Hi Johannes,
On Thu, Jul 30, 2009 at 11:47:33PM +0200, Johannes Schmitz wrote:
Am Donnerstag, den 30.07.2009, 23:16 +0200 schrieb
Harald Welte:
yes, this is very likely. This is why it is very
important how we communicate
our work and its result to the public. I actually wnat to build an
operational GSM network and an operational GSM mobile phone from open source
components. We can show that our work is constructive, that we actually
have useful results. Doing nothing else but implementing open specifications
in open source software. And among other things, this can be used for security
research and to make more engineers familiar with practical aspects of GSM
protocols.
But as a matter of fact the GSM standard itself has security
vulnerabilities. So are we gonna demonstrate this? For example do you
plan to show that false Basestation attacks are possible within a 1000
Euro cost range or something like that?
Of course. We have already shown that e.g. at 25C3 last year. Interestingly
no press coverage at all, not even heise.de. I guess they were all busy writing
about the DECT related security issues.
I think we must be careful with such things and
everybody should be
aware of the fact that openbsc could be abused for criminal purpose.
of course. But is it our fault that the GSM spec was written with almost
no security in mind? Is it our fault that the industry didn'd do anything
to fix those problems for 20 years, despite the problems being very obvious?
The argument 'xyz can be used for criminal purpose' is true for about anything.
You can use a hammer to drive nails into walls, but you can also kill somebody.
You can use a TCP/IP stack to browse the web and send mail, or you can use it
to attack other computers over the network.
You can thus also use a GSM protocol stack for the very same features.
The internet also had things like telnet for remote logins, befor security
evolved and ssh was created. And even today, most e-mail is transferred
unauthenticated and unencrypted. People are more aware of it than the
problems in the GSM world.
Real criminals like organized crime have always had the budget to fund the
development of technology that they used for fraud. We're creating more
awareness in the general technology community (and in the end the public)
about problems that already exist for decades, without any of our doing.
Plus: You can already buy a BTS + GSM network simulator for a five-digit
USD sum, even without OpenBSC. It's commercial off-the-shelf equipment,
after all.
I see this project as a chance to sensitize the
general public of GSM
security problems and send a message towards industry.
that's what I've always had in mind with most of the security projects that
I've been [even remotely] involved, e.g. OpenPCD and OpenPICC as tools for
practical RFID security analysis,
deDECTed.org, ...
Regards,
--
- Harald Welte <laforge(a)gnumonks.org>
http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)