Featured Articles

Nvidia GTX 980 reviewed

Nvidia GTX 980 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Nvidia adjusts GTX 980 and GTX 970 pricing

Nvidia adjusts GTX 980 and GTX 970 pricing

It appears that Nvidia has been feeling the pulse of the market and took some note from comments regarding the original…

More...
iPhone 6 and 6 Plus reviews are up and they are good

iPhone 6 and 6 Plus reviews are up and they are good

Apple is dancing the same dance year after year. It releases the iPhone and two days before they start shipping it…

More...
Amazon announces three new tablets

Amazon announces three new tablets

Amazon has just released three new tablets starting with the $99 priced 6-inch Kindle Fire HD6. This is a 6-inch tablet…

More...
PowerColor TurboDuo R9 285 reviewed

PowerColor TurboDuo R9 285 reviewed

Today we will take a look at the PowerColor TurboDuo Radeon R9 285. The card is based on AMD’s new…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Monday, 19 May 2008 07:39

Security lacking on GSM and VoIP networks

Written by David Stellmack

Image

Potential hacking and eavesdropping issues

GSM technology, the most widely used mobile phone standard, is insecure. This claim comes from a security expert at the LayerOne Security Conference that took place over the weekend in Pasadena, California. GSM has become a world wide standard for cellular networks, although the uptake is somewhat smaller in the U.S.

The speaker, David Hulton, claims that GSM is so insecure it is feasible to track the location of mobile users, and with a bit of effort, to even listen in to mobile calls as they are taking place. Hulton claims he has cracked the encryption algorithm the mobile phones use, and stated, “GSM security should become more secure or at least people should know they shouldn’t be talking about (sensitive) things over GSM. Somebody could possibly be listening over the line.”

Hulton also claims that with a $900 investment, equipment can be purchased and free software used to create a false network device to track traffic across a mobile network. “You can see all the cell phones connected to the base station. You can’t see calls, but people associated with the calls. You can also do location tracking. If you know somebody is on the network you can see how close to the base station they are,” he said.

This is feasible because the subscriber identifier (the user identification number) is easily visible on traffic, even though identifiers are not supposed to be transmitted in plain text. Hutton indicated that while it might not be legal to view that data, it is still relatively easy to do.

Another conference speaker, David Bryan, Senior Security Consultant with security company Netspi, was also highly critical of Voice Over IP (VoIP) systems. He indicated that while VoIP saves corporations and consumers a lot of money, such systems typically have “little to no security.” 

VoIP is based on open standards generally that do not encrypt traffic, leaving them a target for eavesdropping, intercepted calls, fake and bogus voice messages. Bryan demonstrated this by injecting an emergency broadcast message into an ongoing mobile phone conversation while he recorded the call with an automated tool.

He pointed out that Skype does have encryption and also uses proprietary technology so that outsiders cannot dissect the code. Vonage, however, offers no encryption and no security at all is currently in place, according to Bryan.

Last modified on Monday, 19 May 2008 09:16

David Stellmack

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments