Expert cracks GSM phone call encryption

Reminds me of the old saying about duplicating the works of Shakespeare, Enough Monkeys, enough typewriters and enough time......The encryption's security was only so good until someone cracked it, as it was reported to happen, but this does not mean that listening in on phone calls by GSM mobiles (cell phone) will be pandemic.

I bet verizon will be getting a few new customers in the next week...

So what 1 guy crack the 64 bit security. Out of 5 billion people in the world it doesn't mean that someone else can do it. That would be impossible!

bigfamei:

This guy cracked it. Anyone can do it once they have the propper procedure.

If this guy leaks his code/method then everyone will be doing it. Just like the first few ppl who cracked the iphone, now everyone is doing it.

I would like to talk about the Illegallity of what he did. I do not believe that it is ileelgal. THis is a standard scientific procedure. You need to be certian of vulnerbilities. You do this by testing and trying to break the code. If it is possible then you start back at square one. Anyone who would put this man in jail would be doing the global community a great injustice.

i was told police can moniter and listen in to all phone calls even those made from mobiles if they believed illegal activities were taking place.I dont think the guy that hacked it should be prosecuted unless hes monitering peoples personal phone calls and obtaining personal information.I doubt anyone could be bothered listening in to my phone calls even if they knew how.I was using the CDMA network for about a year but they disabled it here.

Put him in jail?! More like hire him, give'em a job to show you how is done properly...

None of us want to be bothered with that person talking about their incontinent bowel syndrome to their friend while standing in line at the store but you think there is enough interest to hack their entire call? I know it's just proof of concept but still...just because I can train my dog not to go outside and use my cats litter box as a crapper, doesn't mean its a good idea.

"The GSM Association, the group behind the algorithms, has called Nohl's "hacking" illegal. “This is theoretically possible but practically unlikely,” added Claire Cranton, an association spokeswoman, via NYT. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”

OH GOOD GOD..........enough with the stupid people making stupid comments with their stupid convictions already!!!!!!!!!!!!!!

Illegal? How do they figure? He did it on his own without impact on others, didn't steal anything, brought it to the attention of the world and now SHUT UP AND FIX IT!

Illegal in Britain and the U.S.????? So is "J" walking, being without ID EVER and In Zion, IL, it is illegal for anyone to give cats, dogs, or other domesticated animals a lighted cigar.

How this dumb bi*ch can't relate the concern of privacy to hacking the encryption is beyond me. The encryption needs to be UNHACKABLE dammit!!!!

Originally posted by Deadrum33:

---

...just because I can train my dog not to go outside and use my cats litter box as a crapper, doesn't mean its a good idea.

---

If the litter box is big enough and don't mind the stink...but then all the scooping you'd have to do...Unless you call a Chihuahua a dog;)))

Originally posted by LissenUp:

---

"The GSM Association, the group behind the algorithms, has called Nohl's "hacking" illegal. “This is theoretically possible but practically unlikely,” added Claire Cranton, an association spokeswoman, via NYT. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”

OH GOOD GOD..........enough with the stupid people making stupid comments with their stupid convictions already!!!!!!!!!!!!!!

Illegal? How do they figure? He did it on his own without impact on others, didn't steal anything, brought it to the attention of the world and now SHUT UP AND FIX IT!

Illegal in Britain and the U.S.????? So is "J" walking, being without ID EVER and In Zion, IL, it is illegal for anyone to give cats, dogs, or other domesticated animals a lighted cigar.

How this dumb bi*ch can't relate the concern of privacy to hacking the encryption is beyond me. The encryption needs to be UNHACKABLE dammit!!!!

---

I didnt get what you wrote about Israel =\

Originally posted by LissenUp:

---

"The GSM Association, the group behind the algorithms, has called Nohl's "hacking" illegal. “This is theoretically possible but practically unlikely,” added Claire Cranton, an association spokeswoman, via NYT. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”

OH GOOD GOD..........enough with the stupid people making stupid comments with their stupid convictions already!!!!!!!!!!!!!!

Illegal? How do they figure? He did it on his own without impact on others, didn't steal anything, brought it to the attention of the world and now SHUT UP AND FIX IT!

Illegal in Britain and the U.S.????? So is "J" walking, being without ID EVER and In Zion, IL, it is illegal for anyone to give cats, dogs, or other domesticated animals a lighted cigar.

How this dumb bi*ch can't relate the concern of privacy to hacking the encryption is beyond me. The encryption needs to be UNHACKABLE dammit!!!!

---

It impossible to reason with women/male who argue like this, I've had to deal with a few before, and I know, it's frustrating. Some stereotypes of women are most of the time very true, such as in this case; she will not get to the point and address the MAIN issue that; yes, they should be making security changes for their customers, and that from one simple engineer cracking the code should be a wake up call. Instead, she tries to make excuses, attack someone other than herself, change the subject and focus on much less serious concerns.

