Today’s news is that Karsten Nohl did it again. This German security researcher is slowly, but constantly rising in my eyes to become one of those few heroic people that I think are changing and shaping our world to make it better. I simply love his work and his results, they are just plainly fenomenal.<\/p>\n
Now he did it again, he cracked yet another aspect of GSM-3G which hasn’t really been looked at. He was able to remotely crack the encryption key of a SIM card and then get root access on it, meaning that he is able to modify the applications running the SIM card and also install new applications for example a malware on it.<\/p>\n
This actually leads to sending SMS in the name of the victim, or actually cloning the whole card (some cards’ Java Sandboxes could be bypassed leading to a full memory access of the SIM card).<\/p>\n
With the rise of new NFC payment systems which use SIM card Java Apps to perform authorization of payments this kind of access and behavior is certainly frightening.<\/p>\n