For once not Android smartphones by a security vulnerability are affected times, but all smartphones, regardless of whether Apple iPhone, BlackBerry or Windows phone 8 – the SIM card hack is potentially with all smartphones and even phones without open operating system possible. The treacherous the SIM card security vulnerability: A takeover of mobile phones or Smartphones requires no active involvement of the user and is not externally visible to the user. But: How big the danger posed by the old SIM card with DES encryption is really?
The media hype around the knackbaren SIM cards with the old standard was great. The security expert Karsten Nohl has tested the old SIM cards and encryption mercilessly exposed the weakness of the old 56-bit. Usually an interface used to communicate of the cards with the mobile operators, to play via SMS updates. Usually can be cracked the encryption without further ADO, heise.de but Karsten Nohl has demonstrated that it is possible with a simple trick to crack the signature of the SIM card within minutes.
Older SIM cards send a reply automatically, as soon as the specified signature was wrong. This response can deduce the correct signature, so that the hack can be accelerated significantly, so that the phone can be applied within a few minutes. This concerns the control of calls, sending SMS messages (even to expensive numbers), etc.
The potential for abuse is so enormous and there are no richttigen ways to protect, but: to really exploit hack, a long-obsolete the SIM must be map. In addition the operator filter out SMS with dangerous signatures, because this is not required for normal SMS.
Worldwide cards should be approximately half a billion SIM affected, better encryption standards used in Germany already for a long time, so that the exposure should be here extremely small. Annoying for the user: it is externally not seen, whether your own SIM card has still the old encryption and also by the network providers to get information as a customer is difficult.