Hello? Democracy’s calling! (Update)
As of today the GSM encryption code is officially cracked. Well-known German security expert Karsten Nohl announced today that his open source A5/1 Cracking Project has finally computed all the necesarry rainbow tables (PDF, 926 KB) needed to crack any GSM-device. While the GSM Association claimes it still would be difficult to listen in on actual calls, security experts disagree.
But what does this mean in plain english? Basically: From now on any well-fundet organisation (criminal or governmental) can listen in on your personal mobile phone calls quite easily. This is all the more reason to push the developenent of a more distributed mobile phone network. Traditional phone networks can not handle the extra traffic large scale real encryption would produce. But with the computing power of a 600MHz iPhone or Droid/Milestone or a 1GHz Nexus One and the potency of the internet using PGP encrypted SIP telephoning could be easily done! (SIP is one of the most versatile VoIP-Standards and PGP, the acronym for Pretty Good Privacy, a very strong open source encryption software/algorithm)
Related articles by Zemanta:
- Privacy Algorithm to encrypt GSM calls has been cracked (ecombizcenter.blogspot.com)
- The Algorithm Protecting GSM Calls Has Been Cracked [Security] (gizmodo.com)
- Encryption Code for 80% of the World’s Mobile Calls Cracked (mashable.com)
- Secret code protecting cellphone calls set loose (theregister.co.uk)
- GSM Code Cracked & Released – Another Reason to Be Thankful for Verizon (lockergnome.com)
The following post was originally published on Nov 14, 2009.
Recently I had a pretty interesting Facebook-Chat with Valentin Eisendle about the possibilities of a democratic telecommunication-system. Rumor has it apple is going to inc
lude RFID-chips in future versions of the popular iPhone. While Leander Kahney over at Cult of Mac seems to be extremely thrilled about this, it really is a reason for major concern. It’s not just that RFID is extremely unsafe (see here, here, or here), it also raises serious privacy
concerns, e.g.: Every single move can be tracked even with GPS and network turned of. And with RFID becoming your main ID, it being hacked could give a hacker access to your wallet, your health details and everything else you want to keep safe from the world.
Something like that could not happen with hardware like openmokos Neo 1973, a completely open sourced mobile phone. This way it would also be possible to develop and deploy a democratic telecommunication-system.
What do we mean by democratic telecommunication?
Basically there are two versions of the idea: One being softcore, one being democratic by design. Let’s start with the softcore-version: With enough open SIP-Servers (SIP being the most popular VoIP-protocol) like egika.net, it would be possible to make free calls with only public WLAN and Google Voice. Of course this would only work with enough public internet around you. So you can see how this is only a dirty hack.
Real democratic telephoning would include a decentralized communication form. Something TerraNet allready experimented with in 2007. Basically what this means is that every phone is directly connected to nearby phones thus forming a meshed net. Phone calls are routed over this net, from phone to phone.
Even though this is technically possible there still are many thinks one has to think about! For example how can you secure calls so that middle-notes cannot listen in on conversations? Or how about scalability? While the technical questions are rather easily solved (see zfone for security and the amount of private TOR nodes), the real challenge is the socialsystemic component. Or in other words: how do you sell this to the broad masses?
Update: This seems to be an interesting link: P2PSIP