By Albert Robinson, Reuters — “An Israeli scientist said on Wednesday his team had found a way to break into mobile phone calls made on the popular GSM network, allowing eavesdroppers to listen in on calls and even take on a caller’s identity.
The GSM Association, representing vendors who sell the world’s largest mobile system, which is used by more than 860 million consumers in 197 countries, confirmed the security hole but said it would be expensive and complicated to exploit.
Professor Eli Biham of the Technion Institute in Haifa said he was shocked when doctoral student Elad Barkan told him he had found a fundamental error in the GSM (Global System for Mobile communications) code.
“I told him (Barkan) that it was impossible,” Biham told Reuters. “I said such a basic mistake would already have been noticed by someone else. But he was right, the mistake was there.”
“We can listen in to a call while it is still at the ringing stage and within a fraction of a second know everything about the user,” Biham said. “Then we can listen in to the call.
“Using a special device it’s possible to steal calls and impersonate callers in the middle of a call as it’s happening,” he said. GSM code writers made a mistake in giving high priority to call quality, correcting for noise and interference, and only then encrypting, Biham said.””