Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

re: Insecurity in Finnish parlament (computers)
From: Markus Jansson <markus.jansson () hushmail com>
Date: Tue, 21 Feb 2006 06:35:15 +0200

Juha-Matti Laurio:
>http://blogs.securiteam.com/index.php/archives/299
>entitled as "Cell phone operator sent 7000-large government account
>information with unprotected e-mail".

Good article, but it lacks one important aspect of the fiasco:
TeliaSonera also disabled crypto (A5/1) on GSM:s for some time, which made it possible to eavesdrop on its/goverments GSM:s. This was a the "big" fuzz.

OK, basically whether or not you are using A5/1 or A5/0 makes no difference, since A5/1 is so easily cracked that any serious attacker can do it anyway (or crack COMP-128-1 or COMP-128-2). If you have the tools to capture/listen GSM calls, you can relatively easily get the stuff to attack A5/1 and COMP-128-1 or 2 anyway. But ofcourse it was nice to "hype" about the fact that TeliaSonera disabled crypto too. And maybe some folks dont still understand that A5/1 is broken and think that it offers some protection. LOL.

Anyway, only sensible way to secure govermental cellurar phones would be use strong crypto/suitable GMS:s, like http://www.cryptophone.de/ so that every member of goverment/parlament could talk securely with any other member of govermenet/parlament and some officials too. Ofcourse if people in Finnish parlament or infosec/compsec sections would know a drek about crypto and security, they would have already done it. ;) Putting all their eggs again in one basket (Elisa) and without strong end-to-end-crypto does not help much.

BTW. How long would you think it would take them to spot false-base-station type of attacks near our parlament house? ;)

--
My computer security & privacy related homepage
http://www.markusjansson.net
Use HushTools or GnuPG/PGP to encrypt any email
before sending it to me to protect our privacy.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault