While eavesdropping on a GSM call has been possible for some years, the drawback was the mountain of expensive equipment and expertise required. This might all be changing if you believe two researchers who presented at a security conference last week. According to David Hulton and Steve Muller, GSM calls can now be recorded over long distances and cracked open in half an hour using only US$1,000 worth of field-programmable gate array-aided computer equipment and a frequency scanner.
However, this breach depends on how the GSM call is established. Hulton claims that attackers are able to find out a cell phone's mobile subscription identification number and built-in hardware ID simply by sending a text message to that phone. "The attacker would then have enough information to isolate calls from that phone." According to Hulton, spend US$100,000 on hardware and the crack can be done in only 30 seconds using massive parallel processing technology. His company, Pico Computing, is now developing the fast version to sell to agencies such as law enforcement, but plans to give away the slower version for free.
For more on this story:
- read ComputerWorld