nettime maillist on Sat, 26 Jun 1999 03:00:41 +0200 (CEST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

tbyfield: (fwd) TELECOM Digest V19 #165 [excerpt]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
<> is the temporary home of the nettime-l list
while rebuilds its list-serving machine.  please continue to send
messages to <> and your commands to <>.
nettime-l-temp should be active for approximately 2 weeks (11-28 Jun 99).
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

---------- Forwarded message ----------
Date: Thu, 24 Jun 1999 11:17:24 -0400
From: t byfield <>
Subject: tbyfield: (fwd) TELECOM Digest V19 #165 [excerpt]

----- Forwarded [excerpt]

Date: Wed, 23 Jun 1999 21:08:11 -0400 (EDT)
Subject: TELECOM Digest V19 #165

TELECOM Digest     Wed, 23 Jun 99 21:08:00 EDT    Volume 19 : Issue 165

Inside This Issue:                           Editor: Patrick A. Townson

    GSM Interception (Babu Mengelepouti)
    Bellheads vrs. Netheads (Richard Shockey)


Date: Wed, 23 Jun 1999 14:32:49 -0700
From: Babu Mengelepouti <>
Organization: US Secret Service
Subject: GSM Interception

Well, it is only a matter of time before any system gets cracked.  And
the first one to sell a device gets the biggest markup!

  Subject: GSM Cellular Phones Increasingly Unreliable   
  From Intelligence Newsletter, 06/10/99

Over the past six months a roaring trade has sprung up on back-street
markets for equipment to intercept cellular telephone calls that had once
been reserved for government intelligence and law enforcement agencies.
The risk that GSM networks are being broken into for espionage purposes
with widely-available equipment and modest skills is now very real. 

Intelligence Newsletter has been able to identify web sites that sell
interception equipment by mail-order. Elsewhere, components required to
manufacture such devices are to be found in many electronics stores in
Europe and the United States. The industry itself has pointed the way. We
have obtained a leaflet from the British company G-Com Tech which provides
a detailed rundown of the GSTA-1400 system. The firm describes the system,
reserved for governments, as one of the best "official" devices to record
GSM communications at a cost of between $245,000 and $327,000 depending on
the model. 

Systems sold on the black market run along the same lines as such
products, and sometimes simply copy them. The system consists invariably
of a portable computer equipped with deciphering software connected to a
GSM or fixed 2Mbits/second telephone. Tracking the target line with a
clone of its SIM (Subscriber Identification Module), the system can
usually decipher the signal in just 2.5 minutes.  The breakthrough came in
April, 1998 when two researchers from the University of Berkley in
California demonstrated it was possible to clone a SIM card. David Wagner
and Ian Goldberg, who both belong to the Internet Security Applications
Authentification and Cryptography Group (ISAAC), carried out a successful
series of attacks against the Comp128 algorithm. 

The latter forms the basis of algorithms created by the manufacturers of
GSM, the A3 and A8, which encrypt information contained inside a SIM card.
According to the American Smartcard Developers Association (SDA) the
system developed by Wagner and Goldberg can turn out cloned cards that GSM
operators can't distinguish from real ones. At the same time, the SDA
identified a partial flaw in the symmetric-type A5 algorithm which
protects data transmission between the operator and user. According to SDA
director Marc Briceno, although A5 has a 64 bit key only 54 are actually
used, probably to facilitate eavesdropping by an intelligence agency. 

Late last December in Berlin an experimental system devised by "private
researchers" was presented to a conference of hackers belonging to the
Chaos Computer Club (CCC). It took advantage of flaws in the A3,A5 and A8
algorithms to conduct interceptions. Since then a number of make-shift
versions have made their way to the public, mainly through the Internet.
According to a military intelligence specialist, the system aims initially
to intercept a call by electromagnetic wave to record the authentification
information each cellular phone sends to its operator when switched on.
Next, the deciphering software allows the user to read the targeted line's
SIM card. Subsequently a clone is made with a Smartcard Reader Writer, a
smart-card manufacturing machine sold on the open market. 

Some illicit cloning systems even use special Smartcartd Reader Writers
that can reproduce the 30 smart card standards that exist in the world and
are used, for instance, to make bank cards.  Once the SIM card has been
cloned the system detects and monitors communications in real time without
-- theoretically -- the operator or user knowing about it. The fact that
encryption used in GSM is relatively easy to crack has obviously
contributed to the upsurge in cloning. But electronics stores that sell
devices that read and reproduce cards have also played a part in the rise
of such systems. Some companies have sized up the danger that cloning
represents to the market and are preparing new products. For one, the
Schlumberger group's R&D division is currently working on making a more
tamper-proof SIM card. 



From: (Richard Shockey)
Subject: Bellheads vs Netheads
Date: Thu, 24 Jun 1999 00:52:40 GMT
Organization: Shockey Consulting LLC

The following report out of Canada may be of interest to readers of
this distinguished group.

Its a very well thought out analysis of the fundamental differences in
viewpoints and chalenges of Internet Telephony.

Its worth your time to read.

Richard Shockey
Shockey Consulting LLC           
8045 Big Bend Blvd. Suite 110
St. Louis, MO 63119            	
Voice 314.918.9020       
FAX   314.918.9015

Internet E-Mail/IFAX
eFAX 815.333.1237  


End of TELECOM Digest V19 #165

----- Backwarded [excerpt]

----- End forwarded message -----