GSM Security Flaw Uncovered
By Justin Ried, Thu Sep 04 07:45:00 GMT 2003
Saleem Kahn writes: "A flaw in GSM's security has been exposed by Israeli scientists. The security hole lets someone tap into a call while it is ringing. It's also possible to hijack a signal and impersonate someone in mid-call."
Saleem's write-up continues: "Within a fraction of a second [we can] know everything about the user," said Eli Biham of the Technion Institute in Haifa.
The GSM Association says the hole is a limited threat since the equipment needed to take advantage of it is costly. News of the flaw comes as the association celebrates Djibouti as the 200th country to adopt the GSM standard.
According to the association, more than 72 per cent of the world’s mobile phone subscribers use GSM -- some one billion people -- and that number is rising.
I'm skeptical of the "ignore it and it will go away" approach the GSM Association seems to be taking. The argument that the equipment to exploit this security flaw is too expensive is a little weak. The price of technology always comes down, and the potential financial incentive for sophisticated criminals to take advantage of the problem far outweighs the comparatively low cost of entry. And then there are questions of national security and industrial espionage. Taken together, it sounds to me like a serious problem.