Security researcher Karsten Nohl has shown that if you send some mobile phones an SMS that appears to originate with the phone company, the phone will SMS back an error message containing sensitive info about its SIM. With this info, you can send another SMS that terminally compromises the phone, giving the attacker the ability to listen in on calls, read texts, and impersonate the phone's owner. He disclosed the vulnerability to the GSM association early, and on August 1 he'll present his work at Black Hat in Las Vegas. At the root of the problem is a reliance on an older, compromised form of crypto, DES:
For each message, the network and the phone verify their identities by comparing digital signatures. The message sent by Mr. Nohl deliberately used a false signature for the network. In three-quarters of messages sent to mobile phones using D.E.S. encryption, the handset recognized the false signature and ended communication.
But in a quarter of cases, the phone broke off the communication and sent an error message back to Mr. Nohl that included its own encrypted digital signature. The communication provided Mr. Nohl with enough information to derive the SIM card’s digital key.
Mr. Nohl said he had advised the GSM Association and chip makers to use better filtering technology to block the kind of messages he had sent. He also advised operators to phase out SIM cards using D.E.S. encryption in favor of newer standards. He added that consumers using SIM cards more than three years old should get new cards from their carriers.
Encryption Flaw Makes Phones Possible Accomplices in Theft
(Image: MTN SIM card, a Creative Commons Attribution Share-Alike (2.0) image from warrenski's photostream)
The LG Watch Urbane 2nd Edition LTE was the company’s latest answer to Apple’s dominating entry into the market. But it died fast, pulled off the shelves within a week due to an unspecified problem with the display. Ron Amadeo writes that they “are not in a position to communicate the specifics of the issue […]
I’ve been using Stanley’s classic flask for years (I literally packed one, full of nice bourbon, in my suitcase this morning for the Melbourne/Sydney/Berlin trip I’m leaving on tonight), and I have no complaints: it’s beautiful, easy to close, and rugged.
Mattel’s Hello Barbie has a microphone and a wifi interface, and it transmits the phrases it hears to a central server in order to parse them and formulate a response. Mattel claims that the data isn’t being retained or harvested for marketing purposes, and assures parents that they can make Barbie stopping eavesdropping on them […]
These knitted gloves are here to save the day (and your hands) with an ultra-comfy, double-layer that will allow you to stay warm and use your phone. Now you can take photos on the fly, text, Tinder, and more without letting freezing temperatures get in your way. Plus they work with all touchscreens, so no […]
Store more on your Mac with this microSD memory card adapter.
Carrying this EDC card is like slinging around a handheld toolbox wherever you go. Its minimal design is small enough to fit in your wallet’s billfold, and it’s TSA-compliant so you’ll never leave it behind. It’s got hex wrenches, metric and imperial rulers, flathead and Phillip’s screwdrivers, and a bottle opener so that you’re ready […]