Common Mobile Security Doesn't Cut it, Hackers Say
The security of the most widely used standard in the world for transmitting mobile phone calls is dangerously flawed, putting privacy and data at risk, two researchers warned at the Black Hat conference in Europe last week.
Researchers David Hulton and Steve Muller showed at Black Hat in the U.S. last month how it was possible to break the encryption on a GSM (Global System for Mobile Communications) call in about 30 minutes using relatively inexpensive off-the-shelf equipment and software tools. The hack means they could listen in on phone calls from distances of up to 20 miles (32 kilometers) or farther away.
They're still refining their technique, which involves cracking the A5/1 stream cipher, an algorithm used to encrypt conversations. In about another month, they'll be able to crack about 95 percent of the traffic on GSM networks in 30 minutes or faster with more advanced hardware.
Their research has been motivated in part by the absence of a more secure encryption method despite years of warnings about GSM.
Yahoo/PC World