The revelation that SIM cards rely on outdated encryption method make it surprising that an exploit has not been revealed long before now, but there is one that has been discovered and will be featured at this years Black Hat security conference. The proof of concept used was to send an improperly signed binary SMS to a device over the air which returns an error that contains the entire cryptographic signature for the SIM that received the signal, from there it is rather simple to crack the 56bit DES with modern hardware. Once you have the key you can send out a variety of commands to the device up to an including an OS update with certain customizations. Follow the links from The Inquirer for more information.
"A SIM CARD EXPLOIT that could leave millions of mobile phones vulnerable to hacking has been uncovered by German security firm Security Research Labs (SRL)."
Here is some more Tech News from around the web:
- AMD is 'transforming', will be profitable this quarter, says CEO Read @ The Register
- Samsung set to steal FBI phone deal from rival Blackberry @ The Inquirer
- LG Pocket Photo printer @ The Inquirer
- Mac malware uses right to left character exploit @ Hack a Day
- Netgear ProSafe XS708E review: 10 Gbit switch @ Hardware.info
- Intel Linux Driver Performance Still Slower Than Windows 7 @ Phoronix
- Fifteen Years After Autism Panic, a Plague of Measles Erupts @ Slashdot
- Win An Anidees AI-6B Mid-Tower Computer Case @ eTeknix