Hacker intercepts phone calls with homebuilt $1,500 IMSI catcher, claims GSM is beyond repair
By Sean Hollister 
posted July 31st 2010 10:28PM
posted July 31st 2010 10:28PM
The hacker did caveat that his system could only intercept outbound calls, and that caller ID could tip off the owner of a handset to what's what, but he says professional IMSI catchers used by law enforcement don't suffer from such flaws and amateur parity would only be a matter of time. "GSM is broken," Paget said, "The primary solution is to turn it off altogether." That's a tall order for a world still very dependent on the technology for mobile connectivity, but we suppose AT&T and T-Mobile could show the way. Then again, we imagine much of that same world is still using WEP and WPA1 to "secure" their WiFi.
 Wired, AP, MobileBeat, Forbes, IDG |
OH MY GOD RUN THE HILLS ARE FALLING FROM THE MUSIC!
Yeeesh. Let me check to see if I understand this "hack":
1) Set up an antenna.
2) Put it somewhere that it will exist between caller A and caller B.
3) Intercept communications.
How by any stretch of the imagination is this not a MITM (man-in-the-middle) attack? Method: pass through communication, but use authentication keys received from both ends to decrypt it. This has existed for ages and works quite well. The problem? They're difficult to detect, surprisingly easy to set up, and difficult to prevent from working. The extra security precautions are not trivial and affect most older communication technology on the market.
My bet? You can do this with CDMA systems just as easily. The only difference is that a CDMA system won't hop to the strongest signal (is that good or bad?). And a minor upgrade could stop GSM from doing this (you complained about dropped calls before ...).
In the end, this is non-news and utterly unsurprising.
@maztec Correct. If they really wanted too it wouldnt take much to make them work much alike. I still say both suck anyhow.
I have a question. If CDMA was so superior then why do people scream the word POLICE when you talk to them about getting Cricket & thats a CDMA network. Answer: Because they used to tap into ppls cells & the ppl who were selling drugs got busted.
You know, if these "security experts" that keep hacking Facebook, cell phones, etc., really want to do some "good", why don't they hack the servers of the companies that distribute computer viruses and rogue antivirus software and shut them down?
Seriously, quit hacking innocent people and start hacking the crooks!
This is not news to anyone who has worked with GSM or studied the freely available specifications. GSM base stations do not authenticate themselves to the phone. Period.
The presented method is simple and effective, but it requires the eavesdropper to transmit. GSM encryption has been pretty much broken already. It shouldn't be much more expensive to build a system that records encrypted signals and decodes them later in reasonable amount of time.
QUICK... SOMEONE TELL MCNULTY AND FREAMON! THE WIRE IS A GO!