An expert on network security from Germany created a system for intercepting and decrypting GPRS traffic

A cryptographic network security specialist reported on the creation of a fairly easy-to-use technology for intercepting and decoding GPRS traffic. The expert name is Carsten Nol, and he works in the German company Security Research Lab. Nol argues that most mobile operators in any country work with a weakly protected GPRS implementation, which theoretically allows (Nol himself has already proved this in practice) to intercept and decrypt GPRS traffic of the vast majority of mobile operators. And these are not empty words - Nola and his partner managed to successfully intercept data in networks of operators such as T-Mobile, O2 Germany, Vodafone and E-Plus.

In their appeal, the developers report that some mobile operators do not use data encryption at all, this applies to such well-known operators in their regions, such as Wind or Telecom Italia. Other operators, including T-Mobile, O2 Germany, Vodafone and E-Plus, use encryption, but encode the data so that Nol could easily intercept and decode information from the networks of these operators.
')
For his work, the expert did not use expensive software. All he needed was a Motorola C-123 phone, which Nol modified slightly (reprogrammed so that the phone became a GPRS traffic interceptor), a computer, and free applications that are publicly available.

So far, Nol does not lay out detailed information about the developed technology, but promises to tell and show everything at the Chaos Communication Camp 2011 conference. which will allow any novice hacker to intercept unencoded GPRS traffic. In addition, Nol will provide tools for decoding the weakly protected data of some operators. By the way, the technology allows you to intercept data within a radius of 5 kilometers.

Nohl said that he does his job not to harm anyone, but to let mobile operators pay more attention to protecting their users' data. The expert understands that many telecommunications operators may suffer because of him, but he believes that the situation with the encryption of GPRS data in the networks of mobile operators needs to be changed and changed today.

By the way, Nol believes that many operators do not pay enough attention to data coding consciously, leaving for themselves the possibility of analyzing the types of traffic. This is done for shaping by traffic type and for other purposes.

Via nytimes