [email protected] > http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51 _______________________________________________ A51 mailing list [email protected] http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
