Re: Mobile phone pen-testing,

[cwright () bdosyd com au]

Hi,
First, the nature of your testing does not suit the aims. You will not ensure that you can not be overheard by pen 
testing your phone.

"As a mobile phone user, is there something that we can do to secure mobile phone conversation? "
Yes - first ensure that you do not use bluetooth. Run Voip - encrypt it end to end. Ensure key security.

"Is it possible to setup a secure channel communication through GSM network? "
Yes. There are a number of encryption standards - some even work. (Try to avoid those that do not use tried and true 
algorithims)

"How expensive is the device?"
How long is a piece of string. From $50 to $50k

Regards,
Dr Craig S Wright GSE (Complaince)

<--- In reply to --->
Mobile phone pen-testing, Oct 02 2007 11:50AM
Wilmar Sulaiman (wilmar sulaiman gmail com) 
Hi guys,

I am looking for a guidance on how to pen test a mobile phone on the
GSM network. Well I guess the main objective in this pen test is to
ensure that no one is listening to my phone conversation. I am hoping
to get a reasonable assurance that no one this includes phone operator
can listen t...

[ more ]  

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------