Low Cost Cellular Eavesdropping: Be Careful What You Say!
Does your wireless telephone carrier use GSM? I use T-Mobile in the USA and AIS 12Call while in Thailand. Both of these cellular providers use the Global System for Mobile Communications (GSM) standard. In fact, GSM is the most widely used wireless standard in the world.
If you also use a GSM carrier, you might want to be a bit more careful about what you say and text from now on. The BBC recently ran a story about Karsten Nohl and Sylvain Munaut, security researchers that demonstrated a cheaply made tool that can eavesdrop on any GSM mobile call or text message.
For those of you that are aware of security problems that have existed on GSM networks for a while, this probably doesn't come as much of a surprise. The encryption algorithms have been cracked and GSM rainbow tables were created that significantly reduce the amount of time it takes to decrypt GSM communications.
The rainbow tables have been available for just over a year, but it was only this week that a method was demonstrated to circumvent GSM encryption in real-time. While it is true that carriers have special equipment to eavesdrop on calls, the hardware and software is expensive (upwards of $50,000) and difficult to acquire. The homemade eavesdropping tool cost the researchers less than $20 to build. While both Nohl and Munaut stated that their methods would not be made public, this will not be the end of the story. Now that the cost barrier of eavesdropping has been eliminated, you will likely see others willing to spend time to duplicate the researchers' methods.
In all likelihood, this exploit can be fixed on GSM networks. Unfortunately, the GSM Association (GSMA), a collation made up of around 800 mobile phone carriers, still has not commented on the news or made any indication that a patch is in the works. Given that eavesdropping equipment can be made for less than $20, this news should light a fire under the GSMA to finally fix this long-existing security issue. Otherwise, we'll have to go back to the old tin can and string method for secure communications.