By Amanda Kooser Posted 8/ 2 10 at 6:30 PM Devices that can sniff out and record cell phone conversations aren't new -- law enforcement and intelligence agencies have had them at their disposal for years. What is new is that white hat hacker Chris Paget managed to build his own for just $1,500. Paget unveiled his setup at Def Con 18, an annual gathering of ethical hackers. His device tricks cell phones into thinking it's a legitimate cell phone tower, and can intercept outbound calls that take place using the popular 2G GSM network. Of course, this doesn't mean there are suddenly gangs of criminals running around with their own cell phone hacking devices. At least, not yet. Paget's demonstration ultimately highlights a known issue with the 2G GSM technology, and it should make business users think twice about the security of sensitive calls. You are safe: If you are on a 3G or 4G network. Your phone may bounce around between the different types of available networks, but many specify if your particular call is going out over 3G. If you use a BlackBerry. Call encryption is standard on BlackBerry phones. BlackBerry-addicted business users can breathe a small sigh of relief. If you use a CDMA network provider such as Verizon or Sprint. You are vulnerable: If you use a phone that operates over a 2G GSM network. This includes a huge chunk of the world. T-Mobile and AT&T are major GSM providers in the U.S. Paget notes that he is generally able to pick up iPhones quite easily. When your 3G-capable phone jumps over to the 2G network. Not every phone tells you which network it is operating on. If yours doesn't say, then it is theoretically open to attack. The Solution Paget's cure for the 2G GSM woes is very simple: Shut it down. As he blogged after his talk, "In the medium to long term, GSM simply needs to be turned off; it'd be more work to fix it than it would be to upgrade." The slow move to 3G and 4G networks will be the ultimate cure. In the meantime, consider this to be a wake up call and keep an eye on how you communicate vital business information. Source:
If someone wants to listen in on my conversations, they're welcome to. I don't do anything I need to worry about...:browani: Now if the hacker wants to get together for a little sumthin', sumthin' - that's another story!
Charlyee, I added some line spacing at the "You are safe" and You are vulnerable" parts. When I first read your post, I thought it said Verizon and Sprint were "vulnerable". When I read the story from the original link, I saw what it really said. Whew!!! I was concerned there for a minute.
I want to see the fallow up article in a few years when LTE is the norm. With hacking it is all a numbers game. Everything can be hacked, but hackers for the most part concentrate on the most used platforms to cause the most damage.
They can listen to my calls when ever they like. LOL. I think I read some where else that the providers can protect against this by deploying a software fix for the algorithms and that right now they can only listen to one side and not both sided of the conversation.
Can someone expand on this? I thought you had to use a third party solution for encrypted phone calls, and that only data was encrypted by default?
So not only is Blackberry voice NOT encrypted, but now the data (or just messages?) will be available for nations in the Middle East. Kind of scary. What if you travel to Saudi Arabia, then leave? They'll want access, but what safeguards make sure they don't have continued access? What if someone steals "keys" from the Saudi server and uses them abroad? etc, etc, etc. RIM Reportedly Bows To Pressure From Saudi Arabia, Hands Over Blackberry Access
I wouldn't worry too much about that. Calls/data can only be monitored by Saudi authorities if it's originating/terminating in Saudi. There's no way the Saudi govt can monitor 2 RIM users in the US. Heres an explanation about the keys I read in another article: I think basically whatever they are doing there is just putting RIM users in line with every other cellular user. There has to be a way for govts to legally wiretap. Can you imagine if a terrorist action could have been averted, but the terrorists were using BBM and the authorities had no way of deciphering their conversations? Wouldn't RIM and the authorities both have egg on their face?
I'm still not clear on whether BBM is encrypted from the user to the server, and then server-to-user, or is it encrypted user-to-user? If there is a system in place for the government to get the key to allow eavesdropping, this opens up the risk of a security breach, especially in Saudi. If the architecture is compromised, then you're that much closer to having a security breach abroad. This news makes it appear to me that your private messages are available to RIM as needed, if they are able to comply with government requests. I would prefer a system where the carrier CAN NOT eavesdrop. So what's to stop terrorists from using their own encrypted messaging program capable of user-to-user encryption?
"Lawful Interception" is built into all cellular networks (3GPP TS 33.107) or read here. The lawful interception part is seperated from the carrier tho, ie: it just funnels out info to the authorities, nothing is readable by the cellco themselves. ...of course terrorists can find 3rd party encryption devices or apps, the old cat-and-mouse game will always exist, but at least the whole system isn't being encrypted and handed to them as is with RIM...
