Slashdot Mirror
Cell Phone Encryption?
Black Diamond asks: "I know I'm not up to speed on cell phone encryption, but I was wondering, are there any cell phones that let you handle the encryption from your end of things? Something along the lines of a phone you hook up to your computer to input specific encryption keys for specific contacts, as well as a private key for yourself. Is such a thing plausible, or should you trust the standard encryption that comes on some cell phones nowadays?"
This isn't exactly what you're asking about, but the closest thing I can think of offhand would be PGPfone--a product abandoned years ago for encrypting voice communications much as PGP encrypts text.
There are both binaries and source code available here: http://www.pgpi.org/products/pgpfone/
Windows and Mac only, and it's a very crude app... It would be nice for someone to develop something more robust and with better features.
Chasing Amy
(We all chase Amy...)
"The more corrupt the state, the more numerous the laws"-Tacitus
Furthermore, though I can't find the reference now, I remember reading that carriers are permitted to offer "unreversible" encryption on their networks (i.e. if they are able to decrypt the communication they have to do it when faced with an appropriate warrant, but if they can't they are still in compliance with CALEA).
Correct, CDMA is spread-spectrum and the encryption is relatively difficult to crack.
.........
.... go look it up :)
Nobody's been able to demonstrate real-time listening capabilities (yet).
But it is a well-known fact that the law enforcement guys have taps at the cellular switches, so they just plug into the call before it goes to hardwire -- they don't even bother trying to listen out of the air, and why should they? It's a lot easier to listen at the switch
Now, as for GSM, its encryption is definitely crackable in realtime... In fact, there have been industrial espionage problems across the English channel because of this
No they don't.
(a) Both GSM and CDMA encryption are flawed and can be broken.
(b) It doesn't matter if the encryption is bad, all GSM phones listen for a single bit from the tower they're communicating with that tells it if it should encrypt or not. It is trivial for anyone with the resources to eavesdrop on a digital phone call to setup their own fake tower to tell your phone to turn encryption off.
(c) so what if mobile phones encrypt, phone lines that they connect to don't.
never trust commercial "encryption" to be anything more than the magic decoder ring from your cerial box wrapped in a DMCA wrapper calling anyone that points out that its made of cheap injection molded plastic an information terrorist.
It is trivial for anybody with the resources to build a faster than light drive, too - for some definitions of "with the resources".
It would depend upon whom this guy wishes to protect his conversations against - J. Random Carbonunit or Special Agent TLA.
If the former, than the encryption used in GSM is enough - few people have the gear to modulate and demodulate a GSM signal with proper time slotting, time of flight correction, etc. Making a GSM signal is HARD - I build gear that does it.
If the latter, then they won't screw around picking the signal off the air - they will throw a CALEA intercept on his phone when it hits the PTSN. Then the only thing that can protect him would be VERY strong encryption seperate from the phone - which as I said in my first posting is difficult due to the nature of digital phones.
Lastly, if he is trying to protect himself from Special Agent TLA, encrypting his signal like this won't help - it will just raise a big red flag saying "Look At Me! I Am Hiding SomeThing!". He would be far better served making an innocuous word code and using that.
www.eFax.com are spammers
As for using your phone as a modem, it can seem workable.
u ipment/H andsets/pdf/yisocf2031.pdf
With today's bleeding edge technology: I was just looking at the sprint wireless site, and found this pdf on one of the laptop modem cards.
http://www1.sprintpcs.com/media/Assets/Eq
It claims to have a total baud of 230.4 bps
recieve at 153.6 and sent at 76.8
Although this is the maximum baud, and the speed is changeable.
(so theortically you get, but in reality...)
These plans start at $100/mo with 300 MB data, or $120 with unlimited data.
From my personal expierence: Simply, data was too expensive for me- 7 dollars a month charge, 7 cents a minute- and I suffered for two weeks without internet while waiting for the DSL modem to ship. However, I did look into it before.
I currenetly use Cingular (Pac Bell) Wireless.
The phone manufacturer claims they are able to acheive 56k speeds, but Cingular claims 9.6kps due to network conditions (and time slots avialable).
I'm, pretty sure Sprint (or any other carrier) would limit your max speeds- just like dsl/cable modem providers do. So although the claim is 230k/s, your not really gonna get that kind of thruput.
So, unless your super paainoid (mafia) and have cash to burn (mafia), go for it!
I'm going to stick to my $35/mo basic calling plan.
73s
KG6....
(feeling parinoid)
Is it true that more people vote for the winner of American Idol, than vote for the president? -Ali G.
I just do a Darth Vader imitation and speak in Pig Latin. Since I started doing this I haven't been hassled by The Man once!
But not in the form you say. There exist chips which will do a Diffie-Hellman exchange to set up a secret key, and then do AES encryption on the whole conversation. Comes as a Sony-Ericsson accessory.
Of course, lack of standard make these chips non-interoperable (not encryption/decryption but key management). Once it becomes popular standards need to emerge.
I know that Motorola just released an addon to a off-the-slef phone that adds comsec.
s /g eneral_dynamics_sectera_secure.htm
From what I understand, phones with this devices are aproved by NSA for secret transmittions.
Doing a google seach I came up with this:
http://www.cellular.co.za/phones/generaldynamic
hmm... for fun I enjoy launching DDoS attacks against 127.87.42.5