Hello David,
On Wed, 29 Jul 2009 11:02:15 -0700, "David A. Burgess" dburgess@jcis.net wrote:
So you can jailbreak an iPhone and get direct access to L3 to run a DOS? That would be very interesting if it were true, but I suspect it's just horseshit put in there to deceive the court, which isn't hard to do in technology cases.
I don't think its that easy (if it would be, why not modify the TSM30 instead which should be much easier). I just found it very interesting that Apple uses it as an argument. Of course such arguments are also bad for opening the phone GSM stack to a larger group of people (if this ever happens) or developing an open source GSM phone stack which could be used for anything else than research.
Best regards, Dieter
I don't trust this, I think this a way to control the mass. If "hackers" could hack the towers, than the regulators come with a new law to get more control of people in sake of "national security".
Make people afraid and you can control them... But that's my opinion.
2009/7/29 Dieter Spaar spaar@mirider.augusta.de
Hello David,
On Wed, 29 Jul 2009 11:02:15 -0700, "David A. Burgess" dburgess@jcis.net wrote:
So you can jailbreak an iPhone and get direct access to L3 to run a DOS? That would be very interesting if it were true, but I suspect it's just horseshit put in there to deceive the court, which isn't hard to do in technology cases.
I don't think its that easy (if it would be, why not modify the TSM30 instead which should be much easier). I just found it very interesting that Apple uses it as an argument. Of course such arguments are also bad for opening the phone GSM stack to a larger group of people (if this ever happens) or developing an open source GSM phone stack which could be used for anything else than research.
Best regards, Dieter -- Dieter Spaar, Germany spaar@mirider.augusta.de
On Wed, Jul 29, 2009 at 09:58:09PM +0200, Nordin Bouchtaoui wrote:
I don't trust this, I think this a way to control the mass. If "hackers" could hack the towers, than the regulators come with a new law to get more control of people in sake of "national security".
yes, this is very likely. This is why it is very important how we communicate our work and its result to the public. I actually wnat to build an operational GSM network and an operational GSM mobile phone from open source components. We can show that our work is constructive, that we actually have useful results. Doing nothing else but implementing open specifications in open source software. And among other things, this can be used for security research and to make more engineers familiar with practical aspects of GSM protocols.
Regards,
Am Donnerstag, den 30.07.2009, 23:16 +0200 schrieb Harald Welte:
yes, this is very likely. This is why it is very important how we communicate our work and its result to the public. I actually wnat to build an operational GSM network and an operational GSM mobile phone from open source components. We can show that our work is constructive, that we actually have useful results. Doing nothing else but implementing open specifications in open source software. And among other things, this can be used for security research and to make more engineers familiar with practical aspects of GSM protocols.
But as a matter of fact the GSM standard itself has security vulnerabilities. So are we gonna demonstrate this? For example do you plan to show that false Basestation attacks are possible within a 1000 Euro cost range or something like that? I think we must be careful with such things and everybody should be aware of the fact that openbsc could be abused for criminal purpose. I see this project as a chance to sensitize the general public of GSM security problems and send a message towards industry.
Johannes
Hi Johannes,
On Thu, Jul 30, 2009 at 11:47:33PM +0200, Johannes Schmitz wrote:
Am Donnerstag, den 30.07.2009, 23:16 +0200 schrieb Harald Welte:
yes, this is very likely. This is why it is very important how we communicate our work and its result to the public. I actually wnat to build an operational GSM network and an operational GSM mobile phone from open source components. We can show that our work is constructive, that we actually have useful results. Doing nothing else but implementing open specifications in open source software. And among other things, this can be used for security research and to make more engineers familiar with practical aspects of GSM protocols.
But as a matter of fact the GSM standard itself has security vulnerabilities. So are we gonna demonstrate this? For example do you plan to show that false Basestation attacks are possible within a 1000 Euro cost range or something like that?
Of course. We have already shown that e.g. at 25C3 last year. Interestingly no press coverage at all, not even heise.de. I guess they were all busy writing about the DECT related security issues.
I think we must be careful with such things and everybody should be aware of the fact that openbsc could be abused for criminal purpose.
of course. But is it our fault that the GSM spec was written with almost no security in mind? Is it our fault that the industry didn'd do anything to fix those problems for 20 years, despite the problems being very obvious?
The argument 'xyz can be used for criminal purpose' is true for about anything. You can use a hammer to drive nails into walls, but you can also kill somebody.
You can use a TCP/IP stack to browse the web and send mail, or you can use it to attack other computers over the network.
You can thus also use a GSM protocol stack for the very same features.
The internet also had things like telnet for remote logins, befor security evolved and ssh was created. And even today, most e-mail is transferred unauthenticated and unencrypted. People are more aware of it than the problems in the GSM world.
Real criminals like organized crime have always had the budget to fund the development of technology that they used for fraud. We're creating more awareness in the general technology community (and in the end the public) about problems that already exist for decades, without any of our doing.
Plus: You can already buy a BTS + GSM network simulator for a five-digit USD sum, even without OpenBSC. It's commercial off-the-shelf equipment, after all.
I see this project as a chance to sensitize the general public of GSM security problems and send a message towards industry.
that's what I've always had in mind with most of the security projects that I've been [even remotely] involved, e.g. OpenPCD and OpenPICC as tools for practical RFID security analysis, deDECTed.org, ...
Regards,
-
Dieter Spaar -
Harald Welte -
Johannes Schmitz -
Nordin Bouchtaoui