nettime maillist on Sat, 26 Jun 1999 03:00:41 +0200 (CEST) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
tbyfield: (fwd) TELECOM Digest V19 #165 [excerpt] |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - <nettime-l-temp@material.net> is the temporary home of the nettime-l list while desk.nl rebuilds its list-serving machine. please continue to send messages to <nettime-l@desk.nl> and your commands to <majordomo@desk.nl>. nettime-l-temp should be active for approximately 2 weeks (11-28 Jun 99). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ---------- Forwarded message ---------- Date: Thu, 24 Jun 1999 11:17:24 -0400 From: t byfield <tbyfield@panix.com> To: nettime@desk.nl Subject: tbyfield: (fwd) TELECOM Digest V19 #165 [excerpt] ----- Forwarded [excerpt] From: editor@telecom-digest.org Date: Wed, 23 Jun 1999 21:08:11 -0400 (EDT) To: ptownson@massis.lcs.mit.edu Subject: TELECOM Digest V19 #165 TELECOM Digest Wed, 23 Jun 99 21:08:00 EDT Volume 19 : Issue 165 Inside This Issue: Editor: Patrick A. Townson <...> GSM Interception (Babu Mengelepouti) <...> Bellheads vrs. Netheads (Richard Shockey) <...> Date: Wed, 23 Jun 1999 14:32:49 -0700 From: Babu Mengelepouti <dialtone@vcn.bc.ca> Reply-To: dialtone@vcn.bc.ca Organization: US Secret Service Subject: GSM Interception Well, it is only a matter of time before any system gets cracked. And the first one to sell a device gets the biggest markup! Subject: GSM Cellular Phones Increasingly Unreliable From Intelligence Newsletter, 06/10/99 Over the past six months a roaring trade has sprung up on back-street markets for equipment to intercept cellular telephone calls that had once been reserved for government intelligence and law enforcement agencies. The risk that GSM networks are being broken into for espionage purposes with widely-available equipment and modest skills is now very real. Intelligence Newsletter has been able to identify web sites that sell interception equipment by mail-order. Elsewhere, components required to manufacture such devices are to be found in many electronics stores in Europe and the United States. The industry itself has pointed the way. We have obtained a leaflet from the British company G-Com Tech which provides a detailed rundown of the GSTA-1400 system. The firm describes the system, reserved for governments, as one of the best "official" devices to record GSM communications at a cost of between $245,000 and $327,000 depending on the model. Systems sold on the black market run along the same lines as such products, and sometimes simply copy them. The system consists invariably of a portable computer equipped with deciphering software connected to a GSM or fixed 2Mbits/second telephone. Tracking the target line with a clone of its SIM (Subscriber Identification Module), the system can usually decipher the signal in just 2.5 minutes. The breakthrough came in April, 1998 when two researchers from the University of Berkley in California demonstrated it was possible to clone a SIM card. David Wagner and Ian Goldberg, who both belong to the Internet Security Applications Authentification and Cryptography Group (ISAAC), carried out a successful series of attacks against the Comp128 algorithm. The latter forms the basis of algorithms created by the manufacturers of GSM, the A3 and A8, which encrypt information contained inside a SIM card. According to the American Smartcard Developers Association (SDA) the system developed by Wagner and Goldberg can turn out cloned cards that GSM operators can't distinguish from real ones. At the same time, the SDA identified a partial flaw in the symmetric-type A5 algorithm which protects data transmission between the operator and user. According to SDA director Marc Briceno, although A5 has a 64 bit key only 54 are actually used, probably to facilitate eavesdropping by an intelligence agency. Late last December in Berlin an experimental system devised by "private researchers" was presented to a conference of hackers belonging to the Chaos Computer Club (CCC). It took advantage of flaws in the A3,A5 and A8 algorithms to conduct interceptions. Since then a number of make-shift versions have made their way to the public, mainly through the Internet. According to a military intelligence specialist, the system aims initially to intercept a call by electromagnetic wave to record the authentification information each cellular phone sends to its operator when switched on. Next, the deciphering software allows the user to read the targeted line's SIM card. Subsequently a clone is made with a Smartcard Reader Writer, a smart-card manufacturing machine sold on the open market. Some illicit cloning systems even use special Smartcartd Reader Writers that can reproduce the 30 smart card standards that exist in the world and are used, for instance, to make bank cards. Once the SIM card has been cloned the system detects and monitors communications in real time without -- theoretically -- the operator or user knowing about it. The fact that encryption used in GSM is relatively easy to crack has obviously contributed to the upsurge in cloning. But electronics stores that sell devices that read and reproduce cards have also played a part in the rise of such systems. Some companies have sized up the danger that cloning represents to the market and are preparing new products. For one, the Schlumberger group's R&D division is currently working on making a more tamper-proof SIM card. ------------------------------ <...> From: rshockey@ix.netcom.NsSPaM.com (Richard Shockey) Subject: Bellheads vs Netheads Date: Thu, 24 Jun 1999 00:52:40 GMT Organization: Shockey Consulting LLC The following report out of Canada may be of interest to readers of this distinguished group. http://www.canniff.com/tdenton/netheads3.htm Its a very well thought out analysis of the fundamental differences in viewpoints and chalenges of Internet Telephony. Its worth your time to read. Richard Shockey Shockey Consulting LLC 8045 Big Bend Blvd. Suite 110 St. Louis, MO 63119 Voice 314.918.9020 FAX 314.918.9015 Internet E-Mail/IFAX rshockey@ix.netcom.com eFAX 815.333.1237 ------------------------------ End of TELECOM Digest V19 #165 ****************************** ----- Backwarded [excerpt] ----- End forwarded message -----