A researcher on Thursday posted software tools that he said would enable widespread eavesdropping on calls made over GSM networks with less than $2,000 worth of equipment.
Speaking at the second day of the Black Hat technology security conference in Las Vegas, researcher Karsten Nohl, who had previously reported that he had cracked GSM encryption, said he was distributing the tools free in order to pressure carriers to make fairly simple changes to fix the vulnerability.The industry association asked for the same software changes in 2008, but Mr Nohl said he hadn’t found any carrier that had adopted them.
The tools include shortcuts for crunching vast amounts of data in order to identify the key on each mobile phone that encrypts calls. Using the techniques Mr Nohl outlined in his presentation, hackers could listen in on one side of a conversation from miles away and from both sides if they were within 100 to 300 meters, he said.
The method only works over 2G networks, but many 3G phones drop back to 2G in areas where there is no 3G service.
Commercial cracking tools for eavesdropping on such calls have been available for years and cost about $500,000, Mr Nohl said. Even with the new tools, hackers will face challenges in isolating the calls they are interested in.
The talk was one of a number at this year’s Black Hat that focused on problems with mobile telephony and computers. Another talk on Thursday demonstrated a vulnerability in millions of home routers, which can be tricked into thinking that contact from a malicious website is actually coming from inside the house. That trick works if home users have not changed the default login information to those routers.
The most talked-about speech on the final day of Black Hat was a keynote by retired CIA director Michael Hayden, who played down recent rhetoric about cyberwar between the US and China and said there were signs of progress in developing international norms that would stigmatise internet attacks on the electric grid or financial networks.
