Monday, July 22, 2013

SIM Card: Security Research Labs discovered a vulnerability ... - ITespresso.fr

According to Karsten Nohl (German expert in cryptography), SIM cards have loopholes that allow potential hackers to take control of smartphones.

SIM cards would be more vulnerable than you think.

They would integrate software flaws and encryption affecting safety data accessible via our smartphones.

This is the opinion of the team Karsten Nohl , a German expert in cryptography and founder of Security Research Labs, which conducted tests on a hundred different SIM cards .

work will be presented at the next session of the Black Hat Security in Las Vegas (July 27 – August 1).

serious threat by Karsten Nohl that considers nearly a SIM card of 8 used in the world is exposed to this vulnerability in the interview with Forbes.

There are some conditions prior to exploit these vulnerabilities, such as the use of standard encryption Data Encryption Standard (DES), invented by IBM in the 70 and improved by the NSA.

According to Karsten Nohl, the key lies in hacking a bug in the Java Card code used to program the SIM cards and update.

It is precisely in the transmission channel “over-the-air” (OTA protocol, invisible to the user of a smartphone) that would be the means of breaking the encryption key for each SIM card.

With the key, any hacker is able to inject a virus that is accepted by the SIM card and the remote control.

“Give me any phone number and chances are that I go a few minutes later, being able to remotely control the SIM card and even make a copy of” boastful Karsten Nohl.

Force sending SMS to premium rate numbers, divert calls, intercept text messages, corrupt systems integrated payment … anything is possible as long as the SIM card is attacked.

cryptography expert doubt that the flaw have already been exploited.

However, two telecom operators, intrigued by the discovery would have been closer to him.

Besides the interest of the GSMA which brings together the biggest players in the mobile ecosystem of the planet.

In December 2011, the researcher Karsten Nohl had made about him by pointing faults related to GPRS.

had established a map of the relevant operators (SFR was concerned at the time).

– Quiz —

you familiar mobile operators

——-

Photo credit: Shutterstock for JMiks

No comments:

Post a Comment