Hacker intercepts phone calls with homebuilt $1,500 IMSI catcher, claims GSM is beyond repair
By Sean Hollister 
posted Jul 31st 2010 10:28PM
posted Jul 31st 2010 10:28PM
The hacker did caveat that his system could only intercept outbound calls, and that caller ID could tip off the owner of a handset to what's what, but he says professional IMSI catchers used by law enforcement don't suffer from such flaws and amateur parity would only be a matter of time. "GSM is broken," Paget said, "The primary solution is to turn it off altogether." That's a tall order for a world still very dependent on the technology for mobile connectivity, but we suppose AT&T and T-Mobile could show the way. Then again, we imagine much of that same world is still using WEP and WPA1 to "secure" their WiFi.
 Wired, AP, MobileBeat, Forbes, IDG |
Quality assurance.
@Isit
NICE MSPAINT, ENGADGET
@Isi at least somebody is there to show that we are using an unsafe tech. Hopefully they change it soon.
@Isit
What should I use instead of WPA?
@Gibson Nothing. Send your information through carrier pigeons. Pigeons never fail. NEVER.
@Indefinite Implosion What is stronger than WAP2? What is that about AES?
@Bob the Terrorist I don't really like your name.... In fact, I hate it.
@Bob the Terrorist Yeah, except when they're intercepted by a predator.
@HotWalk Quality assurance= recording your call. Your call will be recorded for quality purposes. :)
@Isit "WPA2! With 100% more 2's in its name."
Umm, try checking your math again. 100% more of zero is still zero.
You know, the hackers could've just asked me for my mobile, I love giving my phone number out :)
@Isit
Quality assurance = fun ass job.
Your job is to break shit, then break the news to the developer that their shit is broken.
@Isit
Rofl. Now who's the dying cell technology? Might not be able to send data and talk at the same time, but at least we haven't been HAXX0Rd rofl.
Signed,
CDMA
@Isit
as soon as i saw this article i though it would be chris paget
this dude knows what he is doing
@Mike10010100
Quote(Rofl. Now who's the dying cell technology? Might not be able to send data and talk at the same time, but at least we haven't been HAXX0Rd rofl.
Signed,
CDMA
)QUOTE
"The purpose of the demonstration was highlight a major flaw in the 2G GSM system."
You can only talk and browse on 3g this clearly states it only affects 2g GSM lrn2troll.
Also how many people use 2g anymore? My iPhone NEVER sees 2g!!!!
@Isit
I'm glad I live in Central Florida which was very wide spread 3g.
@engadgetcomexcludeengadget
One hundred "per cent" (per hundred) is one. GG.
@KeithClark2010
Protip: When a GSM phone accesses the towers to make a call, it switches into 2G, aka EDGE on AT&T, to complete both the call and transfer the data. That's why the data rates are reduced in-call, because it's on a slower network.
Learn2educate yourself.
@Mike10010100
To clarify:
"Actually you can not use 3G for voice and data at the same time. AT&T does not use 3G for voice on any phone. It is a limit that they have set on their end, not on the phone. 3G is only used for data through AT&T. This is why you CAN use data and voice at the same time. Other companies, such as Sprint and T-Mobile, use 3G for voice and data. Which is why you CAN NOT use voice and data at the same time."
Source:http://forums.macrumors.com/showthread.php?t=484056
Seriously, rofl. This proves GSM is fundamentally flawed. Glad you're enjoying your data and voice at the same time. Turns out it's the root of the hacking exploit. lol
@Mike10010100
Really, then how come this was only possible on the iPhone 3g and up even thought the 2g is the exact same hardware save the 3g antenna.
Also if you turn off 3g during a call how come you have to drop the call? Also how come I get 300kbps per sec on a speed test while on the phone over the air whilst on 3g, the max for 2g is 150kbps???
lrn2deductivereason
@Mike10010100
WRONG. AT&T uses 3G for voice and data. If the 3G network is full, then a call is dropped to 2G and data is lost altogether.
BTW, T-Mobile uses the same technology. It also allows their users to have voice and data simultaneously on 3G.
@Mike10010100
Also
lrn2lookforrealsourcesandnotjustsomeshittyforum
@Isit This has got to be one of the most simple fails that existed from the beginning of time.
You would think that ATT fixed this already.
@KeithClark2010
I apologize. I was incorrect. It seems that AT&T's 3G can handle voice and data at the same time via the same technology, a wireless VOIP. The data rates are reduced because you're sharing the voice with the data in the same stream.
@Mike10010100
It's all good sorry for being a dick. lol nice to meet someone who actually accepts responsibility...
