切墙机厂家
免费服务热线

Free service

hotline

010-00000000
切墙机厂家
热门搜索:
技术资讯
当前位置:首页 > 技术资讯

SIM卡加密法遭破解数亿手机面临安全风险

发布时间:2020-01-14 20:59:37 阅读: 来源:切墙机厂家

新华网7月22日电据Gizmodo报道,近日,一名德国的密码破译者声称自己“黑”掉了一张手机SIM卡。美国最近爆发的“棱镜”窃听事件也许让这样的消息变得没那么新奇,但破解SIM卡的事情过去从来没有过,因此仍然值得引起关注。德国密码破译者的声明让成千上万的手机陷入潜在危险中。

柏林安全研究实验室创始人卡斯滕·诺尔(Karsten Nohl)通过对上千张SIM卡加密方法进行研究,发现了黑客如何破解SIM卡独特的56位数字密钥。诺尔发现的漏洞可能对7亿5千万部手机造成危害,使之暴露在监听之下,并伴随被钓鱼网站钓鱼和身份被盗的风险。

诺尔说,给我任意一个电话号码,在几分钟后我就可以远程遥控这张SIM卡,甚至可以复制一张。

除了攻破数字密钥外,诺尔还发现了“沙盒”(sandboxing)技术的漏洞,该技术能将手机上的敏感数据隔离在SIM上。通过向手机发送二进制短信,他能从手机获得一些列反馈信息,并最终利用这些信息破解手机的加密技术。诺尔发现的每一个漏洞都对特定的SIM卡有效,但如果让有企图的人获得这项技术,俺么现在就会有大量的SIM用户面临危险。

尽管诺尔不会在7月30日于拉斯维加斯召开的黑帽安全技术大会前正式展示他的研究结果,但他已与全球移动通信系统协会(GSMA)分享部分成果。发言人克莱尔·克兰顿告诉《纽约时报》记者:

我们已经开始考虑这些安全漏洞所带来的影响,并着手向网络运营商已经SIM卡供应商提供技术指导。

看上去他们正在开始着手处理这件事,并且完全信任如AT&T和Verizon这样的网络运营商可以快速及时地解决这些问题。

译者:张免

百度新闻与新华网国际频道合作稿件,转载请注明出处。Millions Of Cell Phones Could Be Vulnerable To This SIM Card Hack

With the NSA leaks going full force it probably won"t sound like news at all that a German cryptographer claims to have hacked a SIM card. But that"s never been done before, so it"s kind of a big deal, and shows that millions of phones are potentially vulnerable.

The founder of Security Research Labs in Berlin, Karsten Nohl, studied the encryption methods in thousands of SIM cards to figure out how a hacker could find the card"s unique 56-digit access key. The vulnerability he discovered could impact as many as 750 million phones and would open them to call surveillance, fraudulent purchases and even a type of identity theft. Nohl told Forbes,

Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it.

In addition to compromising access keys, Nohl discovered a flaw in the "sandboxing" technique that keeps sensitive data separate on SIM cards. By sending a binary SMS to a number of phones, he can collect data that eventually allow him to break through the encryption on some of the phones. Each vulnerability Nohl identified only applies to certain SIM cards, but in the wrong hands they could endanger a large percentage of the SIM cards in use right now.

Though Nohl isn"t officially presenting his findings until the Black Hat security conference in Las Vegas on July 30, he did share them with the GSM Association. A spokeswoman, Claire Cranton, told the New York Times:

We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted.

Definitely sounds like they"re on it, and totally trust enormous mobile providers like AT&T and Verizon to act quickly and nimbly in resolving this issue.

网上挂号电话

挂号

名医汇