GSM networks, similar to what are used by Australian mobile phone carriers, can be easily accessed using using four cheap phones and open source software security researchers have claimed.
During a demonstration in Berlin at the Chaos Computer Club Congress, Karsten Nohl and Sylvain Munaut demonstrated how easily calls would be monitored, recorded and eavesdropped.
The pair who have spent a year developing the eavesdropping toolkit told the BBC “Now there’s a path from your telephone number to me finding you and listening to your calls,” Mr Nohl told BBC News. “The whole way.”
He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves.
“The one piece that completed the chain was the ability to record data off the air,” he said.
In a demonstration at the CCC, the pair took attendees through all the steps that led from locating a particular phone to seizing its unique ID, then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent.
Key to grabbing the data from the air were cheap Motorola phones which can have their onboard software swapped for an open source alternative.
“We used the cheap Motorola telephones because a description of their firmware leaked to the internet,” he said.
This led to the creation of open source alternative firmware that, he said, has its “filters” removed so it could see all the data being broadcast by a base station.
