10 comments

[ 4.5 ms ] story [ 29.9 ms ] thread
> Key to grabbing the data from the air were cheap Motorola phones which can have their onboard software swapped for an open source alternative.

Wasn't there a news bit not long ago about law enforcement agencies being puzzled by criminals buying/stealing loads of cheap Motorola phones?

Was there? Sounds kinda familiar... interesting!
This is one advantage CDMA has over GSM, it's much harder to intercept CDMA http://www.denbeste.nu/cdmafaq/eavesdrp.shtml
I know nothing of CDMA and outside of some basic knowledge (I worked on the iPhone dev team during the original push for an unlock, and picked up some info on how GSM and cell phones in general work) I know very little here, but from a general security standpoint, the "only X and Y know the key for Z, thus Z is more secure than W" approach doesn't hold up. If there's a flaw in the implementation of crypto, it may be possible to reconstruct the key, or circumvent it entirely. That it hasn't been done yet means little in terms of theoretical security.
That article is just commercial BS ... the same way GSM pretended "Frequency Hopping" is a security feature because you can't listen to everything and don't know where to listen and you can't listen to everything without very $$$ equipement.

If CDMA is more secure (and I'm not saying it is), then it's not due to their modulation scheme ... it would be due to the better security scheme. (and again, I don't know their security scheme, so it may just be as bad as GSM)

But, remember, this is a crack for GSM (2g), it is not a crack for UTMS (3G).
But the Bad Guys[tm] can jam the 3G communications and force the phone to 2G. The forcing is noticeable, but will be hard to distinguish a malicious fall-back to 2G vs. a carrier coverage fall-back to 2G.

Ref: http://www.processor.com/editorial/article.asp?article=artic...

The exploit only works on 2G GSM networks; however it is possible to jam 3G signals and force virtually any GSM phone to negotiate a 2G connection.