They use the security flaws discovered that Nohl to "hack" into your SIM and vulnerability and again. It is known that prior to publication of this vulnerability, Nohl has informed the companies concerned and he is very pleased with what they did. He refused to reveal the name of the network. It is not clear the network in Vietnam have been affected by this vulnerability or not.
Aforementioned vulnerabilities related to the SIM algorithm using DES ( Data Encryption Standard ) to encrypt information - this is an old standard was rejected by a number of manufacturers, but still have hundreds of millions of card SIM is being used in influence. Karsten Nohl discovered that sending a fake message to the phone network can enable auto answer mode 25% of the SIM DES . Messages by phone to answer itself will contain 56-bit secret key of the SIM, and once you have this key in hand, Nohl virus can send back a message SIM only. Virus above will allow hackers to interfere with the user's data, read text messages, or even make some deals with the network. Nohl said the entire process can be done in just 2 minutes using a normal PC.
In the past two years, Nohl has tested his method on the 1000 SIM card in the U.S. and Europe. DES is currently available on the SIM approximately 3 billion worldwide, and according to his estimates, the SIM 750 million is likely to be attacked by the aforementioned vulnerabilities. These networks use techniques triple-DES (triple DES encryption over) are not affected. The integrated SIM mode encryption AES ( Advanced Encryption Standard ) to be used instead of DES are safe.
No comments:
Post a Comment