Printed from http://www.electronista.com

Wireless carriers counter-hack SIM card Java flaw, updating encryption

updated 11:44 pm EDT, Thu August 1, 2013

Carriers update SIM cards with Java flaw, preventing costly recall

By exploiting the same Java-based flaw that caused the problem in the first place, most major wireless carriers have fixed a critical problem with SIM cards crucial to mobile phones that could have revealed personal data from cellphones to malicious parties. The counter-hack saved the wireless industry millions of dollars that it would have cost to replace all the affected SIM cards.

The vulnerability was discovered by cryptographer Karsten Nohl of the German Security Research Labs. Nohl's research found that two targeted SMS texts could allow a hacker to send premium text messages, re-direct and record calls and potentially undertake payment system fraud of near-field communication (NFC)-equipped devices.

According to Nohl, the bug is the result of incorrectly configured and outdated Java card software, combined with weak encryption keys. There is no way of the user determining if a SIM card has the vulnerable version of the software. Nohl's testing discovered that some shipments could be compromised, while others had newer code, protecting them from intrusion. Around a quarter of the cards Nohl and his team tested were vulnerable, translating to around 500 million devices with susceptible SIM cards worldwide.

Regarding the unique fix, Nohl praised the wireless companies. "They're adopting hacking methods to make it more secure," he said at the Black Hat conference. "Abusing the Java vulnerabilities to update the card is the neatest outcome of this."



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

Prong PWR Case

Ultimately there's one thing we all want from smartphone accessories; we want options. When it comes to keeping our iPhone charged, we ...

iHome iBT74 Color Changing Bluetooth Speaker

There's no reason why your tech can't look good while doing what it was designed to do. That's the reason that sports cars look good a ...

Logitech Gaming Daedalus Prime Mouse

Logitech Gaming continues to expand upon its peripherals line, with each one looking to fit neatly into a breadth of gaming needs. Bui ...

Advertisement

toggle

Most Commented