On Sat, Jan 2, 2010 at 9:48 PM, Fabio Pietrosanti (naif) <li...@infosecurity.ch> wrote: > > On 02/gen/10, at 21:34, d b wrote: > >> So I guess that is the point in all of this.. Don't you think? > > > I totally agree. > > That's exactly the point for which, after full releases of latest code > and instructions, we as the community should support in making the > attack "easy-to-use" and well documented in the usage. > > Integration within linux backtrack hacking distribution is probably > the best choice along with some interfaces to easy the usage of the > tool.
I'm not sure if you'd want to go that far. WEP for WiFi-encryption has not only been replaced because the general public knows that it's insecure, or because Backtrack was available. It's been replaced because there was a better alternative available and newer routers use it by default. The GSMA will have to come up with a new standard sooner or later; they have tried it with 3G (KASUMI). The availability of an easy-to-use version doesn't really help in accelerating the release of a new standard. We can't get everyone on the planet to get new phones in a couple of years -- I doubt most operators would even want to buy new equipment (or upgrade their existing equipment with a new encryption standard) while 3G isn't even available country-wide in e.g. the US. We'll be stuck with A5/1 for at least another decade*. Besides that, you'll still need an USRP or similar device. If people don't want to go through the effort of figuring out to get our existing tools working, they won't buy such a device. Some code for the USRP(2) and Airprobe will probably be as easy as it gets. *If GSMA only upgrades the encryption standard on 3G(UMTS) or 4G(LTE) networks, which is probably the only viable approach, there will be existing 2G networks for all old phones. And for as long as those networks exist, most new phones (i.e. with a new encryption standard) will be backwards compatible. This means that new phones will still be attackable by forcing those phones on the old 2G network; something that could easily be done by e.g. jamming UMTS/LTE frequencies. And while that makes it an semi-active attack, jamming is very easy and most people wouldn't notice it. _______________________________________________ A51 mailing list A51@lists.reflextor.com http://lists.lists.reflextor.com/cgi-bin/mailman/listinfo/a51
