'Cellular group says mobile calls safe from hackers': http://www.reuters.com/article/idUSTRE60641G20100107
"The London-based GSM Association said on Thursday that it has spent the past few years figuring out ways to thwart hackers who might try to tap into wireless calls using Nohl's research, which it first learned of in 2007. GSM Association engineers have figured out a short-term solution to block eavesdroppers, said James Moran, head of security for the association. It involves making slight changes to the settings in each wireless operator's network. Carriers can quickly make those adjustments by tweaking existing features in the technology, Moran said in an interview." --clip-- Juha-Matti Gadi Evron [[email protected]] kirjoitti: > On 1/2/10 7:28 AM, Dan Kaminsky wrote: > > Pay no attention to the relatively large number of open source GSM base > > stations in development and preliminary deployment. > > The statement is just funny as GSM was completely broken years ago, I am > proud to say, largely by Israeli researchers at the Technion institute, > Elad Barkan and Eli Biham, as far as I know, as they share credit with > some others for previous work. > > http://tx.technion.ac.il/~barkan/academic/index.html > > This guy at CCC made it practical for the layman. > > So them saying it hasn't been explained in details is ridiculous. > > Gadi. > > > > > > On Fri, Jan 1, 2010 at 8:46 PM, Les Bell <[email protected] > > <mailto:[email protected]>> wrote: > > > > > > Juha-Matti Laurio <[email protected] > > <mailto:[email protected]>> wrote: > > > > >> > > GSM Association has posted their statement > > << > > > > From the statement: > > > > "So far, this aspect of the methodology has not been explained in any > > detail and we strongly suspect that the teams attempting to develop an > > intercept capability have underestimated its practical complexity." > > > > So, it's business as usual for the telecommunications industry, then: > > security by obscurity. Yep, that'll work. > > > > Best, > > > > --- Les Bell > > [http://www.lesbell.com.au] > > Tel: +61 2 9451 1144 > > > > > > _______________________________________________ > > Fun and Misc security discussion for OT posts. > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > Note: funsec is a public and open mailing list. > > > > > > > > > > _______________________________________________ > > Fun and Misc security discussion for OT posts. > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > Note: funsec is a public and open mailing list. > > > -- > Gadi Evron, > [email protected]. > > Blog: http://gevron.livejournal.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
