News

Hacker Finds Major Security Flaw In GSM Networks – All Phones Vulnerable

29

A vulnerability was discovered in GSM networks — the same type of network T-Mobile and AT&T operate on — that could allow for a hacker or an otherwise nefarious character, to gain full remote control of any smartphone running on those types of networks (Sprint and Verizon are in the clear). The security flaw was revealed during a hacking convention in Berlin where the head of Germany’s Security Research Labs, a Mr. Karsten Nohl, said that the attacks could easily be carried out on a large scale as well.

”We can do it to hundreds of thousands of phones in a short timeframe. None of the networks protects users very well. Mobile network is by far the weakest part of the mobile ecosystem, even when compared to a lot attacked Android or iOS devices.”

Hijacked phones could allow for hackers to send text messages or even make phone call, signing up users for expensive premium phone or messaging services, all without the owners consent. If you’re feeling a little bit more paranoid about who could be out there tapping your phone it should be said that Nohl also mentioned carriers could easily patch the security hole simply by updating their outdated software.

[Reuters Via BGR]

Chris Chavez
I've been obsessed with consumer technology for about as long as I can remember, be it video games, photography, or mobile devices. If you can plug it in, I have to own it. Preparing for the day when Android finally becomes self-aware and I get to welcome our new robot overlords.

Tablet Remote Lets You Control Your Tablet At Long Range Using Nothing But Your Smartphone

Previous article

LG Prada Phone 3.0 Now Available In Korea – Hitting Europe In January

Next article

You may also like

29 Comments

  1. LOL WIN FOR SPRINT AND VERIZON. 

    1. No we still lose cause of our slower data speeds.

      1. Pretty sure Verizon 4G is about as fast you can get…

        1. Nope. IMT-Advanced (which LTE-Advanced qualifies for, and Verizon doesn’t have it) average speeds of 100Mbps on downlink fully loaded, and average speeds of 1Gbps for FMC downlink fully loaded.

          So yeah, it gets faster!

          1. I meant on current wireless choices between networks. It was implied Verizon is slow when compared to companies like Sprint or T-Mobile

          2. Sprint is much slower than Verizon, that’s a given. Depending on the market, T-Mobile will either be neck and neck or just slightly behind Verizon on speeds. AT&T is always behind T-Mobile, and their LTE network will be behind Verizon once it gets loaded (less capacity than Verizon LTE).

          3. I believe Verizon to average significantly higher download speeds compared to any of the mentioned networks – in addition to providing by far the most coverage. This includes T-Mobile.

          4. The average is higher, if you only count the 4G LTE network. But, T-Mobile’s HSPA+ network in certain areas can hit around 15-25Mbps for download and 3-4Mbps for upload. That’s awfully close to average LTE speeds. It’s not equal in all markets, but T-Mobile is often the one behind Verizon, with AT&T in third and Sprint lagging as a distant fourth. Verizon’s LTE coverage is roughly equal to T-Mobile’s HSPA+ coverage, but Verizon’s EV-DO coverage does trump everyone else’s network coverage.

          5. T-Mobile’s 15-25mbs is merely its theoretical max, real life speeds are actually around 5-7. Verizon 4G provides a slightly larger area over T-Mobile’s coverage (in a lot less time). Verizon’s network (4G) is rapidly expanding all the time though, it’s a lot harder to say that about T-Mobile.

            P.S. my galaxy nexus and Droid razr both consistently produce ~30mbps on Verizon 4G LTE.

          6. Nooo… Theoretical max for T-Mobile’s network is 42.2Mbps on the downlink and 11Mbps on the uplink. Those are real numbers that several people have gathered since the launch of the 42Mbps HSPA+ network.

          7. Either way Verizon is still significantly faster.

          8. Conan makes a cute post about Sprint being a distant 4th, placing TMobile in second. That’s accurate.. if you’re in one of the few coverage areas that Tmobile has lit up. I’ve always found it laughable that they pretend to be a national network. Even AT&T has only recently managed to grow their 3G footprint beyond a joke of a map, whereas Verizon and to a lesser degree Sprint have had significant coverage for years.

            Sprint has been neck and neck for speed with Verizon where I live for years, with no other 3G options at all until recently AT&T decided to stir. So while it may be a cute generalization that they’re slower, they’re only slower if the competition is actually THERE, which they often aren’t.

      2.  Verizon’s LTE is mighty fast so I don’t know what you are talking about.

        1. Yea I should have specified that I was talking about 3G.

      3. Maybe he’s referring to Sprint?

        1. Yea well I was talking mostly about Sprint. The other day I got 1mbps and was happy. I’m used to getting 100-500kbps on my Evo 3D in a large metro area.

          And plus Verizon and Sprint’s 3G have a theoretical limits of 3.1mbps. While At&t and T-Mobile have limits of 21.1mbps and 42.2mbps with HSPA+.

      4. Haha, oh the irony.

      5. And because 3G GSM is still secure. This only affects the 2G GSM network (no mentions of “UMTS” being affected).

  2. It affects all carriers because nobody upgraded the security technology when they upgraded to UMTS (3G GSM). You’re basically pairing a secure radio technology with an insecure encryption algorithm. A recipe for disaster that most people already knew was there… After all, you’ve left the 2G GSM network as the backdoor. Since Reuters (French company) wrote this article, we know it’s talking about 2G GSM instead of UMTS. Only in the USA do we refer to UMTS technology as GSM. Everywhere else, it is called either UMTS or FOMA.

    1. Verizon and Sprint use CDMA, not GSM, therefore they are safe from this threat.

      1. And any network operator who decided to upgrade their security algorithms to the ones they are supposed to use for 3G GSM would be fine too.

        Besides, this article is talking about GSM instead of UMTS. That means that the operators never upgraded to the W-CDMA security algorithm and backported it to the GSM network.

        And yes, WCDMA is still secure. This vulnerability applies to 2G GSM only. UMTS is completely secure because it uses WCDMA technology.

        So, hah!

  3. HAHA A GLOBAL FAIL!

  4. this is totally off topic but i just wanted to know, does anyone know who won the the last contest that took place on sunday?

    1. I wonder this too..

  5. Dear Verizon,

    No carrier IQ,no network wide security threat.
    I am a little less sad about my bill

    1. And this has absolutely no bearing on 3G GSM… AT ALL. So, you should be a little more worried about the price of your bill again! :)

  6. LMAO

  7. Will rooting fix this!? LoL!! Since rooting seems to fix all other security problems. Therefore I believe rooting will fix this. :P

    1.  What? Rooting in no way fixes security problems. It actually creates more because you now have administrative access on your phone and can therefore create more damage.

Leave a reply

Your email address will not be published. Required fields are marked *

More in News