Re: [ISN] New Attack Intercepts Wireless Net Messages

From: InfoSec News (isnat_private)
Date: Fri Mar 15 2002 - 04:19:14 PST

  • Next message: InfoSec News: "[ISN] Cable Modem Hacking Tricks Uncapped Online"

    Forwarded from: X Ndala <xndalaat_private>
    Inaccurate information in this article... hope this reply corrects it.
    >-----Original Message-----
    >From: InfoSec News [mailto:isnat_private]
    >Sent: den 13 mars 2002 10:18
    >To: isnat_private
    >Subject: [ISN] New Attack Intercepts Wireless Net Messages
    > March 11, 2002
    > By Dennis Fisher and Carmen Nobel
    > By design, the Mobitex specification, like other wireless standards
    > such as Global System for Mobile Communications and General Packet
    > Radio Service, sends packets in unencrypted form. The network, which
    > handles data transmissions only, has been in operation since 1986
    > and has a large base of installed devices, with customers using it
    > for everything from point-of-sale verification to e-mail.
    Wrong: GSM and GPRS are encrypted in the air interface. The mobile
    operator has the choice to turn off encryption for GSM or GPRS
    traffic, but that is very rare.
    For your information: GPRS extends GSM to support radio packet
    switched traffic. By definition, GSM traffic is circuit switched (like
    normal telephone lines where you can have voice or data from dial-ups,
    only it's mobile).
    > "The attack is fairly simple," said Joe Grand, one of the
    > researchers who perfected the technique. "The problem is, this isn't
    > a bug. It's part of the spec that data is transmitted in the clear,
    > just like it's part of the spec that Internet data is transmitted in
    > the clear. The risk depends on who is using the network and when and
    > what data they're sending."
    Wrong again: GSM and GPRS specs are available at
    If you bother to read them, you'll see that data is NOT transmitted in
    the clear.
    GSM and GPRS have been developed with Confidentiality, Integrity and
    Authentication in mind. That's what makes these technologies much more
    secure than others.
    An example of another technology being developed with security in mind
    is 3G (short for 3rd Generation, or UMTS/WCDMA in Europe, CDMA2000 in
    the US).  Take a look at the excellent security specs in 3G is an evolution from GSM (sometimes called 2G)
    and GPRS (sometimes called 2.5G).
    I wonder what the world would be like if Micro$oft developed software
    using this methodology (inherent security requirements)... uhmm... Hey
    Billy!, wanna see ya fussing now through all those lines of code
    reviewing security items! Might as well start a whole new system...
    no, wait, have to keep retro-compatibility with windows2k and
    dotNet... sh*t.
    ... sorry folks, got myself a little bit carried away with my
    feelings...  back to reality...
    I believe we have to be positive: IP will one day be much safer like
    these wireless techologies. Many things like IPSec and PKI are coming
    into place.  And 10 or 20 years from now we'll have a much safer
    world. (orchestra in the background, please)
    But until we get there there's a looooot of work to be done; like
    correcting articles as this one that take away hope from people by
    saying lack of security is not a bug, it's the specs... ?!
    Yours sincerily
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Fri Mar 15 2002 - 08:56:38 PST