If you are using your mobile phone frequently, especially for private and confidential conversations, or if because of your work you always have the handset on to carry out negotiations or exchange information, a small piece of news which appeared on newspapers worldwide should legitimately sound as a warning to you.
In fact, just a few weeks ago, a young hacker from Germany has declared that he has cracked the encryption key that is used to transmit voice and data over the GSM network. This standard key is adopted by all GSM network operators worldwide, and is based on a 64-bit algorithm which, no matter how safe it is, is still much less complicated to decipher than one might think, especially when compared to the highly advanced 128 or 256-bit keys in use on more recent systems, not only in telephone communications field.
Of course, the kind of job necessary to force the codes such as the one in use on GSM networks, called A5/1, is not so easy as to be done by anyone, and the devices used for this kind of operations are generally very expensive, which so far made this technology accessible only to government agencies and law enforcement.
Anyway, during a worldwide hackers’ symposium, one of them revealed that currently it is actually possible to sneak into the GSM network, by using simple equipment which costs not more than 3000 dollars. Once this device is started, all you need is 30 minutes of work and you will easily be able to listen to mobile phone conversations within the range reached by this system.
On top of this, with software tools such as Java Virtual Machine, it is possible to install any kind of program on a mobile phone, and the user would not even notice it, making it possible to remotely listen to his conversations, turning the handset into a real spy phone.
This said, what can the ordinary mobile phone network user do to protect himself from such invisible threats?
Of course we can not just stand still waiting for phone operators to upgrade their security standards, and in the meantime have our phone conversations exposed to the risk of being bugged.
The best option we have is to add one further layer of security on top of the GSM encryption, by providing ourselves with an encrypted mobile phone, that is, a normal cellphone on which a particular software is installed, that encodes its conversations, by using a 256-bit encryption key, much safer than the 64-bit standard GSM network key.
The conversation between two encrypted phones takes place following the same principle as key-protected email. By making sure that both cellphones engaged in a conversation share the same encryption key, any eavesdropping operation which could get through to the encrypted conversation would only be able to hear a white noise, and this means that your phone calls are absolutely secure.
Therefore, you will easily be able to talk about sensitive subjects, or carry our confidential or sensitive negotiations over the phone, without any fear that your conversations might be bugged by any prying ears. Naturally, if your counterpart has a mobile phone which is not equipped with the same encryption system, should his phone be bugged, your voice could be heard; it is therefore advisable to use at least two (or more) encrypted cell phones, to be used by the people whose conversations you wish to keep secret.
For more information about how the encryption software works, and the models of mobile phones on which it can be installed, we advise you to visit the Endoacustica website, and contact our specialists for specific advice tailored on your needs.