We used to see someone boast of spying on any cell phone, saying that their mobile spy software could listen to others calls and read their messages, well you know that’s not true.
But this time, you should be aware, someone could listen in. Some days ago, German security expert Karsten Nohl showed in Chaos Computer Club Congress that you could eavesdrop on GSM mobile devices with a few cheap Motorola handsets. He showed the whole process, how first to lock a mobile device, then acquire its ID, and next to intercept the encrypted calls and message transferred between the cell phone and base station, and finally the decryption using their code book developed by their community in a year.
Karsten Nohl used a few cheap Motorola devices which cost about 10EUR to attack the GSM network. He said they used Motorola handset because their firmware manual was available on the Internet, and they could use some open source programs on them.
The GSM network use the 64-bit key A5/1 encryption in the developed country which could no longer withstand the computing power today, what’s worse, in some developing countries, the data is not encrypted at all. Mobile operators like AT&T and T-Mobile did not wish to adopt the A5/3 128-bit encryption key in the past due to the high cost, but now this could change.
Karsten Nohl also released the exploit on the net as a torrent which comes to 2TB, so anyone have internet connection could download it. The GSM encryption algorithm code book then could be used to do the decryption.
However luckily, in order to record a call, some advanced radio equipment is needed which could cost up to 1500 US Dollars and the eavesdropper to be in the vicinity of the victim.
[Ref]CNet’s interview with Karsten Nohl.