> It was in the media over here in Germany some days ago. It seems to be a > fundamental flaw in the GSM design. AFIK, the attacker pretends to be a GSM > base station and can receive the call via a cell handover.
If I got that correctly, then the problem is that the cell phone authenticates itself to the base station, but the base station doesn't authenticate itself. In other words: The old problem of implicit trust. Tom Vogt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
