10 Aug 2011

Mobile wireless networks make easy targets

After cracking the encryption code most commonly used to protect web data sent from mobile devices, prominent internet security researcher Karsten Nohl intercepted and read information sent over mobile wireless networks in many European countries. Nohl will present his hack at this week’s Chaos Communication Camp conference in Germany.

Nohl and a research partner used a 7-year-old Motorola cellphone installed with free software applications to intrude on mobile internet networks in Germany, Italy and other countries, The New York Times reports. He was able to decode encrypted information from all the German and Italian mobile networks, and he told The Times that two of the Italian companies, TIM and Wind, do not encrypt data at all.

Speaking to The Register, Nohl said he will release his interception software at the Chaos conference, making mobile carriers that do not encrypt data on their wireless networks immediately vulnerable. He will not publicly release the code break information, but said he will share it with mobile providers to spur better encryption standards.

Cell phone companies often do not encrypt their wireless networks so they can easily block sites like Skype, which allow users to make calls without paying for mobile companies’ voice networks, Nohl told The New York Times.

Mobile phone security has been a hot button issue in Europe since British tabloid News of the World shut down operations as the result of a phone hacking scandal.