GSM Hacked (again)

This time it's a man-in-the-middle approach but still pretty interesting. Details are thin at the moment but the article talks about the use of HAM radio equipment to pull it off. There is a matching California-based callsign in the FCC database with the same name though I don't know if it's the same person.

http://www.darkreading.com/security...icleID=226500010&cid=nl_DR_DAILY_2010-08-02_t

 

WOW INTERESTING, ED

 

He is into remotely reading RFID tags, too. RFID technology is being considered for personal IDs like driver licenses.

http://venturebeat.com/2010/07/30/hacker-tries-to-read-a-radio-identification-tag-from-29-floors-up/

 

the major cred card companies have been rolling out RFID enabled cred cards for a couple of years now.
The new passports are also RFID enabled.

This brings identity theft to a new level.

 

Just so you know, most of these guys are professionals and do this stuff for fun -- mainly to expose the security flaws, etc..., but also to show off. The attendees at these gatherings are typically not skilled enough to replicate their results. Usually the industry is aware of the exploit and works to fix it, but in some cases they pretend it doesn't exist.

 

We got new Govt ID cards issued lately (FAA Tech Ops) and with the card they gave us all plastic/metal cases to prevent ID theft. I'm out here at the Academy in OKC right now (I hate portable HF oper) and noticed in the bookstore yesterday that the protective cases are all the rage. I'm thinking about getting some for my wife's cards, and mine too.

 

Think Geek and several other places are selling RFID-proof wallets, etc... Someone even sells a stainless steel fabric sleeve or wallet too. Most of the RFID devices that actually carry sensitive data are encrypted. The ones that are easily read typically have a mutually exclusive serial number that indexes data or an account stored elsewhere.

 

DISCLAIMER: I AM NOT A LAWYER AND THIS IS NOT LEGAL ADVICE

Here's some speculation, however...

According to Wikipedia,only non-USA GSM occupies frequencies an Amateur Radio station might lawfully transmit on.
T-GSM-410 410.2–419.8 uplink 420.2–429.8 downlink
R-GSM-900 876.0–914.8uplink 921.0–(928) 959.8 downlink
T-GSM-900 870.4–876.0 uplink 915.4–921.0 downlink

While any transmission inside our allocations seems fair game, there are still State laws that forbid listening to telephone calls.

A Part 15 device sidesteps Amateur Rules regarding frequencies and modulation types, and this may have been done. Anyway, insofar as GSM is encrypted, it is off-limits to an Amateur station. And decrypting is off-limits to a third party receiver not authorized by the caller.

The Electronic Communication Privacy Act made it a felony to make, use, import or sell a scanning receiver capable of demodulating digital (cellular) telephone calls. GSM uses a number of channels and requires a receiver that can scan to the channel to be used and is likewise digital, so the presenter may run afoul of the ECPA. (Using an actual GSM phone may avoid this.)

Security research sometimes violates laws, policies and rules. For example, people investigating the vulnerability of encryption schemes have run afoul of the RIAA, which doesn't want anyone looking into the encryption it uses for music, or of the DMCPA (Wikipedia link), which criminalizes it. It seems to me the hardware equivalent described in this thread falls into the same unnecessarily criminalized conduct. Indeed, it is harmful to criminalize it, for it is cautionary, rather as as if one might point out why the 11 bits of a garage door opener is not secure enough to protect a home -- and be fined or jailed for doing so. To follow the DMCPA's kind of logic to its absurd conclusion, one who tells home owners to put door hinges on the inside might be penalized for violating a "patent" on how to keep robbers out -- and telling the robbers how to select victims.

IMO!

And I'm not a lawyer!

Cortland
KA5S

 

Twenty seconds in the microwave fixed mine.

 

I like that! 20 seconds in the microwave will also "Fix" your cell phone!!!