How eavesdroppable is GSM?
August 1, 2007 1:24 PM   Subscribe

Practically, what are the chances of my communications being sniffed over GSM?

iPhone owner. Let's say I only have access to an open network, need to log into a a site that doesn't offer SSL, and don't want to broadcast my password in the clear. Will switching to the GSM network offer me any reasonable security? All the links I've found on GSM eavesdropping are not for lay-people or for the tin-foil hat crowd.

Is this something someone could do with little equipment and/or skill? (like breaking WEP) or a lot more sophisticated?

(No, I'm not setting up a VPN. Long story, not happening.)
posted by Ookseer to Computers & Internet (4 answers total)
Will switching to the GSM network offer me any reasonable security?

GSM is a voice protocol. You are using GPRS or EDGE with an iphone. Both those standards support encryption, but I think its up to the carrier to decide what kind. GPRPS uses something called GEA, but if I remember correctly tmobile uses DES for encryption for theirs.

I'm not a security engineer or analyst but the air interface is probably the last place you need to worry about data interception. Eventually your data gets to att's internet gateway and then becomes regular old IP traffic. I would imagine this is the most vulnerable point. So your risks are probably the same as using a regular home PC. Hell, its riskier if you are using WEP to secure wifi wireless.
posted by damn dirty ape at 1:49 PM on August 1, 2007

GSM seems to use a form of encryption similar to SSL according to this page.
posted by blue_beetle at 2:45 PM on August 1, 2007

I think you'd be much safer using GSM than using the WiFi. I've never heard of a GSM sniffer before, where WiFi sniffers are routine and widespread. I personally make sure to disable my WiFi when I'm out and about just in case.

Most websites, even when using SSL, will use encrypted passwords, so it's not automatically death if you do log in over a non-SSL connection. I would, however, avoid doing so whenever possible, because the password-passing method is hard to determine without running a network sniffer yourself ahead of time.

Security through obscurity isn't great, but it's better than nothing. With AT&T moving to their 3G network, I think the hackers will probably focus more strongly there than on the old and boring 2G/iPhone stuff. :)
posted by Malor at 3:17 PM on August 1, 2007

The air interface of a modern (post-AMPS) cellular connection is the last place you'd want to attack it. Someone interested in sniffing your traffic would have better luck monitoring the T1 circuit(s) that connect the BTS (tower equipment) to the BSC (switch) back at the MTSO (central office). Or, in case that's encrypted too (I don't know my UMTS/EDGE), just sniff the data circuit between the MTSO and the backbone provider.

Listening to your traffic "on the air" is more trouble than it's worth, in most cellular standards. (AMPS being the notable exception.)
posted by Myself at 1:30 PM on August 2, 2007

« Older Give my Mighty Mouse a mighty douse of mousepad...   |   How secure is https: Newer »
This thread is closed to new comments.