[wendroid]

I sent this to press@gsm.com, the email address of Claire Cranton, quoted in the article :

Dear Ms. Cranton,

http://www.nytimes.com/2009/12/29/technology/29hack.html?_r=...

“This is theoretically possible but practically unlikely,” said Claire Cranton, a GSM spokeswoman, noting that no one else had broken the code since its adoption. “What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”

A set of incredible admissions.

* This is theoretically possible but practically unlikely

GSM 64bit encryption is broken. Not theoretically but actually. The likelihood of it happening to someone now depends on the value of the calls.

* no one else had broken the code since its adoption.

And now they have, that's the point

* would be illegal in Britain and the United States

I don't think criminals are deterred by such niceties and they are hardly likely to reveal their source while extorting money from me or making insider trades

* To do this while supposedly being concerned about privacy is beyond me

Knowing that my handset can be eavesdropped by people outside of the law is the ultimate privacy concern. That you don't understand this is beyond me.

> The association noted that hackers intent on illegal eavesdropping would need a radio receiver system and signal processing software to process raw radio data, much of which is copyrighted.

Again, copyright infringement would be very low on the list of criminal organisations.

Your response beggars belief, except it is perfectly reasonable viewed through the lens of PR.

Yours sincerely

[gaius]

And now they have, that's the point

Right now there are employees of GCHQ, NSA, Mossad, whatever the KGB is called this week, smirking at that assertion, they've probably had the capability for years. All this does is level the playing field a little.

[silentOpen]

I know for a fact that real-time A5/1 has been privately available commercially since at least 2006. It is my understanding from talking to a relevant engineer that if the algorithm wasn't known-broken when released, it was broken by intelligence services within the first year.

In conclusion, don't talk on cell phones when you're talking about sensitive things. In some locations (mid east), it has compromised you for years.

[caf]

A5/1 has been publically known broken for _years_. I am struggling to see what is new in this story at all.

[scythe]

GCHQ = Google Corporate Headquarters or something I haven't heard of?

[didroe]

http://en.wikipedia.org/wiki/Government_Communications_Headq...

[pavel_lishin]

Is she saying that the raw radio data is copyrighted? Or the software?

Because either way, wow.

[Zilioum]

As if people that want to listen to phone calls cared about copyright laws.

[stse]

It's not uncommon to stop publication of research by claiming copyright, patent, etc.

[pmjordan]

Patents? Surely not. Their original intent was to have the technology out in the open. I suspect you're thinking of trade secrets.

[stse]

This topic is a few days old, but for the record. Yes patents: http://www.wired.com/politics/law/commentary/circuitcourt/20... ...and by other means: http://www.wired.com/threatlevel/2008/08/injunction-requ/ http://www.wired.com/threatlevel/2009/06/atm-vendor-halts-ta... http://blog.washingtonpost.com/securityfix/2006/07/fbi_arres... http://www.wired.com/politics/law/news/2001/07/45298

[stse]

So you sent an e-mail to some public relations person at an interest group (gsm.ORG btw). You should approach your service provider or handset manufacturer, who (in theory) could take direct action as described in the presentation from ccc. This is one of the reasons for having an open phone.

[wendroid]

I got the address right in the actual mail, I wrote that from memory, damn.

GSM is bringing new encryption, presumably because they already know it is weak. I work in the industry so have no fear, it will be an issue.

[wendroid]

Subsequently the reply : (woo I'm a journalist!)

Dear Sir

Please find below my full reply to the journalist's enquiry.

Regards, Claire Cranton. ~~~~~~~~~~~~~~~~~~~~~~~~

We have been asked about this a number of times and the industry position is below. A5/1 has been in existence for a long time and so we have developed A5/3 as a migratory strategy for operators. However what I'd like to stress is that this activity is highly illegal and in the UK would be a serious RIPA offence as it probably is in most countries, it is likely also to contravene IPR. The GSMA heads up a security working group which looks at all issues re security and this isn't something that we take lightly at all.

Best wishes Claire

STATEMENT ON GSM ENCRYPTION GSM networks use encryption technology to make it difficult for criminals to intercept and eavesdrop on calls. On most GSM networks, the communications link between the handset and the radio base station uses the A5/1 privacy algorithm to scramble the signal.

Over the past few years, a number of academic papers setting out, in theory, how the A5/1 algorithm could be compromised have been published. However, none to date have led to a practical attack capability being developed against A5/1 that can be used on live, commercial GSM networks.

