Re: New Attack Intercepts Wireless Net Messages

[InfoSec News <isn () c4i org>]

Forwarded from: X Ndala <xndala () hotmail com>

Inaccurate information in this article... hope this reply corrects it.

> -----Original Message-----
> From: InfoSec News [mailto:isn () c4i org]
> Sent: den 13 mars 2002 10:18
> To: isn () attrition org
> Subject: [ISN] New Attack Intercepts Wireless Net Messages
>
>
> http://www.eweek.com/article/0,3658,s=1884&a=23806,00.asp
>
> March 11, 2002
> By Dennis Fisher and Carmen Nobel

[...]

> By design, the Mobitex specification, like other wireless standards
> such as Global System for Mobile Communications and General Packet
> Radio Service, sends packets in unencrypted form. The network, which
> handles data transmissions only, has been in operation since 1986
> and has a large base of installed devices, with customers using it
> for everything from point-of-sale verification to e-mail.

Wrong: GSM and GPRS are encrypted in the air interface. The mobile
operator has the choice to turn off encryption for GSM or GPRS
traffic, but that is very rare.

For your information: GPRS extends GSM to support radio packet
switched traffic. By definition, GSM traffic is circuit switched (like
normal telephone lines where you can have voice or data from dial-ups,
only it's mobile).

> "The attack is fairly simple," said Joe Grand, one of the
> researchers who perfected the technique. "The problem is, this isn't
> a bug. It's part of the spec that data is transmitted in the clear,
> just like it's part of the spec that Internet data is transmitted in
> the clear. The risk depends on who is using the network and when and
> what data they're sending."

[...]

Wrong again: GSM and GPRS specs are available at http://www.etsi.org.
If you bother to read them, you'll see that data is NOT transmitted in
the clear.

GSM and GPRS have been developed with Confidentiality, Integrity and
Authentication in mind. That's what makes these technologies much more
secure than others.

An example of another technology being developed with security in mind
is 3G (short for 3rd Generation, or UMTS/WCDMA in Europe, CDMA2000 in
the US).  Take a look at the excellent security specs in
http://www.3gpp.org. 3G is an evolution from GSM (sometimes called 2G)
and GPRS (sometimes called 2.5G).

I wonder what the world would be like if Micro$oft developed software
using this methodology (inherent security requirements)... uhmm... Hey
Billy!, wanna see ya fussing now through all those lines of code
reviewing security items! Might as well start a whole new system...
no, wait, have to keep retro-compatibility with windows2k and
dotNet... sh*t.

... sorry folks, got myself a little bit carried away with my
feelings...  back to reality...

I believe we have to be positive: IP will one day be much safer like
these wireless techologies. Many things like IPSec and PKI are coming
into place.  And 10 or 20 years from now we'll have a much safer
world. (orchestra in the background, please)

But until we get there there's a looooot of work to be done; like
correcting articles as this one that take away hope from people by
saying lack of security is not a bug, it's the specs... ?!

Yours sincerily
--xndala



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.