Hackers and Spies Take Notice: Only 30 Days Left To Claim Your $250,000 Gold Reward
Gold Lock, a provider of secure mobile communications devices and computer-based encryption products, remains doubtful that anyone is going to snatch the $250,000 pot of gold.
Tel Aviv, Israel , 31 December 2009 – Gold Lock (www.gold-lock.com), a leading provider of military-grade secure mobile communications devices and data encryption tools, wants the world’s spies, hackers and professional communications eavesdroppers to know that they have only 30 days left to download and decrypt the recorded voice call waiting for them on the Gold Lock website.
Back in October of 2009, Gold Lock CEO Noam Copel announced the company’s intention to award $100,000 in gold to anyone that could provide a transcript of a cellular call that was encrypted using one of the company’s products and posted on its web site. In November, the company upped the reward to $250,000 in pure gold. And although thousands of would-be hackers responded, including members of various intelligence communities, the gold remains unawarded.
And that doesn’t surprise Mr. Copel, who firmly believes the gold will remain in his possession when the deadline for the contest expires in 30 days.
“We have been providing comprehensive end-to-end IT and cellular encryption solutions to government, public, and private sectors since 2003. In all that time we have never had a communications security failure, and no one that uses any of our products has had any sensitive personal or business information harvested and used against them,” said Mr. Copel.
Gold Lock’s data and voice encryption products utilize state-of-the-art encryption technology so powerful it has been licensed by the Israeli Ministry of Defense. For example, when protecting voice calls, Gold Lock automatically changes the keys multiple times for each call, a feature that makes it virtually impossible to zoom in on a specific set of keys and decrypt it. The company is quick to point out, however, that the complex technology that makes these products undefeatable is transparent to the user. Making a secure voice call is as simple as making a regular call. The software installed in the phone does all the work.
Since anyone with a few hundred dollars to spare can buy or build the technology needed to intercept voice calls or data transmissions, encryption products like those that Gold Lock provides are no longer a luxury reserved for world leaders and top espionage agents. Anyone that wants protection from the threat of extortion, kidnapping, industrial spying, or unwarranted intrusion by government agencies is well-suited to become a Gold Lock customer.
To learn more about the contest and download the pre-recorded 10-minute file, visithttps://www.gold-lock.com/app/en/HackerChallenge. To learn more about the military-grade encryption solutions offered by Gold Lock, visit http://www.gold-lock.com.
Exigen se considere a Ollanta Humala como agraviado en caso ´chuponeo´
El vocero político del Partido Nacionalista, Carlos Tapia, demandó se esclarezca e investigue la denuncia sobre que el APRA pagó a la investigada empresa Business Track (BTR) para ‘chuponear’ al líder de su agrupación, Ollanta Humala en plena campaña electoral del 2006.
“Se está ocultando, se está engañando en democracia. Exigimos que a Ollanta y al Partido Nacionalista se les considere como parte civil (agraviados) para esclarecer si hubo interceptación telefónica”, sentenció en los estudios de RPP.
…
Gold Lock, Empresa Líder en Cifrado de Comunicaciones, Reunió en Miami a sus Representantes de México, Colombia y Venezuela
Gold Lock reunió a sus representantes de Mexico , Colombia y Venezuela en la ciudad de Miami el pasado viernes 27 de Noviembre de 2009. Allí se realizó una capacitación detallada de las últimas novedades sobre los productos de cifrado de voz y datos de Gold Lock, y se definieron estrategias comerciales para el año 2010.
(PRWEB) December 29, 2009 — Gold Lock, la empresa lider en productos de cifrado de comunicaciones de voz y datos, reunió en el Hotel Sofitel de Miami a los representantes de sus oficinas locales de México, Colombia y Venezuela, el pasado 27 de diciembre de 2009.
El evento tuvo como objetivo realizar una capacitación detallada sobre las últimas novedades de los productos de Gold Lock, que incluyen compatibilidad con BlackBerry y iPhone, además de las versiones tradicionales para Nokia, Windows Mobile y PCs.
Se contó con la participación a distancia desde Israel de Noam Copel, CEO y fundador de Gold Line Group, quien vía video-conferencia presentó a los asistentes los planes de desarrollo de la compañía para el año 2010.