Reports of an imminent GSM eavesdropping capability are common. The GSMA, which welcomes research designed to improve the security of communications networks, routinely monitors the work of groups in this area. In 2007-8, a hacking group claimed to be building an attack on A5/1 by constructing a large look-up table1 of approximately 2 Terabytes - this is equivalent to the amount of data contained in a 20 kilometre high pile of books. In theory, someone with access to the data in such a table could use it to analyse an encrypted call and recover the encryption key.

Another group has announced similar plans in 2009. However, before a practical attack could be attempted, the GSM call has to be identified and recorded from the radio interface. So far, this aspect of the methodology has not been explained in any detail and we strongly suspect that the teams attempting to develop an intercept capability have underestimated its practical complexity. A hacker would need a radio receiver system and the signal processing software necessary to process the raw radio data. The complex knowledge required to develop such software is subject to intellectual property rights, making it difficult to turn into a commercial product.

Today, mobile networks are typically configured to optimise call set-up times, capacity and other aspects related to operational efficiency. But mobile operators could, if it ever proved necessary, quickly alter these configurations to make the 1 A definition of a lookup table is available at http://en.wikipedia.org/wiki/Lookup_table interception and deciphering of calls considerably harder. Moreover, intercepting a mobile call is likely to constitute a criminal offence in most jurisdictions.

All in all, we consider this research, which appears to be motivated in part by commercial considerations, to be a long way from being a practical attack on GSM. More broadly, A5/1 has proven to be a very effective and resilient privacy mechanism. By comparison, inexpensive and readily available radio scanners could be used to intercept calls on the analogue cellular networks that pre-dated GSM and which did not use encryption.

The mobile industry is committed to maintaining the integrity of GSM services and the protection and privacy of customer communications is at the forefront of operators' concerns. The GSMA has been working to further enhance privacy protection on GSM networks and has developed a new high-strength algorithm, A5/3. Over the past decade, export control agencies have removed many of the traditional barriers to the sale of cryptographic technologies enabling the development and use of A5/3. This new privacy algorithm is being phased in to replace A5/1. - Show quoted text - The GSMA represents the interests of the worldwide mobile communications industry. Spanning 219 countries, the GSMA unites nearly 800 of the world's mobile operators, as well as more than 200 companies in the broader mobile ecosystem. Visit www.gsmworld.com and www.mobileworldlive.com for more information.

It also produces the premier industry events including Mobile World Congress in Barcelona www.mobileworldcongress.com and Mobile Asia Congress www.mobileasiacongress.com

[moe]

a large look-up table1 of approximately 2 Terabytes - this is equivalent to the amount of data contained in a 20 kilometre high pile of books

I don't understand. Can someone please translate to libraries of congress?

[paulbaumgart]

I agree... it's a ridiculous description, and obviously the point is to confuse a less technical person into thinking 2 TB requires more than a single top-of-the-line HDD to store.

[kroo]

Taking your request literally, 2 terabytes is equivalent to (roughly) one-37th of the currently-digitized items in the printed collection in the Library of Congress. Good day. :)

( citation: http://blogs.loc.gov/loc/2009/02/how-big-is-the-library-of-c... -- an interesting read on its own, as estimates of "libraries of congress" seem to wildly differ.)

[Deestan]

> The complex knowledge required to develop such software is subject to intellectual property rights, making it difficult to turn into a commercial product.

Intellectual property rights aren't a security mechanism.

If the people in power at GSM are this clueless about security, I don't think they will ever be capable of producing anything usably secure.

[wendroid]

Dear Ms. Cranton,

Are you seriously suggesting that criminals won't intercept calls in order to blackmail and insider trade because call interception is illegal ?

I don't remember anyone going to prison for these :

http://en.wikipedia.org/wiki/Squidgygate

http://en.wikipedia.org/wiki/News_of_the_World#2006_Phone_Ta...

http://news.sky.com/skynews/Home/Sky-News-Archive/Article/20...

Did you know that if you took the five pound notes it cost to buy 2tb of disk drive and laid them out end to end it would go from here to the end of my desk and back. Your book comparison is hilarious.

Who on earth is suggesting that anyone is going to make this into a commercial product?

I'm not sure whether you are naive or you think I am.

You should be giving FULL DISCLOSURE to your users, not platitudes. It really is shameful that you are just trying to cover your arses.

Yours sincerely,

[gcb]

1. Wait for hackers to break protocol. 2. Release new one the has no technical difference but change one number on the name. 3. ??? 4. Profit!

[DougBTX]

replace A5/1. - Show quoted text - The GSMA

Aah, is someone a gmail user?