Mobile phone security blown wide open

Security researchers have discovered a way to eavesdrop on voice calls and SMS messages transmitted over the GSM network using nothing more than four cheap mobile handsets and a raft of open source software.

Researchers Karsten Nohl and Sylvain Munaut demonstrated their findings in a presentation at the Chaos Communications Congress - the same gathering of security researchers and curious hackers that yesterday brought us the news that the private key protecting the DRM system of Sony's PlayStation 3 console had been cracked.

Nohl and Munaut's discovery, however, is a trifle more far-reaching: using off the shelf components and open-source software packages, the pair were able to record data off the air - including voice calls and text messages - for any given telephone number.

While this level of eavesdropping technology has long been available to governmental security services and military users, it's the first time that full snooping capabilities have been in the reach of the 'average' user - and leaves no doubt that the encryption system developed for the GSM mobile network is now totally outdated, and should be replaced at the earliest available opportunity.

Commercial one-box systems for GSM call interception are already available to licence-holding law enforcement agencies, but can cost more than £35,000 - compared to the less than £40 the pair spent on the Motorola-manufactured handsets at the heart of their homebrew eavesdropping system.

Speaking to the BBC, Nohl confirmed: "Now there's a path from your telephone number to me finding you and listening to your calls, the whole way."

Although the pair demonstrated their technique at the hackers' conference, they are holding back on releasing full details of their eavesdropping system due to the security implications - but, despite their stated aim being simply to raise awareness of weaknesses in the GSM security implementation, it is unlikely to be long before enterprising ne'er-do-wells have replicated their success.