|
Full Disclosure
mailing list archives
Re: Israeli boffins crack GSM code
From: Adam Shostack <adam () homeport org>
Date: Tue, 9 Sep 2003 11:24:28 -0400
On Tue, Sep 09, 2003 at 04:22:19PM +0200, Rainer Gerhards wrote:
| It was in the media over here in Germany some days ago. It seems to be a
| fundamental flaw in the GSM design. AFIK, the attacker pretends to be a GSM
| base station and can receive the call via a cell handover. Using this
| technology, it would also possible to call "in the name of" (with the caller id
| of) any victim that comes close enough to the fake base station. It was said
| that the GSM providers do not really care because a) it would be to hard to set
| up the equipment and b) it would probably to expensive for the operators to fix
| this ;)
don't forget c) it's revenue, and if the thieves use it to pass their
bills for calling the most expensive countries on earth onto random
passers-by, its not the telco's problem, is it? They're using
"Industry standard" security.
This is like the (AT&T?) voice mail frauds that were costing people
thousands of dollars for choosing poor passwords for their voice
mail. Until it hits a certain level, its just revenue enhancement
through poor security.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- Re: Israeli boffins crack GSM code, (continued)
Re: Israeli boffins crack GSM code Johan Denoyer (Sep 10)
RE: Israeli boffins crack GSM code Rainer Gerhards (Sep 09)
- Re: Israeli boffins crack GSM code Adam Shostack (Sep 09)
|
Intro
