Cell Phone SIM Cards Are Vulnerable

SIM

With the love of the show “Person of Interest” and the cloning of phones done often on the show, there is a vulnerability with the SIM card in most phones. Eeek! Well, you knew that not all things are safe no matter how hard you try. This vulnerability can allow eavesdropping on phone conversations, fraudulent purchases, or impersonation of the handset’s owner, a security researcher warns. It is as if the show was telling us how easy this was.

We all know Big Brother has eyes on us, but when it comes to other people aren’t we just a bit more scared? I think I’m scared Big Brother watches over me, but if he didn’t some people would get away with things that we really don’t want them to. It’s vulnerability can be used in allowing malware infection and surveillance. Hackers can hack your webcam to watch you and what you do at home. Now those smart little whippersnappers could watch you as you play on your phone.

Karsten Nohl, founder of Security Research Labs in Berlin, told The New York Times that he has identified a flaw in SIM encryption technology that could allow an attacker to obtain a SIM card’s digital key, the 56-digit sequence that allows modification of the card. The flaw, which may affect as many as 750 million mobile phones, could allow eavesdropping on phone conversations, fraudulent purchases, or impersonation of the handset’s owner, Nohl warned. “We can remotely install software on a handset that operates completely independently from your phone,” warned Nohl, who said he managed the entire operation in less than two minutes using a standard PC. “We can spy on you. We know your encryption keys for calls. We can read your SMSs. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account.”

Tests showed that 1,000 cards in Europe and North America exhibited signs of the flaw. The vulnerability was found in the Digital Encryption Standard, a cryptographic method developed by IBM in the 1970s that is used on about 3 billion cell phones every day. While the encryption method has been beefed up in the past decade, many handsets still use the older standard.

Come on with technology these days why not just have your social tattooed to your hand and let the world know of your life history. That’s what will happen in the end, most of your information can be found online now so who cares right? Well, if they’re going to help with my credit history, thanks. But if they are to take what I don’t have already I’m kind of scared.

GSM Association spokeswoman Claire Cranton told the Times that her organization had already passed the results on members of its group that still rely on the older standard. “We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted,” Cranton said in a statement.

You would think that this tech would’ve been built up stronger over the years as technology advanced, but I guess no one thought of this vulnerability needing to be filled. We see that hackers get into things all the time and people say that the phone thing has been hacked many years ago, but no one has done anything to fix it. Hopefully now with this new information going out to the world, they will fix it or at least make it better until another genius hacker breaks the code.

Forrest L. Rawls

Source
CNet

Leave a Reply

Your email address will not be published.