En la capacitación se focalizó en la importancia en poder transmitir, tanto a gobierno y fuerzas militares, como a la comunidad en general, lo fundamental que resulta la protección de las comunicaciones de voz y de texto, debido a los innumerables casos de escuchas ilegales producidas en los ultimos tiempos.
También se focalizó en detallar los aspectos por los cuales Gold Lock es el líder indiscutido en productos de cifrado, la única empresa testeada y certificada por terceros, que además mantiene un desafio público y abierto a hackers y está licenciada por una entidad gubernamental (Ministerio de Defensa de Israel).
Los represantes de Gold Lock en Mexico, Colombia y Venezuela aprovecharon la oportunidad para comentar sus planes comerciales para 2010, incluyendo el armado de redes de distribuidores dentro de cada país, para maximizar su área de cobertura y proveer mejor y más cercano soporte a los usuarios finales.
Gold Lock continuará en el año 2010 su expansión en América Latina, abriendo nuevas oficinas y consolidando su red de distribuidores locales.
German engineer breaks 21-year-old GSM code
A German computer engineer said that in his attempt to expose weaknesses in the security of global wireless systems, he had successfully deciphered and published the GSM code used to encrypt most of the world’s digital mobile phone calls.
Encryption expert, Karsten Nohl cracked the 21-year-old GSM algorithm, a code developed in 1988 and still used today to protect the privacy of 80 percent of mobile calls worldwide. The GSM algorithm, technically known as the A5/1 privacy algorithm, is a binary code – which is made exclusively of 0’s and 1’s.
“This shows that existing G.S.M. security is inadequate,” Nohl, 28, told about 600 people attending the Chaos Communication Congress, a four-day conference of computer hackers that runs through Wednesday in Berlin.
…
Hackers Show It’s Easy to Snoop on a GSM Call
Computer security researchers say that the GSM phones used by the majority of the world’s mobile-phone users can be listened in on with just a few thousand dollars worth of hardware and some free open-source tools.
In a presentation given Sunday at the Chaos Communication Conference in Berlin, researcher Karsten Nohl said that he had compiled 2 terabytes worth of data — cracking tables that can be used as a kind of reverse phone-book to determine the encryption key used to secure a GSM (Global System for Mobile communications) telephone conversation or text message.
While Nohl stopped short of releasing a GSM-cracking device — that would be illegal in many countries, including the U.S. — he said he divulged information that has been common knowledge in academic circles and made it “practically useable.”
Intercepting mobile phone calls is illegal in many countries, including the U.S., but GSM-cracking tools are already available to law enforcement. Knoll believes that criminals are probably using them too. “We have just basically copied what you can already buy in a commercial product,” he said.
…
Snooping on GSM phones is a doddle
EAVESDROPPING on GSM phones could become more widespread after a hacker broke the encryption algorithm and published the lot.
According to PC World, in a presentation at the Chaos Communication Conference in Berlin, researcher Karsten Nohl said that he had compiled two terabytes worth of cracking tables to work out which encryption key was used to secure a GSM telephone conversation or text message.
It won’t be long before someone works out a GSM cracking device, he claimed, although of course that would be regarded as illegal by the GSM phone networks.
GSM is vulnerable because of the weak nature of its 20 year old encryption algorithm. It’s a 64-bit cipher called A5/1.
Nohl said that by using his tables, plus antennas, specialized software and $30,000 worth of computing hardware to break the cipher, someone can crack the GSM encryption in real time and listen in on calls.
Nohl, who uses a Blackberry GSM phone himself but has taken to using encrypted landlines for private conversations, says that the point of the research is to make it clear that GSM calls are not secure.
The GSM Association has developed a next-generation standard called A5/3 that is considered much more secure. That’s the standard that is used on 3G networks to carry Internet traffic.
German hacker cracks cell phone encryption
A German engineer has broken the 64-bit encryption still used by a large number of GSM cellular networks around the globe and released his findings online in hopes of spurring tighter security. What does this really mean for most wireless phone users?
Karsten Nohl presented his work at the Chaos Communication Congress in Berlin, a 4-day conference for computer hackers. He also released his findings via BitTorrent, where they can be downloaded by anyone.
