Re: GSMA statement on media reports relating to the breaking of GSM encryption

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

I'm not sure if this was posted to list already:

"The demonstration of cracking A5/1 at 26C3 planed for today [30th Dec] is canceled."

http://events.ccc.de/congress/2009/wiki/Workshops#Day_4_-_2009-12-30_Wed
http://events.ccc.de/congress/2009/wiki/The_demonstration_is_canceled

Juha-Matti

Juha-Matti Laurio [juha-matti.laurio () netti fi] kirjoitti: 
> 'Cellular group says mobile calls safe from hackers':
> http://www.reuters.com/article/idUSTRE60641G20100107
>
> "The London-based GSM Association said on Thursday that it has spent the past few years figuring out
> ways to thwart hackers who might try to tap into wireless calls using Nohl's research,
> which it first learned of in 2007.
>
> GSM Association engineers have figured out a short-term solution to block eavesdroppers, said James Moran,
> head of security for the association.
> It involves making slight changes to the settings in each wireless operator's network.
>
> Carriers can quickly make those adjustments by tweaking existing features in the technology, Moran said in an 
> interview."
> --clip--
>
> Juha-Matti
>
> Gadi Evron [ge () linuxbox org] kirjoitti: 
> > On 1/2/10 7:28 AM, Dan Kaminsky wrote:
> > > Pay no attention to the relatively large number of open source GSM base
> > > stations in development and preliminary deployment.
> >
> > The statement is just funny as GSM was completely broken years ago, I am 
> > proud to say, largely by Israeli researchers at the Technion institute, 
> > Elad Barkan and Eli Biham, as far as I know, as they share credit with 
> > some others for previous work.
> >
> > http://tx.technion.ac.il/~barkan/academic/index.html
> >
> > This guy at CCC made it practical for the layman.
> >
> > So them saying it hasn't been explained in details is ridiculous.
> >
> >     Gadi.
> >
> >
> > > On Fri, Jan 1, 2010 at 8:46 PM, Les Bell <lesbell () lesbell com au
> > > <mailto:lesbell () lesbell com au>> wrote:
> > >
> > >
> > >     Juha-Matti Laurio <juha-matti.laurio () netti fi
> > >     <mailto:juha-matti.laurio () netti fi>> wrote:
> > >
> > >      >>
> > >     GSM Association has posted their statement
> > >     <<
> > >
> > >      From the statement:
> > >
> > >     "So far, this aspect of the methodology has not been explained in any
> > >     detail and we strongly suspect that the teams attempting to develop an
> > >     intercept capability have underestimated its practical complexity."
> > >
> > >     So, it's business as usual for the telecommunications industry, then:
> > >     security by obscurity. Yep, that'll work.
> > >
> > >     Best,
> > >
> > >     --- Les Bell
> > >     [http://www.lesbell.com.au]
> > >     Tel: +61 2 9451 1144
> > >
> > >
> > >     _______________________________________________
> > >     Fun and Misc security discussion for OT posts.
> > >     https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > >     Note: funsec is a public and open mailing list.
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Fun and Misc security discussion for OT posts.
> > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > > Note: funsec is a public and open mailing list.
> >
> >
> > -- 
> > Gadi Evron,
> > ge () linuxbox org.
> >
> > Blog: http://gevron.livejournal.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.