Harald Welte's blog

GSM wardriving has started

As you can see in this picture referenced by this blog post, somebody is having real fun using the BS-11 and OpenBSC for GSM wardriving.

Please note that the BS-11 is a 200W AC powered device, so you need the entire trunk full of lead batteries and a reasonably sized UPS to provide it with power.

There are much lighter setups using a laptop and a nanoBTS, but then those setups are likely a factor 10 more expensive (and provide less RF power).

But what this all tells us: GSM wardriving has started. More security researchers are looking into GSM security than a year ago, much due to the successful growth of a community around OpenBSC. Many people are only starting with GSM and mainly using/playing with the software, the number of actual contributers to the code is still small...

On a larger scale, you can see that GSM insecurity is finally going to become a much more popular topic, with more people able to demo the various long-known issues such as lack of mutual authentication and insufficient threat models/analysis during protocol design.

Harald Welte's blog

	RSS Categories Root (915) ccc (25) dect (1) electronics (12) gsm (56) knf (4) linux (643) a780 (39) ath-driver (1) conferences (111) cyberjack (4) gnuradio (5) gpl-violations (120) gspc (6) mobile (20) palm webos (1) mrtd (34) netfilter (115) ct sync (6) openmoko (51) opentom (7) samsung (1) via (22) misc (13) personal (105) bollywood (17) taiwan (2) photography (9) politics (24) swpat (3) Archives 2010 (5) February (1) January (4) 2009 (145) December (8) November (9) October (21) September (9) August (8) July (12) June (18) May (9) April (14) March (9) February (11) January (17) 2008 (106) December (17) November (14) October (14) September (11) August (6) July (9) June (3) May (8) April (6) March (6) February (7) January (5) 2007 (53) December (9) November (5) October (3) September (6) August (3) July (3) June (3) April (3) March (6) February (7) January (5) 2006 (154) December (12) November (9) October (8) September (12) August (10) July (13) June (21) May (13) April (23) March (6) February (14) January (13) 2005 (248) December (8) November (25) October (33) September (22) August (17) July (30) June (27) May (21) April (14) March (22) February (13) January (16) 2004 (198) December (8) November (18) October (18) September (15) August (19) July (17) June (11) May (5) April (22) March (13) February (24) January (28) 2003 (5) December (3) November (1) September (1) 2002 (1) February (1) Harald's Web gnumonks.org hmw-consulting.com Projects OpenBSC gnufiish deDECTed.org OpenMoko gpl-violations.org gpl-devices.org OpenEZX OpenBeacon OpenPCD librfid openmrtd opentom.org netfilter/iptables Other Bloggers Rusty Russell David Miller Martin Pool Lawrence Lessig Sirtaj Singh Kang Jeremy Kerr Atul Chitnis Tim Pritlove fukami Michael Lauer Stefan Schmidt Kalyan Varma David Burgess Bradley M. Kuhn Aggregators kernelplanet.org planet.netfilter.org planet.openezx.org planet.openmoko.org planet.foss.in Articles on this blog/journal are licensed under a Creative Commons Attribution-NoDerivs 2.5 License.	Tue, 23 Jun 2009 GSM wardriving has started As you can see in this picture referenced by this blog post, somebody is having real fun using the BS-11 and OpenBSC for GSM wardriving. Please note that the BS-11 is a 200W AC powered device, so you need the entire trunk full of lead batteries and a reasonably sized UPS to provide it with power. There are much lighter setups using a laptop and a nanoBTS, but then those setups are likely a factor 10 more expensive (and provide less RF power). But what this all tells us: GSM wardriving has started. More security researchers are looking into GSM security than a year ago, much due to the successful growth of a community around OpenBSC. Many people are only starting with GSM and mainly using/playing with the software, the number of actual contributers to the code is still small... On a larger scale, you can see that GSM insecurity is finally going to become a much more popular topic, with more people able to demo the various long-known issues such as lack of mutual authentication and insufficient threat models/analysis during protocol design. [ /gsm \| permanent link ]