Research highlights GPRS vulnerability
By Miya Knights,
A security researcher will today reveal weaknesses in the encryption methods used by mobile operators he says can allow internet data to be hacked.
The vulnerability lies in the methods used to encrypt data transmitted over networks running on General Packet Radio Service (GPRS) technology.
Karsten Nohl,
Security Research Labs' chief scientist, is due to present his findings at the Chaos Communication Camp 2011 conference taking place today in Berlin.
Nohl and his team have previously published
research into decrypting algorithms used by mobile operators to secure voice conversations.
But Nohl and colleague Luca Melette are expected to reveal a software tool they have now developed that can reprogramme cheap Motorola handsets to become GPRS interceptors in an attempt to get mobile operators to strengthen their network defences.
The software can be used to expose data transmissions on unprotected networks within a three-mile radius, Nohl told the New York Times in an interview.
He and Melette also reportedly discovered weak encryption methods on all four German mobile networks and were able to decrypt and read mobile transmissions. And in Italy, they found two operators that did not encrypt their data at all.
IT Pro contacted Nohl and Melette to find out if they’d tested any UK networks, but they had not responded at the time of writing. Most of the UK networks IT Pro contacted said they were aware of, and monitoring, Nohl’s research.
The Vodafone Group, however, stated that it implements appropriate measures across its networks to protect its customers' privacy.
“We regularly review security measures and carry out risk assessments to prevent the kind of exploit described,” Vodafone said in its statement.
Nohl’s previous research has also focused on GPRS cryptographic encryption methods. He has criticised operators for failing to use strong 128-bit encryption schemes, after demonstrating how rainbow tables can be used to crack weaker authentication.
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Mobile Analysis & Insight
Citrix takes on the mobile cloud at Synergy
Citrix’s annual gathering saw numerous product announcements clustered around the dual themes of mobility and cloud
- Bring you own device: the $600 question
- Shanghai surprise: Counterfeit technology in China
- 4G edges closer
- Apple's new iPad doesn't give users a choice
- Government IT: Apples for the mandarins
- Mobile comms: coffee and TV
- Rolling out iPads in the enterprise
- Welcome to the stay-at-home Olympics
- What should RIM do to recapture the attention of businesses?
Latest Mobile Reviews
Amazon Kindle Touch review
Rating: 
advertisement
Most popular
- UK regulator shuts down Angry Birds scam
- Apple iPad 3 vs iPad 2 head-to-head review
- IBM bans use of Siri on iPhones
- Chromebooks: What's gone wrong?
- HP plans massive job cuts
- EMC World 2012: Tucci declares Documentum is here to stay
- Dell EqualLogic PS6100XS review
- Macs and Android under malware threat
- RIM loses its head of sales
- Local fibre broadband needs common standards
Latest News Videos in Mobile
IT PRO Podcast: CES 2011
PlayIn the first podcast of 2011, we talk with Adam Griffin of Dell and Barry Collins of PCPro about tablets, the cloud and all the other exciting...
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
