Karsten Nohl, a researcher and a German engineer, today announced it has found a way around the code that underlies the cellular transmission security. The announcement was made at the twenty-sixth edition of the event Berlin Chaos Communication Congress, dedicated just to computer security and telecommunications. One of the most important aspects of the story lies in techniques used perfectly legal, so, accessible to a large number of users. The actual encryption algorithm used on the GSM network is called A5 / 1 and is a 64-bit, except for some minor modifications, has remained fairly similar in substance to the implementation dating back to 1988. In fact, the specification A5 / 3 which provides for a system of 128-bit security, then much more robust, it has never undergone a real implementation. Many years have passed since then and the lack of a major upgrade has led, inevitably, to overcome the defenses of the network, considering the technological tools available today. This has the consequence that it could become quite simple listen to others' phone calls or intercept SMS . Stan Schatt, Vice President & Practice Director of health and safety of ABI Research, commented: "Potentially, this news could have a profound impact in the field of cellular telephony, as well as the hack WEP encryption has had on the wireless LAN industry. " Schatt continued: "... people have to fear the theft of valuable information on bank accounts and personal stories. Our research shows that workers speak of sensitive corporate information on their mobile phones. If you do not react, it is likely that you begin to hear stories of sensitive information compromised, leaked trade secrets, personal financial information stolen, etc.. We could also see the growth of blackmail and extortion. "
The same group described the work of Nohl ' fairly simple hack to be made with easily available tools. If this is confirmed and if the information about how to spread it really is, there may be serious security problems for sensitive information.
(source: Notebookitalia)
0 comments:
Post a Comment