Archives for posts with tag: 3G

GCHQ heeft Gemalto gehackt om de authenticatiesleutels van SIM kaarten in handen te krijgen. Gemalto reageerde in eerste instantie laconiek. Nu zijn ze plotseling heel stellig over de beperkte impact van de hack. Dit was ook de strekking van de rapportage van het NOS journaal over dit onderwerp. Een iets kritischer opstelling van het journaal was echter wel op zijn plaats geweest.

Read the rest of this entry »

GSM has been broken up to the point that a phone call or an SMS can be intercepted using an ordinary phone and a PC. For ordinary people, this has little consequences. But targeted attacks, aimed at conversations of CEO’s or high ranking government officials, have become more likely. The same goes for targeted attacks against people that perform high value transactions using SMS based authentication.

The attack still has its limitations, and a fake base-station attack is maybe easier to perform. However, there is an easy solution to prevent this attack (and also the fake base-station attack, by the way). Force your mobile to use only UMTS (3G) communication. Make sure it does not fall-back to GSM. Certain phones have this option, like smartphones (although not always as an easily selectable option because 3G coverage is suboptimal).

If you think you are a possible high value target, get yourself such a phone. For the rest of the world: wait until your mobile network operator discontinues GSM and only uses UMTS.