Hackers Break GSM Cell Phone Code

(CBS)  A group of hackers trying to force the cell phone industry into upgrading their security claims to have broken and published the code that keeps calls made on billions of phones secret.

According to a report in the Financial Times, German computer engineer and encryption expert Karsten Nohl told a hackers' convention in Berlin this week he had made public the encryption code protecting GSM phones in more than 212 countries - estimated at 80 percent of all the world's cell phones.

Nohl, 28, told the Chaos Communication Congress that a team of 24 hackers had managed to reproduce the code keeping GSM calls safe, proving that "existing GSM security is inadequate".

"We have given up hope that network operators will move to improve security on their own, but we are hoping that with this added attention, there will be increased demand from customers for them to do this," he the FT.

Other encryption experts told the London-based newspaper that technology required to hack into consumer GSM calls was rapidly becoming affordable to the layman, and the skills required to use it were not beyond those of a "skilled computer engineer".

Nohl had vowed to give an onstage demo at the hackers' conference of how to use the revealed code, but that was on hold Wednesday as he consulted lawyers on the legality of that maneuver.

The code break by Nohl and his team does not affect phones operating with 3G encryption.

The global GSM Association is scheduled to meet in February, according to the FT report, a meeting which could see a review of security measures - last upgraded 21 years ago.

The GSMA told the FT they were "closely monitoring" the situation, but doubted the hack would result in multitudes of personal phone calls being tapped into illegally in the coming weeks or months.

[techcommuser]

The lesson to learn from this is to better secure the gsm networks.

[ToolMangler1]

Anything can be hacked. That is a fact.

[rocketjl]

This guy must feel he has done the world a big favor. I think we should be thank him by paying his overhead, food, and health bills for the next several years. There should be room for him in somebody's iron-bar hotel.

[stinger1z]

Thanks hackers for shutting down the network earlier this month. People needed to get in touch with each other. Cell phones are a great tool for emergencies, why would you mess with that ability? Get a -ucking life and off the couch!!

[Dgunner]

Net10 prepaid phones are the hardest to tap. The operate on continuing roaming radio frequencies.You would have to talk at least ten minutes straight while standing still and with no interruption from other roaming Radio freq. It would take days to recall or even find where your placed called ended or arrived.The drug dealears are constantly buying them and activating them in different zones then mailing them to be used in other zones because net10 does not charge for roaming and they are constanstly roaming for different RFs to lock onto the main operating bank must have a original begining point to search out ward for tracking.

[omnibus66]

If you truly believe that your cell phone conversations are secure, you should look into buying some bridges. There are several good ones for sale right now.

[tmittelstaed]

All cell carriers are required by law to provide unencrypted wiretap access to cell calls, thanks to the Patriot Act, so since the NSA and the FBI can already listen in, no hacking required, why is this even an issue?

Incidentally, the GSM code is available at your favorite bittorrent site.