Mobilni telefon

Programerski tim „MD“, pustio je u promet, novu verziju softvera  koji u realnom vremenu, u full dupleksu, kriptuje razgovor.

Razgovori su obavljani sa telefona, sa operativnim sistemom „Windows Mobile“, testni telefon marke „Samsung“, model „I8000 Omnia 2″ i telefona sa operativnim sistemom „Symbian“, testni telefon marke „Sony Ericsson“, model „Vivaz“ . Razgovori su u realnom vremenu, sa veoma malim kašnjenjem. Ključ za kriptovanje govora se menja svakih 7 sekundi i ključ je trenutno „jačine“, kao na softveru poznate Izraelske firme „Gold Lock“

- CPU ARM Cortex A8 720 MHz, PowerVR SGX graphics

- Symbian Series 60, 5th edition
- HSUPA, 2 Mbps
- Push Email
- Instant Messaging
- GPS with A-GPS support
- Wisepilot navigation

Servis mobilnih telefona „Eprom“, Zemun, Bezaniska 18, Ičkova kuća,

Phone Service Eprom Zemun Serbia TEAM

Kontakt telefon 060-72-000-20 Andrija i Marko.

Za sve Nokije, svi originalni delovi.

ProMobi servisni centar d.o.o.
ADRESA: Požeška 80, Čukarica
MESTO: 11000 Beograd
TELEFON: (011) 3555-047
E-MAIL: servis@promobi.rs

Prošao testiranja i nije uhakovan.

Prošao testiranja u mreža Hrvatske, Slovenije, Austrije, Italije, Belgije, Holandije, Srbije, Crne Gore, Grčke.

Karsten Nohl, a PhD from the University of Virginia, looking dreamy above, has broken A5/1, an algorithm to encrypt G.S.M. cellphone conversation. The hack follows a few steps including the use of a distributed key-gathering sytem to capture and decoding of a number of G.S.M. 64-bit encryption keys, the kind of keys that most cellular operators still use.

The hack could be negated by upgrading to the 128-bit A5/3 algorithm, although when cellular providers are cite copyright and the illegality of cellphone intercepts as reasons to ignore Nohl’s work, as they do in this NY Times piece, you have to wonder if they’re not actually scared pantsless.

Reinaert Electronics is proud to present the Enigma GSM crypto mobile phone which boasts the very latest GSM and encryption technology offering its users the most powerful tool to ensure end to end privacy and confidentiality over public GSM and landline networks.

The Enigma works like any normal dual band 900 & 1800MHz GSM phone and has the

following additional features when encrypted, thus giving you absolute privacy:

Fully integrated HW module based on Intel StrongArm Processor;

DVSI advanced speech Vocoder for superior speech quality;

Encryption Smart Card, certified to ITSEC Evaliation level E4, serving as 2nd SIM;

User Authentication by asymmetric RSA 1024bits, X509 v3 certificates (in 2nd SIM);

Encrytion module ITSEC Evaluation Level 3;

Local management following authentication (Blacklist, Whitelist, CUG groups);

Encryption: Symmetrically, IDEA 128 bit and AES 256 bit;

New unique IDEA session key generated for each call;

Local management via RS232 port and supplied PC software;

Short authentication time;

Encrypted speech quality comparable with standard unencrypted GSM calls;

Negligible speech delay during crypto call;

Encrypted operation as simple as making standard unencrypted GSM calls;

Compatible with Telesec’s Linecrypt for making secure calls to ISDN landlines;

It is virtually impossible for anyone, private or government, to intercept and listen in;

More than 2 hours talk time when encrypted, 240 hours standby time.

Enigma is offered with 1 full year warranty, costs € 2.670,- + VAT and delivery includes NetKey card, Personal handsfree set, Charger and User Guide.

Of course encrypted calls can only be made to anyone else who has either an Enigma or a Linecrypt (for landline networks).

Because of it’s „dual use military technology“ export of Enigma and/or Linecrypt might require an Export License, depending on the final destination.

If you are using a GSM phone (AT&T or T-Mobile in the U.S.), you likely have a few more months before it will be easy for practically anyone to spy on your communications.

Security researcher Karsten Nohl is launching an open-source, distributed computing project designed to crack the encryption used on GSM phones and compile it into a code book that can be used to decode conversations and any data that gets sent to and from the phone.

