DECT phones, POS terminals under attack

German security experts have built a cheap laptop-based sniffer that can break into cordless phones, debit card terminals and security door mechanisms, according to Techworld. They say it will also work on the next generation of DECT, known as CAT-iq.

The attack on DECT, demonstrated at the 25th Chaos Communications Congress in Berlin, used a Linux laptop with a modified €23 laptop card. It can intercept calls and information directly, recording it in digital form.

Even if encryption is switched on, the system can bypass it by pretending to be a base station that doesn't support it, the report says.

It was thought that Wi-Fi would make DECT obsolete, but DECT has native encryption and is being deployed in broadband routers. A new generation of DECT is being developed under the CAT-iq brand.

The report says it is not clear whether the same method would work on debit card reading systems.

A lively debate has ensued on what action should be taken, in which DECT's secret encryption has been severely criticised.