http://blog.thc.org/index.php?/archives/1-GSM-Researcher-stopped-at-Heathrow-Airport-by-UK-government-officials.html By John Doe April 16. 2008 I was leaving today from the United Kingdom/Heathrow airport. I am about to speak at the HITB IT security conference about GSM security and the USRP (gnu-radio project). I was searched by the UK government while waiting at the Gate and reading a newspaper. A UK Government employee flipped his badge and said "Let's talk. Come over here". They detained my USRP (Software Defined Radio), my mobile phone and my personal SIM card. They did their homework. They knew who I am, where i live, which day I speak at the conference and who I work for. I'm involved in the GSM software project where we also developed a new attack against the GSM encryption A51. We published our research in February at the Blackhat security conference in Washington DC. I understand that the government wanted to make sure that I'm not exporting any cryptanalytic device. I did not. I will not. The USRP is a radio. My mobile phone is a normal nokia 3310 phone and my SIM card is a sim card. They said they do not know what the USRP is and that I can not take it until they have checked it in the lab. This can take 14 days (1/2 month). So be it. They have it for 14 days. Guys, enjoy the device! It's fun playing around with it! I'm uneasy that they took my mobile phone and my sim card. Having a pregnant wife at home and not being reachable complicates my situation. Is this common practice? Are they allowed to do this? Any tips how I can get my mobile phone and my sim card back quicker? Our project: http://wiki.thc.org/gsm The USRP is available from http://www.ettus.com The GNU RADIO project: http://www.gnu.org/software/gnuradio stunning, THC --- Appendix: Surprisingly they did not detain my laptop or my paperwork which would be the most likely place to store any information related to cracking A51. They were also not interested in my 160GB harddrive which would have been the obvious place for storing the rainbow tables. Neither were they interested in the high performance FPGA chip. Instead they took all equipment that could have been used for demonstrating that GSM signals can be received with publicly available hardware for 700 USD. It does not appear that they were after cryptanalytic information. I received a yellow paper about my detained goods. They left the field blank that reads "The goods specified below are detained for the following reason:". What reason? They also crossed out the field "Agent" of the officer who was in charge of the operation. -==- Let identityLoveSock take your personal information into their wanting hands. http://www.identity-love-sock.com/ Because victims have money too.
This archive was generated by hypermail 2.1.3 : Thu Apr 17 2008 - 01:50:11 PDT