Shmoocon 2010: GSM: SRSLY? 5/6

Clip 5/6
Speakers: Chris Paget and Karsten Nohl

The worlds most popular radio system has over 3 billion handsets in 212 countries and not even strong encryption. Perhaps due to cold-war era laws, GSM's security hasn't received the scrutiny it deserves given its popularity. This bothered us enough to take a look; the results were surprising.

From the total lack of network to handset authentication, to the "Of course I'll give you my IMSI" message, to the iPhone that *really* wanted to talk to us. It all came as a surprise -- stunning to see what $1500 of USRP can do. Add a weak cipher trivially breakable after a few months of distributed table generation and you get the most widely deployed privacy threat on the planet.

Cloning, spoofing, man-in-the-middle, decrypting, sniffing, crashing, DoS'ing, or just plain having fun. If you can work a BitTorrent client and a standard GNU build process then you can do it all, too. Prepare to change the way you look at your cell phone, forever.

For more information and the presentation slides go to: http://bit.ly/ayh0xT

Category:

Science & Technology

Tags:

• Shmoocon
• 2010:
• GSM:
• SRSLY?
• 5/6

License:

Standard YouTube License