[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss-gnuradio] "A scanner with a digital output" address@hidden: @st

From: Seth David Schoen
Subject: [Discuss-gnuradio] "A scanner with a digital output" address@hidden: @stake wows the wireless rubes...]
Date: Wed, 20 Mar 2002 16:47:35 -0800
User-agent: Mutt/1.3.27i

It seems to me that people will stop being surprised by this kind of
attack pretty soon.  Maybe web sites will pop up with CGI scripts
showing real-time logs of Blackberry messages.

I wonder what the "scanner with a digital output" was.

----- Forwarded message from "R. A. Hettinga" <address@hidden> -----

Date: Wed, 13 Mar 2002 08:38:29 -0500
To: Digital Bearer Settlement List <address@hidden>,
        address@hidden, address@hidden
From: "R. A. Hettinga" <address@hidden>
Subject: @stake wows the wireless rubes...

--- begin forwarded text

Status:  U
Date: Wed, 13 Mar 2002 03:17:48 -0600 (CST)
From: InfoSec News <address@hidden>
To: address@hidden
Subject: [ISN] New Attack Intercepts Wireless Net Messages
Sender: address@hidden
Reply-To: InfoSec News <address@hidden>


March 11, 2002
By Dennis Fisher and Carmen Nobel

It's the stuff of Popular Science. A group of security researchers has
discovered a simple attack that enables them to intercept Internet
traffic moving over a wireless network using gear that can be picked
up at any electronics store and an easily downloadable piece of

The attack, accomplished by @Stake Inc., a security consulting company
in Cambridge, Mass., affects a popular consumer version of Research In
Motion Ltd.'s BlackBerry devices as well as a variety of handhelds
that send unencrypted transmissions over networks such as Mobitex.

By design, the Mobitex specification, like other wireless standards
such as Global System for Mobile Communications and General Packet
Radio Service, sends packets in unencrypted form. The network, which
handles data transmissions only, has been in operation since 1986 and
has a large base of installed devices, with customers using it for
everything from point-of-sale verification to e-mail.

"The attack is fairly simple," said Joe Grand, one of the researchers
who perfected the technique. "The problem is, this isn't a bug. It's
part of the spec that data is transmitted in the clear, just like it's
part of the spec that Internet data is transmitted in the clear. The
risk depends on who is using the network and when and what data
they're sending."

Using a scanner with a digital output, an antenna and freely
downloadable software, the researchers were able to intercept traffic
destined for BlackBerry Internet Edition devices. And, because the
packets aren't encrypted, the attackers can read the messages they
intercept without further work.

The Internet Edition handhelds are sold mainly through co-branding
relationships with ISPs such as AOL Time Warner Inc.'s America Online
service, EarthLink Inc. and Yahoo Inc.

Executives at RIM said they don't see the attack as a problem because
they have never touted the Internet Edition devices as being secure.

"Internet traffic isn't supposed to be secure," said Jim Balsillie,
chairman and co-CEO of RIM. "It's kind of like a company making beer
and cola and someone saying that there's alcohol in the company's
drinks when the children are drinking cola."

However, the attack serves as a reminder to users that e-mail and
other Internet traffic is open to snooping and is inherently insecure.

"I always figure that anything that's sent via e-mail can be read by
at least hundreds of people which have either legitimate or
compromised access to systems sitting between me and my recipient;
this just adds another potential access point," said Christopher Bell,
chief technology officer of People2People Group, a relationship
services company in Boston, and a user of the BlackBerry Internet
Edition. "I am disappointed that they didn't make at least a modest
attempt to obscure the content."

Balsillie said the messages are only as secure as the networks of the
ISPs that relay them, none of which provide encrypted e-mail.

Chris Darby, CEO of @Stake, said RIM has done a thorough job including
security in its other devices, which use a server that sits behind
corporate firewalls.

"RIM is incredibly progressive about the way they're addressing
security in their Enterprise Edition," Darby said.

The attack also applies to other devices on the Mobitex network, many
of which are proprietary solutions developed for in-house corporate

This attack does not work on the BlackBerry Enterprise Edition, which
uses Triple Data Encryption Standard encryption in addition to other
security features, @Stake officials said.

"Typically, Mobitex operators will advise customers that they should
choose the security scheme that fits their particular needs," said
Jack Barse, executive director of the Mobitex Operators Association,
based in Bethesda, Md. "It was a conscious decision not to put
network-level security in because customers have said that they don't
want the overhead associated with security if they're just doing
things like instant messages. Customers can absolutely add on their
own encryption to whatever application they're using [the network]
for. And we encourage that."

ISN is currently hosted by Attrition.org

To unsubscribe email address@hidden with 'unsubscribe isn' in the BODY
of the mail.

--- end forwarded text

R. A. Hettinga <mailto: address@hidden>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to address@hidden

----- End forwarded message -----

Seth David Schoen <address@hidden> | Reading is a right, not a feature!
     http://www.loyalty.org/~schoen/   |                 -- Kathryn Myronuk
     http://vitanuova.loyalty.org/     |

reply via email to

[Prev in Thread] Current Thread [Next in Thread]