You need also:
Add:
1 PC Computer (new one if possible)
1 2tbytes hard disk (us$ 200 or more, depends on trademark)
1 pc user :)
Aprox us$ 2.500 to decode in realtime any GSM voice and message.
(without pc user salary jeje)
Multiply this by 5, to have LIVE A53 and Kasumi breaked.
Javier
> Date: Sun, 3 Jan 2010 02:52:22 +0100
> From: [email protected]
> To: [email protected]
> Subject: Re: [A51] Attacks tool is required
>
> A usrp1 is not enough by current estimates.
> A usrp2 OTOH is. And you need 2 daughterboards.
>
> On Sun, Jan 03, 2010 at 01:26:25AM +0100, GeleGrodan wrote:
> > The problem with comparing with aircrack-ng is that together
with a
> > supported wifi-card (often built-in in laptops, or bought for ca
20usd) you
> > have a complete tool for capture and cracking, out of box.
> > If you compare that with this project, the cracking/decoding is
just half
> > the part, you still need expensive hardware to capture the
traffic. But
> > sure, if the tool is well made, its just a matter of money.
> > So if I understand everything correctly, what you need (in
hardware) to
> > CAPTURE somebody's phone-call is:
> > USRP
> > Daughterboard
> > Some antenna
> > +Software of course
> > 700USD+150USD+35USD = 885USD
> > (http://www.ettus.com/order)
> >
> > Or am I missing something?
> >
> > On Fri, Jan 1, 2010 at 21:05, Fabio Pietrosanti (naif) <
> > [email protected]> wrote:
> >
> > > Hi all,
> > >
> > > this is a provocative email.
> > >
> > > IMHO we need "practical", really practical ability for hackers
to
> > > "easily" make gsm hacking and gsm interception.
> > >
> > > We need something like aircrack-ng for WiFi, we need that
anyone with
> > > basic knowledge and not that big costs could start playing and
hacking
> > > gsm.
> > >
> > > Why?
> > >
> > > Because if we don't reach that goal the problem will be always
there,
> > > GSM equipment is not going to be replaced easily.
> > >
> > > What's already happened with other technologies like 802.11/WEP?
> > >
> > > Until well known, cheap and easy to use attack tools was
diffused the
> > > industry did not reacted by making WPA1, WPA2 and working on
security
> > > awareness.
> > >
> > > The real sense of full disclosure is this.
> > >
> > > GSM is sensitive, mobile voice and data interception is a strong
> > > matter and companies, governments and various agencies does
not want
> > > anyone being able to break it.
> > >
> > > The interception tool exists.
> > >
> > > But they costs a lot of money (200-600k) and officially can be
brought
> > > only by governments (even if most private agencies have it...).
> > > So only private spies, organized crimes, law enforcement, secret
> > > services and military can use it.
> > >
> > > And the general feeling of the man walking the street is that
"calls
> > > and data are secure".
> > > Because they don't feel the risk, a real risk for the system,
for the
> > > economy, for the industry, for the democracy itself.
> > >
> > > If people does not "taste" the risk, they will not react.
> > >
> > > Is the "public" is not *strongly aware* about the problem, then
> > > problem for them DOES NOT EXISTS (like has been done in past
15 years).
> > >
> > > Mobile networks are building block of the information society,
and
> > > information society is the building block of the information and
> > > services economy where we live.
> > >
> > > All past GSM hacking attempt got serious attention from
authorities
> > > and big lobbies, there was always "legal" problem and
"pressure" on
> > > the project founders.
> > >
> > > I think we should think about it seriously, Karsten also told in
> > > various talk about such kind of "pressure".
> > >
> > > The project should probably increase it's resilience to possible
> > > attacks to the project itself, with the creation of always up-
to-date
> > > mirror of the informations and development environment,
sharing of
> > > mailing lists subscribers to always keep the community
up&running.
> > >
> > > Then on top of that framework it would be fine to get some
financing
> > > for additional development and refinement and eventually even
build
> > > some business around it to make it economically sustainable
and reach
> > > the "point-click-sniff" tool.
> > >
> > > It's a very difficult step but if we want to really change the
> > > landscape of the mobile security we should reach a level that
will
> > > "force" the industry to upgrade or when not possible to
explicitly do
> > > awareness about the risk.
> > >
> > > On Windows Vista if i connect to an open wifi network i
receive the
> > > advice that the network is insecure and someone could sniff
the traffic.
> > >
> > > Well, let's force them to do awareness on the users if the
don't want
> > > to upgrade, users should always know what they are using and
what are
> > > their risks.
> > >
> > > Telecommunication companies account 3 quarter of the european
high
> > > yield bonds (http://www.cadwalader.com/assets/article/HighYieldBondMk.pdf
> > > ), they are plenty of debt to invest in selling dumb sing and
logos
> > > for mobile, restricting network neutrality of the internet and
a lot
> > > of very nasty and lobbystic stuff.
> > >
> > >
> > > I would like to see them to invest more in securing the
information
> > > society, that is the foundation of their business required to
sustain
> > > their debt.
> > >
> > > Let's do everything to make the project reach a "point-click-
sniff"
> > > tool, at least on software side.
> > >
> > > Let's release everything, with very precise documentation, so
privacy
> > > activists can demonstrate the risks to the masses.
> > > Let's mirror everything across trusted networks.
> > > Let's get public donations and private funding to carry on the
> > > development.
> > > Let's increase documentation and community strength to expand
the
> > > knowledge.
> > >
> > > That's my personal point of view, all you guys have made an
excellent
> > > job, now we should not stop.
> > >
> > > We should goes on, let anyone insisting on privacy activism in
the
> > > world, on information society right to "access" the technology
that
> > > demonstrate how the industry acted.
> > >
> > > We need more people involved that will start using the "tools"
around
> > > the policy and activism scene, that will make the process
unreversible.
> > >
> > > Without an easy to use attack tool available for anyone that
want to
> > > show up which are the risks, all this effort not reach the
result.
> > >
> > > Citizens and politicians will not care about it, and worst
things will
> > > do all the bests to say that "everything it's ok, it was just
a fun
> > > stuff by some bunch of young hackers!".
> > >
> > > Fabio
> > > _______________________________________________
> > > A51 mailing list
> > > [email protected]
> > > http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
> > >
>
> > _______________________________________________
> > A51 mailing list
> > [email protected]
> > http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
>
> _______________________________________________
> A51 mailing list
> [email protected]
> http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
¿Te llegan demasiados emails? Organizate con Hotmail. ¡Creá carpetas
para todos tus correos!_______________________________________________
A51 mailing list
[email protected]
http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
