All GSM Phones Open To Attack, Tracking

Trailrunner7 writes "A pair of security researchers has discovered a number of new attack vectors that give them the ability not only to locate any GSM mobile handset anywhere in the world, but also to find the name of the subscriber associated with virtually any cellular phone number, raising serious privacy and security concerns for customers of all of the major mobile providers. The research builds upon earlier work on geolocation of GSM handsets and exposes a number of fundamental weaknesses in the architecture of mobile providers' networks. However, these are not software or hardware vulnerabilities that can be patched or mitigated with workarounds. Rather, they are features and functionality built into the networks and back-end systems that Bailey and DePetrillo have found ways to abuse in order to discover information that most cell users assume is private and known only to the cell provider."

Re:Sounds like a lot of BS

[kju]

So what? The claims are still untrue for at least most GSM networks in the world. This is not FUD but a fact.

The HLR can not be used to lookup the name of a subscriber. Also while the HLR can be queried by operators around the world (as this is needed for roaming), they query it by using the IMSI of the SIM-Card. Wikipedia claims that the MSISDN is another lookup key, but there is no need to make a lookup by MSISDN possible to other operators. When they handle a roaming customer, all they have is their IMSI and they use this to contact the HLR of the operator in charge.

So STFU.

Re:Sounds like a lot of BS

[kju]

Why i have such a big problem with this? Because the article makes the reader believe that this is a problem for any GSM user around the world, while it is apparently restricted to countries/networks where such a accessible database exists. The title of the slashdot article also claims "All GSM Phone" which is untrue given this additional information.