Ah, I knew we’d mentioned this Karsten Nohl guy before. Founder of Berlin’s Security Research Labs, he previously warned that billions of GSM-rockin’ phones were at risk from premium rate hijacking and the like. Run for your lives!
On a similar note, he reckons a security flaw in SIM cards could affect as many as 750 million phones, leaving users open to various mobile-related atrocities including eavesdropping on calls. Sonofa...
Nohl and team tested around 1,000 European and North American SIM cards over a two-year period, and discovered that around a quarter are susceptible to remote installation of a virus via SMS.
Sounding uncannily like a supervillain, Nohl warns: “We can remotely install software on a handset that operates completely independently from your phone. We can spy on you. We know your encryption keys for calls. We can read your S.M.S.’s.
"More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account.”
Through a process of “reasonable disclosure”, Nohl passed his findings to the GSM Association, which in turn has been in touch with relevant parties.
Speaking on behalf of the GSM Assocation, self-proclaimed “PR Diva” Claire Cranton reassures: “We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted,” adding that only a minority of users “could be vulnerable.”
For tons more detail, hit up the source article at The New York Times.