Karsten Nohl talks about his distributed computing, open-source AE/1 cracking project at the Hacking at Random conference.

(Credit: Hacking at Random)

He hopes that by doing this it will spur cellular providers into improving the security of their services and fix a weakness that has been around for 15 years and affects about 3 billion mobile users.

„We’re not creating a vulnerability but publicizing a flaw that’s already being exploited very widely,“ he said in a phone interview Monday.

„Clearly we are making the attack more practical and much cheaper, and of course there’s a moral question of whether we should do that,“ he said. „But more importantly, we are informing (people) about a longstanding vulnerability and hopefully preventing more systems from adopting this.“

This weakness in the encryption used on the phones, A5/1, has been known about for years. There are at least four commercial tools that allow for decrypting GSM communications that range in price from $100,000 to $250,000 depending on how fast you want the software to work, said Nohl, who previously has publicized weaknesses with wireless smart card chips used in transit systems.

It will take 80 high-performance computers about three months to do a brute force attack on A5/1 and create a large look-up table that will serve as the code book, said Nohl, who announced the project at the Hacking at Random conference in the Netherlands 10 days ago.

Using the code book, anyone could get the encryption key for any GSM call, SMS message, or other communication encrypted with A5/1 and listen to the call or read the data in the clear. If 160 people donate their computing resources to the project, it should only take one and a half months to complete, he said.

Participants download the software and three months later they share the files created with others, via BitTorrent, for instance, Nohl said. „We have no connection to them,“ he added.

Once the look-up table is created it would be available for anyone to use.

Distributed computing, which has long been used for research and academic purposes, like SETI@home, and which companies have built businesses around, not only solves the technical hurdle to cracking the A5/1 code, but it could solve the legal ones too.

A few years ago a similar GSM cracking project was embarked upon but was halted before it was completed after researchers were intimidated, possibly by a cellular provider, Nohl said. By distributing the effort among participants and not having it centralized, the new effort will be less vulnerable to outside interference, he said.

Nohl wasn’t certain of the legal ramifications of the project but said it’s likely that using such a look-up table is illegal but possession is legal because of the companies that openly advertise their tables for sale.

A T-Mobile spokeswoman said the company had no comment on the matter.

AT&T spokesman Mark Siegel said, „We take extraordinary care to protect the privacy of our customers and use a variety of tools, many technical and some human approaches. I can’t go into the details for security reasons.“ He declined to elaborate or comment further.

Taking precautions
Carriers should upgrade the encryption or move voice services to 3G, which has much stronger encryption, Nohl said.

In the meantime, people can use separate encryption products on the phone, like Cellcrypt, or handsets with their own encryption, Nohl said. Amnesty International and Greenpeace are using phones with stronger encryption, for example, but it only works if both parties to a conversation are using the same technology, he said.

For data encryption there is Pretty Good Privacy (PGP) for e-mail and virtual private network (VPN) software for connecting to a corporate network, he said.

The encryption problem is particularly serious for people doing online banking, where banks are using text messages as authentication tokens. Banks should instead offer RSA SecurID tokens or send one-time pass phrases through regular mail, Nohl said.

„I think, potentially, this could have as much impact as the breaking of WEP (Wired Equivalent Privacy) had a few years ago,“ said Stan Schatt, security practice director at ABI Research. „That shook up the industry quite a bit.“

As a result of breaking that encryption, enterprises were reluctant to rely on wireless LANs so the Wi-Fi Alliance pushed through an interim standard that strengthened the encryption scheme, he said.

„Vendors will jump in with interim solutions, like Cellcrypt,“ Schatt said. „Mobile operators themselves will have to jump in and offer additional levels of encryption as part of a managed service offering for people who want a higher level of encryption.“

However, consumers aren’t likely to want to pay extra for the boosted encryption strength, he said.

To snoop on someone’s phone, a would-be spy would need to be within eyesight of the target, Schatt said. Or, spies could point a recording device in the direction of a building and grab whatever conversations were nearby, he said.

„If you stand outside a building of a competitor you could get conversations between product managers and about sensitive corporation information, like acquisitions,“ he said. „Corporations put even more sensitive information over their phones, in general, than they do over their e-mail.“