Back to the topic though,I'm with Telus, and I'm still on the old network I think (CDMA), because my phone is still at least 3-4 years old, and they just switched to GSM. Is it possible for anyone to simply upgrade to the newer 128-bit A5/1 encryption through the phone? If not, I may put off getting a new phone for a while, I'm still waiting till the Olympics are over here, and Telus get's the Omnia 2, and they drop that stupid Required Data plan, and just let us get a rate plan.

....because it is illegal no one will do it!? WTF! If that argument is true, this would be a utopia! Sorry, but this person did crack your crap encryption... consider a new algorithm that has some strength.

Quote:

---

Originally posted by LissenUp:

---

"The GSM Association, the group behind the algorithms, has called Nohl's "hacking" illegal. “This is theoretically possible but practically unlikely,” added Claire Cranton, an association spokeswoman, via NYT. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”

OH GOOD GOD..........enough with the stupid people making stupid comments with their stupid convictions already!!!!!!!!!!!!!!

Illegal? How do they figure? He did it on his own without impact on others, didn't steal anything, brought it to the attention of the world and now SHUT UP AND FIX IT!

Illegal in Britain and the U.S.????? So is "J" walking, being without ID EVER and In Zion, IL, it is illegal for anyone to give cats, dogs, or other domesticated animals a lighted cigar.

How this dumb bi*ch can't relate the concern of privacy to hacking the encryption is beyond me. The encryption needs to be UNHACKABLE dammit!!!!

---

It impossible to reason with women/male who argue like this, I've had to deal with a few before, and I know, it's frustrating. Some stereotypes of women are most of the time very true, such as in this case; she will not get to the point and address the MAIN issue that; yes, they should be making security changes for their customers, and that from one simple engineer cracking the code should be a wake up call. Instead, she tries to make excuses, attack someone other than herself, change the subject and focus on much less serious concerns.

Back to the topic though,I'm with Telus, and I'm still on the old network I think (CDMA), because my phone is still at least 3-4 years old, and they just switched to GSM. Is it possible for anyone to simply upgrade to the newer 128-bit A5/1 encryption through the phone? If not, I may put off getting a new phone for a while, I'm still waiting till the Olympics are over here, and Telus get's the Omnia 2, and they drop that stupid Required Data plan, and just let us get a rate plan.

---

She isn't ignoring the issue because she is female...she is ignoring the issue because she hopes it will go away. If this guy cracked GSM, then it is likely that someone else already did the same and told no one...those people may even be using their techniques for illicit means as I type this.

It isn't an ignorant statement...the real issue is ignored because they have no means of fixing it...at least not quickly...and they want to avoid massive shifts to CDMA networks. They also want to hide the fact that the new 4G networks are all GSM...even the ones being considered by verizon. At this point, it would be a huge problem to openly admit that there is a serious issue with these networks, as it would result in a whole new round of "testing"...testing that does not adress security issues, as it is illigal just to test security on your own network.

Cracking digital protection of any kind is illigal in the US and the UK...even if it is your own equipment. It is an ignorant tactic that only serves to prevent proper testing...and you can thank the DMCA. Perhapse if anyone had read it before making it law, we would not have so many problems because of it...but law makers are more concerned with the RIAA/MPAA bribe money than anything.

Quote:

---

It isn't an ignorant statement...the real issue is ignored because they have no means of fixing it...at least not quickly...and they want to avoid massive shifts to CDMA networks. They also want to hide the fact that the new 4G networks are all GSM...even the ones being considered by verizon. At this point, it would be a huge problem to openly admit that there is a serious issue with these networks, as it would result in a whole new round of "testing"...testing that does not adress security issues, as it is illigal just to test security on your own network.

---

4G networks use the 128-bit or a newer 5/3.

A newly opened can of worms. History is full of people trying to break codes and cyphers, WW2 breaking the enigma code was important, as as breaking Japanese ones. There are magazines dedicated to codes and cyphers, and people try to solve them. A scientist trying to crack codes of DNA to find ways of relieving genetic defects and also to find cures of diseases and to defeat viruses. It is human nature to seek ways of finding information, to puzzle out ways of doing things better, to undertake and try to succeed in challenges, So encryption comes under this, and people will attempt to defeat it for a challenge, so it is human nature versus human laws, Laws that have beeb enacted on a small, vocal group with big money backing them, are all laws good, or just? Just my thoughts.

The person who broke the code is releasing a book on how to crack and be able to listen in and record GSM conversations, all in the name of something better than the 21 year old encryption. He also states that Police and Governments have had the ability to do this for years, so the encryption was already compromised. It concerns me that Goverment s spy on their citizens at will.

Originally posted by rayals:

---

I would like to talk about the Illegallity of what he did. I do not believe that it is ileelgal. THis is a standard scientific procedure. You need to be certian of vulnerbilities. You do this by testing and trying to break the code. If it is possible then you start back at square one. Anyone who would put this man in jail would be doing the global community a great injustice.

---

Couldn't have put it better myself.

Dear,

Have you some software or device which make Encryption on my calls ,to avoid some body by CELLULAR INTERCEPT GSM system to listening to my conversation?

Thanks,