If you use your phone GSM (AT & T and T-Mobile in the U.S.), you likely have a few months before it will be easy for almost any spy on your message.

Security researcher Karsten Nohl begins with an open source distributed computing project to crack the encryption used on GSM phones and compile it into a code book, which can be used to decode the conversations and any data that will be sent to and from your phone.

Karsten Nohl told about their distributed computing open source AE / 1 cracking project at hacking conference Random.

(Credit: Hacking at random)
He hopes that by doing this will stimulate the cellular providers to improve the security of its services and fix the shortcoming that has existed for 15 years and about 3 billion mobile users.

“We do not create a vulnerability, but lack of transparency, which has operated very well,” he said in a telephone interview on Monday.

“Obviously, what we’re doing the attack is more practical and much cheaper, and, of course, there is a moral question of whether we do it,” he said. “But more importantly, we will inform (people) on the long-standing vulnerability and, hopefully, better warning systems to accept this.”

This weakness in the encryption used on the phones, A5 / 1, has been known for years. There are at least four commercial tools that will allow to decrypt messages, GSM range in price from $ 100000 to $ 250000 depending on how quickly you want the software to work, “said Nohl, who had previously disseminated information, weaknesses in wireless smart card chip used in transit systems.

It takes 80 high-performance computers for about three months to make a brute force attack A5 / 1 and create a big look-up tables, which will serve as a code book, said Nohl, which announced the project at random Hacking Conference in the Netherlands 10 days ago.

Using code book, everyone could get the encryption key to any challenge GSM, SMS messages, or other message encrypted A5 / 1 and listen to the call or read the data in clear text. If 160 people donate their computing resources to the project, it should only take a half months to complete, he said.

Participants download software and after three months they shared with files created by others, by uploading, for example, Nohl said. “We have no connection with them,” he added.

After the look-up table is created it will be available for any use.

Distributed computing, which has long been used for research and academic purposes, such as SETI @ Home, and some companies have established businesses all over, not only solves the technical obstacles to cracking A5 / 1 code, but it may solve a legal nature, too.

Several years ago a similar project was started cracking GSM, but was stopped before it was completed after being harassed, the researchers may be the provider of cellular communication, Nohl said. Extending efforts among the participants and do not have it centralized, new efforts will be less vulnerable to outside interference, “he said.

Nohl had no definite legal implications of the project, but said that it was likely that the use of such look-up table is illegal, but legal ownership, as the company that openly advertise their tables for sale.

T-Mobile spokesman said the company had no comment on the matter.

AT & T, Mark Siegel, the representative said: “We take extraordinary precautions to protect the privacy of our customers and use various tools, many technical and some human rights approaches. I can not go into details for security reasons.” He declined to elaborate or comment further.

Precautions
Carriers must update the encryption or move voice services to 3G, which is much stronger encryption, Nohl said.

At the same time, people can use certain products encrypt the phone as Cellcrypt or mobile phones with their own encryption, Nohl said. Amnesty International and Greenpeace used phones with strong encryption, for example, but it only works if both parties in a conversation using the same technology, “he said.

For data encryption is Pretty Good Privacy (PGP) for e-mail and virtual private network (VPN) software to connect to the corporate network, he said.

Encryption problem is especially serious for people engaged in online banking, where banks are using text messages as authentication tokens. Banks should instead offer RSA SecurID tokens or send a one-time pass phrases via regular mail, Nohl said.

“I think that potentially it could have big impact, as the breaking of WEP (Wired Equivalent Privacy) was a few years ago,” said Stan Shatt, security practice director of ABI Research. “It shook up the industry quite a bit.”

As a result of violations that encryption, the company did not want to rely on wireless local area network such Wi-Fi Alliance pushed the interim standard, which strengthened the encryption scheme, “he said.

“Vendors will jump in interim solutions, as Cellcrypt”, said the Shatt. “Mobile operators themselves have to jump and to offer additional levels of encryption within the managed services offers to people who want a higher level of encryption.”

Nevertheless, consumers are unlikely to pay for additional growth of encryption, he said.

Snoop on the phone to someone who would be the spy must be within view of the purpose, the Shatt al-Said. Or, spies could point to a recording device in the direction of the building and capture all the conversations were close, “he said.

“If you stand outside the building a competitor can get the product of conversations between managers and confidential information about corporations, as well as acquisitions,” he said. “Corporation put more sensitive information through their phones, in general, than they are on their e-mail.”

