evilgenius

Hi there, it is getting time for the annual Chaos Communication Congress in Berlin, Germany, Old Europe. This time there are many speeches about mobile device security and GSM networks, check out the “Fahrplan”.
I hope to meet some old friends and find some interesting new people. And by the way: Happy Christmas!

A few month ago a paper was released which described how to break the Crypto1 algorithm of the Mifare Classic cards. Now the implementation has been released. The files with the source code have all in all only 611 LOC. Not so much…

I unplugged my modem last week before I went to Dortmund for some days and plugged it back in last Sunday when I came back. Since then my DSL broadband access is pretty slow. Like 1 Mbit/s downstream, should be around 16 Mbit/s. Therefore I messed a little bit around with my configuration and found out that my DSL Modem – Siemens C2-010-I, is actually Viking II Plus and not a modem but a moden/router/bridge. My provider configured the Viking as a bridge, therefore it looked like a usual DSL modem.

(more…)

The Computer Security Devision of the National Institute of Standards and Technology (NIST) have released their Guide to Bluetooth Security. Just had a short look at it, but I think it worth to read it. Especially the part about the new security features of Bluetooth 2.1 with Secure Simple Pairing (SSP). There are also some other quite interesting publications around.

Schneier about the CSI (Cellular Seizure Investigation) stick.

A little device with the size of a lighter which you plug into a cellular phone and sucks out all it’s user data. Right now, it only supports Samsung and Motorola phones, but I think it should be no problem to support other cellular phone brands like Nokia oder Sony Ericsson.