The GSM standard was originally created in 1988 using 64-bit encryption called the A5/1 privacy algorithm, though a stronger 128-bit algorithm is currently available. Nohl says that his work is intended to push carriers who haven’t upgraded into tightening their security.
Consumers increasingly rely on their mobile phones as a primary means of communication and insecure mobile networks could become a huge threat for transactions like mobile banking and commerce. Without the proper security measures, consumer information could be vulnerable to well-funded cyber criminals.
Claire Cranton of the GSM Association said, “this is theoretically possible but practically unlikely.” She continued that, “what he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me.”
Cracking into a mobile operator’s network would require specialized equipment to intercept the signal and to analyze the transmissions that aren’t available to the general public. Nohl counters that open source software is available to do the signal processing if the hackers get their hands on the right equipment.
Overall this isn’t an immediate threat to anyone’s mobile privacy, though it could become one if carriers don’t upgrade their security. Cell phone users on GSM networks account for over 80 percent of the world’s 4.3 billion wireless subscribers.
In the U.S., both AT&T and T-Mobile use the GSM standard, while Verizon and Sprint use a different protocol. That accounts for about 299 million cell phone users in the United States alone.
Cellular systems could be fully hacked within 6 months
Sometimes its ridiculous how the most common (and important) technology in our daily-life is vulnerable to kinds of attacks that could bring nightmares. Still, no one is aware, no one is doing anything. Such is the Case of Today’s GSM — The most popular Cellphone Technology.
Every year, some hacker comes out and breaks something crucial to us, which makes us and authorities learn it the HARD WAY, “We are not safe”.
The best work is done by BlackHat and DEFCON, which are open forums for Hackers, especially DEFCON, which has open hacking challenges.
If you ever went to the DEFCONs, you know what I’m talking about. These guys can take down a military of servers down in couple of hours. They can hack anything from a conventional “lock” to GSM phones.
This year was no exception. Karsten Nohl, a PhD candidate from the University of Virginia gave quite a talk. He wants to generate a rainbow table that will decipher GSM (AT&T and Tmobile) phone calls. A rainbow table is basically a look-up table that could speed up password cracking for almost anything by factor of 10x or even more.
To generate the table, we choose a random set of initial passwords from P, compute chains of some fixed length k for each one, and store only the first and last password in each chain. The first password is called the starting point and the last one is called the endpoint. In the example chain above, “aaaaaa” would be the starting point and “kiebgt” would be the endpoint, and none of the other passwords (or the hash values) would be stored.
These hashes are then used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function.
Whether To DO or NOT to?
Nohl might have declared this publicly, but it has raised a concern among the authorities. Should such attacks be publicized?
If this is allowed, the cellular systems will be fully hacked within 6 months. Analysts appear to be concerned. They are saying methodology required to crack GSM encryption has been available for 15 years.
Stan Schatt, Vice President and Practice Director, Healthcare and Security at ABI Research pointed out:
“Potentially this news could have as profound an impact on the cell phone industry as the breaking of WEP encryption had on the wireless LAN industry.”
The Dark Secret of GSM
The cryptographic protection is but a small part of the 130 volumes and over 6,000 pages which make up the GSM standard. Unfortunately, the cryptography was designed in secret and is still kept secret, provided to individuals at smartcard and cellphone manufacturers on a “need-to-know”‘ basis.
“As shown so many times in the past, a design process conducted in secret and without public review will invariably lead to an insecure system,” says Marc Briceno, Director of the SDA. “Here we have yet another example of how security by obscurity is no security at all.”
The origin of the breach was when the SDA (smartcard developer association), while designing a smartcard, discovered the cryptographic algorithms used inside the SIM’s and cellphones. The SDA first verified that the algorithms were accurate. The exact details of the algorithms were not known to the public but the verified algorithms matched the facts that were publicly known. Next the SDA brought in David Wagner and Ian Goldberg, researchers in the Internet Security, Applications, Authentication and Cryptography (ISAAC) group at the University of California, Berkeley. Within a day, Wagner and Goldberg had found a fatal cryptographic flaw in COMP128, the algorithm used to protect the identity inside the SIM. They created a system to exploit the flaw by repeatedly asking the SIM to identify itself; by processing the responses they were able to extract the secret from inside the SIM.
