It’s no secret that GSM phone calls, such as those made on carriers like AT&T and T-Mobile, have the ability to be decrypted and listened in on. However, the fact that it can be done with a $15 phone and 180 seconds of free time? That’s a little bit more interesting. Karsten Nohl, researcher at Security Research Labs, and Sylvain Munaut, OsmocomBB project manager, recently spoke at the Chaos Computer Club Congress in Berlin about the new hack. They were able to take the audience through it, step by step, in a matter of minutes.
They say that it’s quite simple to use a $15 Motorola phone to sniff out some location data to route texts and phone calls, and then use a modified firmware to feed data into a laptop, which can then decrypt said data. Add in 2TB worth of precompiled hash keys, and the researchers were able to crack the encryption in a mere 20 seconds. Not much left to do after that, except record the live call.
For a full rundown on how the hack is executed, be sure to hit up the source link below. It’s our hope that, like any other security flaws, developers will realize the flaw, and get to patching. Be sure to let us know what you think in the comments below!