GSM telephony is the world’s most popular communication technology spanning most countries and connecting over four billion devices. The security standards for voice and text messaging date back to 1990 and have never been overhauled. Our GSM Security Project creates tools to test and document vulnerabilities in GSM networks around the world so to ignite the discussion over whether GSM calls can and should be secured. The project is summarized in this BlackHat 2010 presentation.
Tools. The following tools are used to analyze voice calls:
GnuRadio is included in recent Linux distributions
Recording data requires a programmable radio receiver such as the USRP
Airprobe is available through: git clone git://git.gnumonks.org/airprobe.git
Please follow this tutorial to decode GSM traffic with Airprobe
Kraken is available through: git clone git://git.srlabs.de/kraken.git
Background on Kraken’s rainbow tables are provided on the project web page
Kraken uses rainbow tables that are available through Bittorrent.
Please use these tools carefully and never intentionally record other people’s conversations. We do encourage you to use them to test the security of your cell phone service and discuss your results on the project mailing list.
0 comments:
Posting Komentar