GSM Hacked

Computer security researchers have reported that GSM phones (the cellular protocol used by most of the world — roughly 80% of all cell phones) can be cracked with a relatively small amount of hardware and free Open Source tools.

The weakness exploits the older 64-bit A5/1 algorithm not the newer 128-bit A5/3 algorithm.  However, it should be noted that most GSM providers have been slow to update their networks and do not currently employ the more secure 128-bit encryption standard.

The result is that conversations carried on GSM networks can be overheard and recorded.

No such weaknesses exist in the CDMA protocol; nor would this indicate a potential vulnerability in LTE.

Karsten Nohl, a German computer programmer, claims he demonstrated this weakness (and published the code) to encourage GSM carriers (and manufactures) to take serious the poor security that is currently in place.  ESTI (the standards organization behind GSM) claims that this hack (while legitimate) is too complex and would in fact not give hackers the ability to listen in on phone calls.

Originally posted 2009-12-29 02:00:50.