Only recently a blog post blacklisted Java Plug-Ins to be unsafe for users, and now a German Security Expert has issued a warning that GSM networks might be a security threat afterall. Karsten Nohl, head of Germany’s Security Research Labs, a Berlin-based consulting company, made this discovery while working on a presentation for a security convention.
Nohl explains that this security glitch is on the part of the telecom operators who still use technologies that were built in the last decade. This makes a person’s phone vulnerable to hackers who might misuse a phone by sending text messages, ordering up pay-for services, without the owner’s permission. Nohl intercepted calls by impersonating another user to listen to their voice mails or make calls or send text messages. All the more alarming is the fact that he was able to do this by using a seven-year-old Motorola cellphone and decryption software which can be easily found on the Internet for free.
The standard electronic exchange of information between phone and network, which includes coded instruction/command-type
information such as “Wait” or “I have a call for you” vary little from operator to operator. This vulnerability was exploited by Nohl by making smart guesses to decipher the algorithmic keys used by each network to manage illegal access to one’s personal phone.
Considering the wide use of GSM network across the , it is a pressing issue for telecom networks and their users alike. It is of utmost priority for operators to update their software so that such attacks can be avoided and the privacy of users be maintained. More information on the issue can be found here.