“There’s no way that we would have been able to break the cryptography so quickly if the design had been subjected to public scrutiny”, says David Wagner. “Nobody is that much better than the rest of the cryptography research community.” David Wagner was previously known for his work on the breach of CMEA, a cipher used in digital cellphones. As in this case, the cryptographers who did the work on CMEA blamed the design process for the insecurity of the system.
The BIG Impact
Today, there are billions of people using GSM phone technology. So, cracking GSM encryption has BIG concerns underneath.
What’s at stake if GSM-encrypted traffic is no longer secure?
Loss of Privacy over Voice Calls – Any damn GSM call can be intercepted. This means everything.
Jamming calls – Today, Jammer’s do exist but new kind of jamming technology can be introduced that can take down communications in larger areas.
Financial institutions that use text messages as authentication tokens would be in trouble.
Business – Almost all Business end-customers will be impacted, the potential loss to the business could touch billions.
PDA and Smart-phone IP Traffic – Users that surf web, use internet over their phones for Business EMail will no longer be secure.
Why Nohl wants this move?
As a cryptography expert, Nohl understands this. He explained-
“We’re not creating a vulnerability but publicizing a flaw that’s already being exploited widely. Clearly we are making the attack more practical and much cheaper, and of course there’s a moral question of whether we should do that.”
It’s not just that he’s the first one to do it. GSM had been hackable since decades. There are devices, today, capable of cracking GSM encryption, though expensive. Nohl plans on offering the solution for free and that’s what could bring trouble.
Now the questions goto the GSM consortium, Telcos –
If GSM encryption is vulnerable, why haven’t the telcos/GSM done anything about it?
Why does people like Nohl have to come and show trigger to GSM authorities to get it fixed? Why can’t they fix it, when they know about it!
http://www.taranfx.com/the-unsecure-gsm-encryption-you-are-vulnerable-to-hack-the-dark-secret
Palacios seguirá preso y le amplían la acusación en la causa del espía
…
Es que las escuchas telefónicas de este escándalo de espionaje se lograron a través de órdenes firmadas por dos jueces provinciales misioneros. El circuito era así: James le pasaba los datos a Guarda, éste a sus superiores y luego se incorporaban a causas penales.
Así, por ejemplo, Sergio Burstein, un familiar de una de las víctimas del atentado contra la AMIA que se oponía a la designación de Palacios al frente de la Metropolitana, fue investigado en el marco de una causa por homicio y contrabando. James había pasado su teléfono como el de un sospechoso de esa causa.
Ayer, los camaristas confirmaron los procesamientos por las escuchas al teléfono de Burstein. Pero luego los acusados fueron procesados por Oyarbide por otros casos en los que figuran como víctimas de espionaje abogados, comerciantes y empresarios. Hasta un cuñado de Macri fue escuchado a través de este sistema. Se llama Néstor Daniel Leonardo y hace un mes sufrió un sospechoso ataque.
…
Tom Cruise es acusado de ‘chuponeo’
¿Tom Cruise involucrado en ‘chuponeo’? El actor estadounidense, que aún no se pronuncia sobre esta acusación, es acusado de espionaje por intervenir las llamadas de Michael Davis Sapir, el editor de una revista estadounidense.
El protagonista de Misión Imposible contrató al detective privado Anthony Pellicano para ‘chuponear’ la línea telefónica del periodista, que hoy exige el pago de US$5 millones como reparación por el daño causado, informó el portal Examiner.
Pero las diferencias entre Cruise y Sapir no son nuevas. En 2001, el actordemandó al periodista por US$100 millones luego que este dijera tener un video que demostraba la homosexualidad de la estrella de Hollywood. El caso no llegó a mayores tras el acuerdo de ambas partes.
Sin embargo, ahora Sapir sostiene que el investigador privado hizo grabaciones ilegales a su número de teléfono durante el tiempo en que duraron los juicios de 2001. “Estas acusaciones son basura, nosotros nunca contratamos a Pellicano para que trabajara en el caso Sapir”, dijo Bert Fields, abogado del actor.
About Sigillu
Sigillu offers the safest and most efficient solution to keep your sensitive cellular conversations and text messages secure from eavesdropping.
Technorati
Twitter: follow me
Subscribe to Sigillu Feeds
Recent Comments
Sigillu 