@KeithClark2010
Oh, do cite YOUR sources, then. You're citing your own personal experience. I've never owned a GSM phone, and there is very little online on the subject of GSM voice + data.
l2notbeanasshole
Either way, if you had read the article, the guy could simply turn on one of his 3G jammers and force every AT&T (or T-Mobile) phone in the room onto 2G. It's relatively simple to do.
@KeithClark2010
And I'm sorry. You WERE kind of being an asshole for a minute. Didn't know how this was going to work. When I'm wrong, I'm wrong. lol I'll readily admit it. I've never owned a GSM phone, so I was going on the assumption that it worked like CDMA does.
When I make a call on my CDMA phone, it switches completely onto call mode (1x), thus blocking off all data. I had assumed that GSM did the same with EDGE and that it simply layered the data on top. lol
@Mike10010100
CDMA is weird, eh whatever I am of the theory that you shouldn't be stupid enough to talk about stuff that you wouldn't want anyone to hear on any cellphone let alone GSM. Lol if you want to share something share it in person. Plus I mean pretty much any cellphone now can be bugged with software that does this anyway so it's not like this is something really new just a play on an old idea. On a semi related note, I would totally switch to Verizon if they had the iPhone which may be a possibility with the switch to LTE Sims...
@Isit
well, by the time he intercepts your iphone call it would have dropped.
waste of money dude.
@HotWalk Trust me, that update isn't coming anytime soon.
@Mike10010100
Now we've got GSM / CDMA fanboys. Nice.
It's not like you chose CDMA because it was mire secure, so don't give yourself too much credit
@KeithClark2010 CDMA uses the long and short codes that are really hard to break. The short code being 32768 bits long and the long code 1.1 trillion... considering you get a different code for each call, it will not be as simple to break as GSM. On another note, the Droid X is much better than the iPhone and is already available on Verizon.
@Mike10010100 "Might not be able to send data and talk at the same time, but at least we haven't been HAXX0Rd rofl."
When you say 'we' are you assuming that as the owner of a CDMA phone, you have some kinship with your fellow phone buyers?
Anyway let's talk about damage for a second. This works for outgoing calls as the hacker has to connect to a local user making a call and that phone has to choose the hacker's mobile hot-spot.
Assume this happens, what's the worst they can do? Listen to what I'm saying, pretty much like someone walking down the street beside me.
If they wanted to, I'm sure they could use a laser mic much more effectively as they could track me anywhere.
Yeah, I think data + calls at the same time still wins. Not to mention marketshare: GSM=87%, CDMA=13%. I can take my phone anywhere in the world and be assured that I can use it.
@Droidum
Just don't download anything from the app store and you should be fine security wise.
@suicidebob
No, its carrier fanboys. Verizon and sprint Vs tmo and at&t
@Gibson
An ethernet cable honestly is the most secure method....
@KeithClark2010
And iPhone didn't have 3g until version 2.
@Mike10010100 All hail CDMA!
@Isit
It says nothing about CDMA, so I'll assume I'm okay with my Verizon phone :)
@Spartan117458
Whats funny is this perception that CDMA isn't hackable despite the fact that US military jams CDMA and GSM signals at bases and can already tap CDMA transmissions.
Wireless transmissions are never really secure. The only reason this idiot is attacking GSM is due to its popularity. With the massive amounts of CDMA spoofing and ESN duping... security is far from unbreakable.
@csmitty Don't forget the Citibank app for the iPhone that was recently pulled... http://www.rcrwireless.com/ARTICLE/20100727/ENABLERAPPS/100729962/how-citibank-dealt-with-an-iphone-app-security-snag
In case you need a reference...
@Gibson
WPA2
@Bob the Terrorist Except when they go extinct.
@engadgetcomexcludeengadget
Yeah I can't believe Engadget just put WEP and WPA1 on the same level; WPA1's only exposed vulnerability has been minor in that it just causes a DoS and even doing that requires some prior knowledge, but there hasn't been an exploit that involves compromising encryption keys or user data. WPA1 is still just fine for securing Wifi.
@Anticrawl Then they break the news to you that they're paying you shit
@TinWard While a laser mic would pick your side but not the other side of the conversation. But I do not see this as a serious threat, I do not use the phone for any serious conversations.
Posted at 10:28pm?... How is that possible? :\
@TruUnknowN
EST Time
@TruUnknowN
ENGADGET WRITERS ARE SECRETLY FROM THE FUTURE!!!!!1!1!!11!
@PathogenX
What?! Engadget exists in a time different from mine?
Dude, you're freaking me out.