All most every cellular networks are vulnerable said A German security researcher. In an exclusive report New York Times it is said that Networks that use the GSM standard are vulnerable because of the way in which they handle commands, German researcher Karsten Nohl told AllThingsD on Monday. GSM networks are common throughout the world and are used in the U.S. by AT&T and T-Mobile USA.
Nohl, who is presenting his research in Germany on Tuesday, studied 11 countries and was able to hack into both voice and text conversations, using a seven-year-old Motorola phone along with widely available decryption software, according to the Times report. At the heart of the vulnerability is the fact that network commands are sent in the simplest of computer code, basically amounting to a message like “I have a call for you.” A range of options for randomizing the data can easily improve the security, but Nohl said that the carriers have varied widely in how well they implement protection. Each GSM command is exactly 23 bytes long. In most cases, Nohl said, that leaves room for carriers to send random data that makes the messages harder to intercept. However, some messages use the full 23 bytes, requiring a more sophisticated workaround to make things secure.
In Morocco, for example, one carrier sends messages with no attempt at encryption whatsoever. “That doesn’t happen in Europe,” Nohl said. “However, we are still very far away from reasonable protection.”
It’s also hard to guess which networks are best-protected without studying them. “It’s pretty unpredictable which network will be configured how,” Nohl said. While Vodafone did pretty well on its British network, its German subsidiary has a less secure network. Nohl said the vulnerability is limited to the oldest 2G variant of the GSM networks, but since all GSM phones support the 2G network, that leaves all such phones vulnerable. Although Nohl’s research focused on European countries, along with Morocco and Thailand, carriers elsewhere could be vulnerable unless they use better encryption than their European counterparts. Representatives for AT&T and T-Mobile USA were not immediately available for comment.
Nohl told AllThingsD that he will release a tool on Tuesday for people to check the vulnerability in their area.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news
,
vulnerablity