Re: Questions on GSM Penetration test

[M Lister <mlist () m-net arbornet org>]

> 2. You can copy a sim card.

Please forgive me if this sounds naive, but I was under a *STRONG*
impression that it is practically impossible to copy a smart card. [Isnt
that what is used as a SIM card]. From the little that I know of smart
cards, security is their forte. I know absolute security is an unknown
concept but still copying a smart card, wouldnt that be too
difficult?? Wouldnt the cost involved in doing so probably be more than
the benefits? 

A smart card can deny access to certain memory regions based on how it is
programmed. A card that has crappy programming can be exploited, but would
this statement of yours always be true. If yes, I would love a small
explanation. 

> 3. You can eavesdrop comunications between basestations.

Out of plain curiosity, is the data encrypted while in transit. I asked
the dealer here in my country who promptly replied YES, but I doubt he had
even a vague idea of what I was talking about. Given the amount of data
and the required level of low latency in cell phones and the fact SIM
cards are no Crays, I would *LOGICALLY* doubt it. But then I would love to
be sure.

Also if some one were to sniff/eavesdrop  such a conversation, how would
he go about doing it? I am not asking for the exact info but a generic
example would be wonderful.

With regards,
M


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/