Why I’d stay away from iPhones for now

Yeah, I know. In all technicality, it’s more like all GSM phones and networks that I’d stay away from. But seeing how much I want an iPhone but I’ve been waiting… and waiting… for a CDMA version? Eh. This just nails the coffin shut.
Why? With a $700 open source device called a Universal Software Radio Peripheral (USRP), and a rainbow table that would basically take somewhere around 2.2TBs of space, the GSM frames can be decrypted. Yes, this means that calls will essentially be non-private.
Tapped.
Oh yeah. No more talking about those dirty little secrets over that iPhone of yours. What’s more interesting is that if a web service does evolve from the research presented at this year’s Blackhat DC? You won’t even need the two+ terabytes of space to build your fun GSM scanner.
You have to believe that executives at AT&T and T-Mobile are tearing out their hair right now if they even pay one inkling of attention to what potential havoc this could cause on their networks. Insecure phone calls? Not exactly a consumer confidence builder if you ask me. The most amusing part of this, is… somewhere in the back of my head, a little voice is telling me that NSA has already been listening in on these for a while. They have the resources, and you bet they have the actual storage for rainbow tables to do the decryption.
Photo Credit: (jasonEscapist)

  • And for now it does not play well with Exchange servers. They promise that it will be coming in the form of a firmware upgrade. You can get it to work using LDAP, but it’s just not the same.

  • And for now it does not play well with Exchange servers. They promise that it will be coming in the form of a firmware upgrade. You can get it to work using LDAP, but it’s just not the same.