Last Updated Apr 27, 2010 6:06 AM EDT
The GSM standard has recently been the target of some intense and successful security hazing. The most widely used cellular technology in the world, GSM powers phones in Europe, various parts of Asia, and, through the likes of AT&T (T) and T-Mobile, the U.S. Add up the list of cracks in the security armor, and your eyebrows might rise:
- Back in December, German researcher Karsten Nohl announced that he deciphered and published the GSM encryption algorithm. (An algorithm is a rule that lets you solve a problem, like encrypting and decrypting data, on a computer.) His point was to show the inadequacy of the security measures. What did the GSM industry do? Complain that his work was illegal, and that he overdramatized the security threat. Well, that should put off would-be eavesdroppers and hackers.
- Less than a month later, researchers at the Weizmann Institute of Science cracked a security algorithm for 3G networks in under two hours.
- Earlier this month, a new crack in the armor showed that someone could track a GSM user's location and listen to voicemail and calls. The results included being able to "glean the identity of a government contractor by sifting through caller IDs and phone numbers they traced to the U.S. Department of Homeland Security, for example."
- Cellular security vendor Cellcrypt pointed me to a demonstration of a mobile fake base station for intercepting GSM calls. The combination of laptop, free open source software, and off-the-shelf radio receiver costs under $2,000.
According to New York Times article about Nohl, serious security problems were only a few months away back in December:
"Organizations must now take this threat seriously and assume that within six months their organizations will be at risk unless they have adequate measures in place to secure their mobile phone calls," said Stan Schatt, a vice president for health care and security at the technology market researcher ABI Research in New York.The six months is almost up, and given the developments, I'd think that the problem is here now. As with most security issues, chances are that few will take this seriously until there's a well-publicized actual problem, but once that happens, large corporations will demand to know what GSM network operators will to address the issue.
That leaves us with several potential winners, because, after all, when there's a problem, someone will get customers to pay more for a solution:
- CDMA carriers -- The competitor to GSM is CDMA. Purportedly, it's harder to detect signals because transmission hops from one frequency to another. Verizon (VZ) and Sprint Nextel (S), which both use CDMA, could make a play to pull corporate business from AT&T, point out that the military uses CDMA for secure transmissions. GSM vendors might push back, discussing the security flaws that CMDA has.
- Specialized security vendors -- Companies that can layer additional encryption atop GSM will put these security cracks together as fear-based marketing campaigns, again targeting corporate users as well as individuals who are particularly sensitive about privacy.
- Cell equipment vendors -- The chip and base station companies will push hard on the security worries to sell the industry into adding additional security features. Even handset vendors might get in on the act, offering a special line of super-secure GSM handsets.
- GSM carriers -- Here's the big irony. They can't go around admitting that there are security problems until they have an industry-wide fix, but they could offer "security enhanced" services for targeted markets and charge extra for the peace of mind.