Your GSM cell phone conversations are not secure
GSM is the most widely used mobile phone protocol, with about 80% of all mobile phones using it worldwide. It is the de facto standard in most networks in Europe and Asia. Some of the well-known networks providing GSM phones in the USA are AT&T and T-Mobile. Verizon Wireless and Sprint uses a different protocol, called CDMA, that was originally developed by the U.S. military.
Researcher Karten Nohl revealed the decrypting method, which he developed with other collaborators, in a presentation on Sunday in Berlin. He claims that the GSM encryption, called A5/1, was known to be weak, but prior to this discovery it had required considerable investment to decrypt it, which was within the budgets of most governments, law enforcement agencies and well-funded criminals. But with the new method, someone with some expertise and $30,000 worth of equipment could now intercept GSM conversations.
Even discussing wiretapping tools could be illegal in the US, and Nohl has consulted lawyers to make sure what he did is legal. He has not released, for instance, a wiretapping tool. He has called for a mandatory upgrade to the encryption technology in GSM phones. A more recent technology, called A5/3 and used by GSM phones to access 3G wireless, exists, but Nohl claims that even this is not good enough in the long run.
Nohl continues to use his GSM phone, but he does not use it for confidential calls any more. That probably is an example worth following.