Hackers Crack GPRS Encryption
Results 1 to 2 of 2

Thread: Hackers Crack GPRS Encryption

  1. #1
    DownForce's Avatar
    DownForce is offline BlackBerryOS Inspired
    Join Date
    Mar 2011
    Device
    Bold 9700 & Curve 3G
    OS
    6.0
    Posts
    239
    Liked
    86 times

    Hackers Crack GPRS Encryption



    After outer space was proclaimed as hackers' newest target, thunderous applause followed at the opening of Chaos Communication Camp 2011 in Finowfurt, Germany. In the next ten years, hackers want to have their own communication satellites in orbit, reported Heise Online. Nick Farr (@hackersonaplane) of Hackers on a Plane said, "We can conquer the entire galaxy, if we stop for five minutes, to behave like idiots." The plan to conquer space was followed by former WikiLeaks Daniel Domscheit-Berg announcing four days of public testing of Open.Leak.org. Domscheit-Berg told Forbes, "We need to be sure for the people who use such a system that it can't be compromised. Whistleblowers are the ones who take the risks. And they're the ones that get screwed if something goes wrong. So it's inherently important for us to make these people as comfortable as possible." The live testing will be here.

    In case you didn't guess, this is no small hackers' shindig. Chaos Communication Camp is an international hackers' camp that takes place every four years. Among the attendees are EFF Senior Staff Technologist Seth Schoen and EFF co-founder John Gilmore.

    How creepy would it be if it were easy to snoop and intercept all those texts, emails and photos you send over your mobile phone? Do you think that's impossible, that the majority of the world's mobile Internet traffic is protected by encryption? Think again.

    The greatly anticipated presentation by crypto specialist Karsten Nohl, chief scientist of Berlin-based Security Research Labs, will show how to crack the encryption that is meant to protect information sent over General Packet Radio Service (GPRS). Mobile phones that do not support 3G use GPRS and iPhones use GPRS when the connection reads "E" as opposed to "3G."

    The New York Times reported that Nohl and a colleague, Luca Melette, intercepted and decrypted all wireless data traffic in a 3.1-mile radius by "using an inexpensive, modified, 7-year-old Motorola cellphone and several free software applications."

    Golem.de added that Nohl modified the Motorola C-123 and enhanced it with the open-source software project Osmocom, then recorded and decrypted transmissions in the German mobile networks of T-Mobile, O2 Germany, Vodafone and E-Plus. Nohl called the level of encryption "weak" and he will demonstrate ways to decrypt GPRS traffic. While he does not intend to publish the encryption keys, Nohl will release software that he used for the attack. Almost all of the world's networks that use GPRS, do not bother to encrypt at all.

    Nohl also told the NYT, "One reason operators keep giving me for switching off encryption is, operators want to be able to monitor traffic, to detect and suppress Skype, or to filter viruses, in a decentralized fashion. With encryption switched on, the operator cannot 'look into' the traffic anymore while in transit to the central GPRS system."

    According to MIT's Technology Review, it costs 10 euros (about $14) for the radio equipment that Nohl and Melette designed to attack GPRS. Nohl said companies that ignore the risks "will be negligent." He hopes this applies pressure to improve security and require "better authentication among devices and base stations communicating over GPRS." He suggested "mobile applications take steps now to use encryption such as SSL, which already protects much of the sensitive information sent over the Internet."

    Nohl has spent the last two years researching and releasing tools which should twist carriers' arms to upgrade the security in their networks. In 2009, he worked with others to release a 2-terabyte GSM rainbow table to "inform about the fact that GSM calls are already being intercepted and decrypted using commercial tools." Then Nohl and Chris Padget spent $1,500 on hardware and cracked the code that was supposedly meant to prevent such snooping of radio signals as they hopped between mobile phones and base stations. The researchers said, "Cloning, spoofing, man-in-the-middle, decrypting, sniffing, crashing, DoS'ing, or just plain having fun. If you can work a BitTorrent client and a standard GNU build process then you can do it all, too. Prepare to change the way you look at your cell phone, forever."

    Then in 2010, Nohl "bundled many of the various tools he helped develop into a comprehensive piece of software that gave amateurs the means to carry out many of the attacks," reported The Register. "That same year, other cryptographers cracked the encryption scheme protecting 3G phone calls before the so-called Kasumi cipher had even gone into commercial use."

    Before you next send that naughty photo, text or IM, consider the possibility that the GPRS encryption protecting your "sensitive" mobile device data can be cracked for cheap . . . and the German researchers behind it are showing other hackers how to snoop and create chaos too.

    Original Article
    Code:
    http://www.pcworld.com/article/237810/mobile_phone_eavesdropping_made_easy_hackers_crack_gprs_encryption.html#tk.rss_news




  2. #2
    ice2921's Avatar
    ice2921 is offline BlackBerryOS Grand Master Follow ice2921 On Twitter
    Join Date
    Sep 2010
    Location
    USA
    Device
    Z10
    OS
    10.0.10.684
    Carrier
    AT&T
    Posts
    2,544
    Liked
    752 times
    This has been going on for years in the military.The ability to eavesdrop on people is getting more and more common. There is an app thats available for Blackberry that will encrypt point to point calls.
    DownForce likes this.

Similar Threads

  1. Voice Encryption for Blackberry
    By ice2921 in forum BlackBerry Apps
    Replies: 0
    Last Post: 07-22-2011, 06:50 AM
  2. any geniuses wanna take a crack at this?
    By BlackberryBlake in forum App Developers
    Replies: 7
    Last Post: 08-09-2010, 10:52 AM
  3. Enabling Encryption
    By chm0690 in forum BlackBerry Storm 9530/9500
    Replies: 3
    Last Post: 10-25-2009, 08:47 AM
  4. An issue with encryption, files, and security --Help
    By bocaccio in forum BlackBerry Curve 83xx
    Replies: 2
    Last Post: 08-01-2009, 09:41 PM
  5. Replies: 2
    Last Post: 05-09-2009, 09:14 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •