Deep joy :( "Cryptographers have moved closer to their goal of eavesdropping on cellphone conversations after cracking the secret code used to prevent the interception of radio signals as they travel between handsets and mobile operators' base stations.
The code is designed to prevent the interception of phone calls by forcing mobile phones and base stations to rapidly change radio frequencies over a spectrum of 80 channels. Without knowing the precise sequence, would-be eavesdroppers can assemble only tiny fragments of a conversation.
At a hacker conference in Berlin that runs through Wednesday, the cryptographers said they've cracked the algorithm that determines the random channel hopping and have devised a practical means to capture entire calls using equipment that costs about $4,000. At the heart of the crack is open-source software for computer-controlled radios that makes the frequency changes at precisely the same time, and in the same order, that the cellphone and base station do"
People want us to use our mobiles more for shopping etc, I don't think so, if they can snoop on calls how long before they can hack data I wonder?
About a week... :(
My son is not allowed to take his mobile phone even if it's switched off, into the RAF classroom. The enemy have ways of turning it on without you even noticing and listening in :eek4: I could tell more, but I would have to kill you :D
Quote from: J!ll on Dec 29, 2009, 09:56:15
My son is not allowed to take his mobile phone even if it's switched off, into the RAF classroom. The enemy have ways of turning it on without you even noticing and listening in :eek4: I could tell more, but I would have to kill you :D
If its a symbian phone, you can get a program that you can install on another Symbian cell phone, you call that phone up, it does not ring and does not even light up, but you get to listen to what is being said at the time as it acts like a bug basically, simple and very sneaky.
you can actually do this type of thing even cheaper than £4000. Have a look at the products on here www.ettus.com. Prices start from $700, even I can afford that :)
QuotePeople want us to use our mobiles more for shopping etc, I don't think so, if they can snoop on calls how long before they can hack data I wonder?
I have a constant reminder of this living very near to this place
(http://theunexplainedmysteries.com/menwith/menwith2.jpg)
Quote from: somanyholes on Dec 29, 2009, 11:12:40
you can actually do this type of thing even cheaper than £4000. Have a look at the products on here www.ettus.com. Prices start from $700, even I can afford that :)
You would not want to spend money to hear the really boring conversations on my phone. So ;D
Quote from: somanyholes on Dec 29, 2009, 11:15:55
I have a constant reminder of this living very near to this place
(http://theunexplainedmysteries.com/menwith/menwith2.jpg)
I used to have calls from my female friend in Tehran, I knew damn well that was being listened into on both ends, as did she :(
QuoteYou would not want to spend money to hear the really boring conversations on my phone. So
Same here :)
GCHQ
(http://www.betterpublicbuilding.org.uk/assets/images/finalists_2004/gchq/gchq_large_1.jpeg)
Would have recorded it no doubt Gary
They'd be awfully bored by my conversations. I encode everything as a discussion of a rugby match, or a Donald Russell order. ;D
You do here too :laugh:
:rofl:
No wonder I'm misunderstood... ;)
Quote from: Glenn on Dec 29, 2009, 11:21:51
GCHQ
(http://www.betterpublicbuilding.org.uk/assets/images/finalists_2004/gchq/gchq_large_1.jpeg)
Would have recorded it no doubt Gary
We got fed up of the bad lines and weird noises sometimes and would say look a muslim and a Christian (not practising) can get on, hello to all you listening to this very boring chat, oddly enough 8/10 times we made jibes our call was ended :eyebrow: all very intrusive and very sad.
So if they've cracked a code that makes an algorithm so something is random, then surely it wasn't random or it wouldn't be crackable?
Quote from: Niall on Dec 29, 2009, 22:30:35
So if they've cracked a code that makes an algorithm so something is random, then surely it wasn't random or it wouldn't be crackable?
Its still random, but the equipment jumps alongside the random hops in the same way its like a frog randomly jumping but you know which was to jump at the same time, its still a random code you juust know how to exploit it, because the next time a frog jumps across the same path its jumps will be different to the previous.
According to the news tonight, they have only cracked the 2G code, not the code used on the 3G networks, but it will only be a matter of time.
Quote from: Glenn on Dec 29, 2009, 23:05:30
According to the news tonight, they have only cracked the 2G code, not the code used on the 3G networks, but it will only be a matter of time.
Considering how flacky 3G is around here, thats not great news Glenn, its like back to the days of cloned analogue phones.
Quote from: Niall on Dec 29, 2009, 22:30:35
So if they've cracked a code that makes an algorithm so something is random, then surely it wasn't random or it wouldn't be crackable?
As I always say at work: computers don't do random.
It was only a matter of time before it was publicly cracked, and the simple fact is that it's most likely been cracked repeatedly and for some considerable time by others who have chosen to make nefarious use of their achievements instead of publishing the fact and thereby disabusing the naïve of any notion that there conversations were actually secure.
for those that are interested. Steve gibson did a podcast on the cracking of gsm a while ago. The notes are available here, you will need to scroll down a bit to get to the right place. http://www.grc.com/sn/sn-213.txt It's an informative and well researched read.
Quote from: gizmo71 on Dec 30, 2009, 07:27:13
As I always say at work: computers don't do random.
Which is at the heart of everything.
Quote from: Rik on Dec 30, 2009, 08:51:36
Which is at the heart of everything.
Except quantum mechanics.
Maybe. :laugh:
;D
How about chaos theory?
That's the story of my life ;D
:lol:
Mine's way more random than that. :)
When I was writing an optimisation algorithm for analysis of electric charges many years back I rapidly discovered that one should never trust the random number generator -- especially if it happened to be the default Microsoft one. After many hundred days of CPU time exhausted I discovered much to my dismay the results were skewed depending on whether the machines ran Windows 2000 or Windows XP. Both random number generators had sufficient mutation rate but after mere tens of thousands of cycles the 'random' sequence was quite clearly repeating, with a different break depending on the operating system. The answer? I used an open source assembly written 3rd-party random number generator, and never saw the problem again.
The important thing to understand with most random number generators is that they depend upon a value known as the 'seed'. If you start the random number generator with the same seed twice, you get the same sequence of numbers.
Quotecipher used in encrypting 3G GSM communications. KASUMI is also known as A5/3, which is confusing because it's only been a week since breaks on A5/1, a completely different cipher, were publicized. So if you're wondering if this is last week's news, it isn't. It's next week's news.
http://www.emergentchaos.com/archives/2010/01/another_week_another_gsm.html