We know that Sprint has the exclusive on the Palm to the pre-2009, but that never stopped listening to the mill kicked up stories about Verizon pre-or GSM smartphone version. And, of course, not a lot of rumors, but rather a matter of time, and it looks like GSM Palm Pre-North America one step closer to reality after receiving the Wi-Fi certification from Wi-Fi Alliance.

On Friday afternoon, Precentral.net received a tip from one of its readers, demonstrating the Wi-Fi Interoperability Certificate (PDF) for the Palm with the model number of pre-P100UNA. The reader indicates that the game in the logic for GSM Palm Treo Pro SKU, T850UNA, where U for UMTS and NA stands for North America, so presumably it will support the pre-North American 3G bands.

Now another question is whether this pre-dollars whether it refers to the version, the beginning of Bell Mobility in Canada, 27 August, as Engadget Mobile points out, the carrier makes a transition from CDMA to GSM.

Las Vegas - Researchers at Black Hat security conference Thursday showed how an attacker can spoof the type of SMS message that appears to be sent from the carrier or any other reliable source.

The attack on the MMS (Multimedia Messaging Service) messages like SMS messages that could allow an attacker to fraudulently forcing the recipient to visit the malicious Web site or in the long run, do something else to harm the phone or data theft.

Attacks can work on any type of phone is MMS-enabled and works on the Global System for Mobile Communications (GSM) network, said Zane lackey, a senior adviser to ISEC Partners, as well as an independent researcher Luis Miras.

They used a jailbroken iPhone to their demos of their proof-of-concept code that allows you to circumvent the protection of the carrier for SMS messages by sending a specially crafted MMS messages.

SMS messages used by carriers to do the administration on the phone and contact clients. For example, voice mail notifications are often made for SMS, according to footman.

As a result of such communications administrator for trust beneficiaries, despite the fact that they generally do not indicate the source of the message and other details, they said. Hoaxes can be any of the reliability of the company as a bank or PayPal.

“This is a question of the carrier,” Miras said. “We know them and they are working on a solution.”

The researchers also shared information with the GSM Alliance, which provides detailed information on the use of carriers, they said.

In a demo, they sent the victim reported that the proposed $ 20 credit, and includes a reference to the alleged malicious site. Other researchers Demos sent fake voice mail alert and sent an SMS which prompted the addressee to accept or reject the new settings is unknown.

If the recipient accepted the changes, believing they are something from the usual carrier, an attacker can use the permission to do things behind the scenes, as the route of all the numbers of Internet traffic through the server to the attacker, not the carrier’s server, which allows attacker to spy on all messages.

In the SMS used by researchers have shown possible for an attacker to gain access to “circumvent the carrier spoofing protection including anti-malware filtering footman said. These attacks can also be used to determine what operating system you are so that someone can start an attack that targeted programs, “he said.

Lucky and Miras has released a tool called Taft (There in the attack for this), which automates the fulfillment of the shortcomings that were corrected. He does not allow for the spoofing issues that carriers have the address, they said.

SMS attacks become easier, because iPhones and Android devices could be easily modified, because the SMS functionality was built at the higher layers, which provide full access to the attacker, said footman.

Researchers also said that they found the lack of implementation of SMS, that they are temporarily crash on the Android phone of the phone so does not require or texts can be sent or received. Google fixed flaw, which, they said.

They also discovered a flaw in a third-party iPhone app to SwirlySpace, that the interference with the phone and texting capabilities and that also was recorded, Miras said.

There are not very much can do to protect yourself from these attacks, except to be careful SMS as a whole, “he said.

Would you like to look in your phone, you will almost certainly never have the opportunity to own? Look no further than the T-Mobile UK for the GT500 from LG, which is well equipped with full contact HSDPA phone, which we track for some time now, apparently, is now shipping. Headlining features include 5-megapixel camera with image stabilization, AGPS, tethering capacity, 130MB of onboard storage and expansion MicroSD (although, really, what the phone in 2009, no MicroSD slot in addition to pre-, in the iPhone, as well as strange Pantech here and there? ). Rumors persist that this may eventually show on Rogers, so one way or another, you may have to eventually co-nation, if you want this thing is not enough.

With a Pre Palm on Sprint may be good for Americans driving them to take the ‘Em-up truck on the highway data CDMA, but it does not make the Europeans (or Palm, the bottom line) of any good over in the Old World. Now we have video and pictures on the GSM-loving Palm Pre freedom in Vietnam. Why ‘We? Light, as workers get more rights and higher wages in China, producing all of our fantasy of consumer electronics are moving further south in search of cheap labor. While this does not mean Damn Thing, concerning the start, there is still a pleasure to see the functioning of pre-GSM in the wild in the way of a start before the end of the year, possibly sooner. Video after the break, as they say.