I'm not sure if this was posted to list already: "The demonstration of cracking A5/1 at 26C3 planed for today [30th Dec] is canceled."
http://events.ccc.de/congress/2009/wiki/Workshops#Day_4_-_2009-12-30_Wed http://events.ccc.de/congress/2009/wiki/The_demonstration_is_canceled Juha-Matti Juha-Matti Laurio [[email protected]] kirjoitti: > 'Cellular group says mobile calls safe from hackers': > http://www.reuters.com/article/idUSTRE60641G20100107 > > "The London-based GSM Association said on Thursday that it has spent the past > few years figuring out > ways to thwart hackers who might try to tap into wireless calls using Nohl's > research, > which it first learned of in 2007. > > GSM Association engineers have figured out a short-term solution to block > eavesdroppers, said James Moran, > head of security for the association. > It involves making slight changes to the settings in each wireless operator's > network. > > Carriers can quickly make those adjustments by tweaking existing features in > the technology, Moran said in an interview." > --clip-- > > Juha-Matti > > Gadi Evron [[email protected]] kirjoitti: > > On 1/2/10 7:28 AM, Dan Kaminsky wrote: > > > Pay no attention to the relatively large number of open source GSM base > > > stations in development and preliminary deployment. > > > > The statement is just funny as GSM was completely broken years ago, I am > > proud to say, largely by Israeli researchers at the Technion institute, > > Elad Barkan and Eli Biham, as far as I know, as they share credit with > > some others for previous work. > > > > http://tx.technion.ac.il/~barkan/academic/index.html > > > > This guy at CCC made it practical for the layman. > > > > So them saying it hasn't been explained in details is ridiculous. > > > > Gadi. > > > > > > > > > > On Fri, Jan 1, 2010 at 8:46 PM, Les Bell <[email protected] > > > <mailto:[email protected]>> wrote: > > > > > > > > > Juha-Matti Laurio <[email protected] > > > <mailto:[email protected]>> wrote: > > > > > > >> > > > GSM Association has posted their statement > > > << > > > > > > From the statement: > > > > > > "So far, this aspect of the methodology has not been explained in any > > > detail and we strongly suspect that the teams attempting to develop an > > > intercept capability have underestimated its practical complexity." > > > > > > So, it's business as usual for the telecommunications industry, then: > > > security by obscurity. Yep, that'll work. > > > > > > Best, > > > > > > --- Les Bell > > > [http://www.lesbell.com.au] > > > Tel: +61 2 9451 1144 > > > > > > > > > _______________________________________________ > > > Fun and Misc security discussion for OT posts. > > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > Note: funsec is a public and open mailing list. > > > > > > > > > > > > > > > _______________________________________________ > > > Fun and Misc security discussion for OT posts. > > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > Note: funsec is a public and open mailing list. > > > > > > -- > > Gadi Evron, > > [email protected]. > > > > Blog: http://gevron.livejournal.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
