Jan
24
2009
0

Dect Monitoring Update

As you’ll see from our last post – Dect is now completely insecure. Over the last two weeks I’ve been doing some more research, and it seems like around 50% of Dect phones transmit without using the optional encryption.

This means that someone with just a Laptop, Com-On-Air wireless Dect PCMCIA card & Ubuntu Linux can now monitor all those conversations you have. Imagine how much information you could be providing for identity thieves!

If you use telephone banking or use your credit card to pay for goods over the phone, then you really should go back to using a regular wired home phone for these calls at least (or just use your proper mobile, as these are still secure).

If you’re fortunate enough to own a DECT phone that does encrypt (list), then you are still at some risk, the reason: the data-stream passing between your phone & base-station can still be recorded – but at this moment it can’t be turned into a conversation. Once more malicious hackers start to understand the current software, then eventually brute force hacks for the encrypted calls will appear – and when they do your old calls could be dusted-off & decrypted.

Worryingly, it seems that Dect is used for controlling traffic lights & some wireless credit card terminals. So these will likely become targets too.

This hack originated in Germany and their equivalent of the BBC’s Panorama have already done a piece on it. The equivalent of the UK’s OFCOM have already issued advice to Germans that they should stop telephone banking & giving out credit card numbers over cordless Dect phones.

The equipment still takes a fair bit of computer knowledge to get working, and the PCMCIA cards are only available in limited numbers – so it might not become an epidemic-level problem. The Dosch Amand Com-On-Air type II PCMCIA cards which were selling for €40 two weeks ago are now changing hands for €200+ on eBay!

Frontal21 (like BBC’s Panorama in the UK) website piece.

Video of Frontal21 episode

If you want to experiment you can buy a DECT card for your PC from www.ebay.de (that’s the German eBay). Look for vendor arc-computer2 & you could pickup a type III PCMCIA or PCI card for around €25 – you should pay €10 for UK carriage if in doubt.

Both the PCI card and type III PCMCIA card aren’t yet supported in the dect_cli software, but they soon will be. Once supported they’ll rocket in value like the type II cards already have – as these items are no longer manufactured & stock of the product is limited.

Here’s a recent screengrab from eBay.de – notice the joker selling a signed-by-the-hackers type II card for €2500.

Siemens Gigaset Dect Security – Read the press release.

Written by owner in: DECT,General | Tags: , , , ,
Jan
07
2009
0

DECT Hacked – Eavesdropping Now Possible!

Looking through the Security News on TheRegister.co.uk this evening I was surprised to see a report that DECT has now been hacked.

If you didn’t know already, DECT is the technology used by the current generation of cordless home phones & baby monitors. So now, not only is it probably bad for you, it’s also insecure!

The researchers reverse-engineered a standard Com-On-Air PCMCIA DECT card – which is normally used in a Windows laptop to bridge/ link DECT phones to Asterisk VOIP/SIP networks – and demonstrated their Linux-based sniffer at 25C3 hackers congress.

The PCMCIA Class II card costs just €40 from www.arc-computer.de (in Germany, you can buy one via their eBay shop). You will need a PC running Linux to do anything useful with it, and really it’s just a proof-of-concept tool right now. But watch this space.

Read more about it:

http://events.ccc.de/congress/2008/Fahrplan/events/2937.en.html

http://www.theregister.co.uk/2008/12/31/dect_hack/

https://dedected.org/cgi-bin/trac.cgi

Sep
27
2008
0

Allergy to modern gadgets is ‘posing health risk to millions’

Taken from an article by Lisa Adams of the Scottish Daily Record about Electrosensitivity – published 08/09/2008 :

IT’S called an allergy to modern life and half of Scots in the next 10 years could be at risk from this crippling illness, according to scientific research.

Victims of the condition, which is triggered by electromagnetic waves from mobile phones, power lines, microwaves and computers, suffer headaches, crushing chest pains, nose bleeds and a loss of feeling in arms and legs.

Experts report that up to 1.5million people in the UK already have their lives blighted by electro-sensitivity, with symptoms that also include heart palpitations, tiredness, fainting, light sensitivity and skin problems.

Mike Bell, chairman of the Radiation Research Trust, said: “We are seeing a significant increase in enquiries from individuals suffering from these symptoms.

“We’re concerned that many people could be living with health-related electro-sensitivity symptoms without realising the cause.

“Doctors in the UK are not trained to recognise this condition. They could be misdiagnosing patients and treating them with drugs rather than investigating the cause.”

One victim has compared the condition with life as a human aerial – their body overreacting to electrical waves in the environment. Today, as a scientific conference opens in London, public health expert Dr Gerd Oberfeld will predict that if current trends continue, up to 50 per cent of people could suffer from electro sensitivity symptoms in the next 10 years.

The World Health Organisation is also backing research, stating that: “Electrical hypersensitivity is a real and sometimes disabling condition.”

Sufferers are particularly vulnerable to the £2.5billion police communication system Tetra – Terrestrial Trunked Radio – which has been introduced throughout the UK. In the past three years, more than 1000 masts have been erected in Scotland. They pulse at 17.6hertz – above the 16Hz frequency the Government’s Independent Expert Group on Mobile Phones warns might affect brain activity.

Experts say radio waves at this frequency can cause calcium to leak from the brain, causing damage to the nervous and immune systems. If the masts are less than 15 metres high, they don’t need planning permission.

Former Norwegian Prime Minister Harlem Brundtland suffers from electro-sensitivity.

She said: “I felt a local warmth around my ear. But the agony got worse. It turned to discomfort and headaches every time I used a mobile phone.

“Some people develop sensitivity to electricity and radiation from equipment such as mobile phones or PCs.

“If this can lead to adverse health effects such as cancer or other diseases, we do not know yet. But I think we should follow the precautionary principle.”

Apr
20
2008
0

Sleeping With The Enemy?

Today’s Mail on Sunday magazine ‘You’ poses the question: ‘Are you sleeping with the enemy?’

Yes, another mainstream magazine dares to link Mobiles, Wifi routers and other electronic devices with poor sleep. In the article Dr Chris Idzikowski, director of the Edinburgh Sleep Centre, says that, ‘ There’s more than sufficient evidence that mobile phone exposure an hour before bedtime adversely affects deep sleep ‘.

Others in the article report the classic fuzzy-mindedness that over-use of RF emitting gadgets can bring on. The article suggests that you turn off your mobile at bedtime.

While this is good advice, not a single mention is made of the danger from DECT cordless phones. The article states that a Mobile left on the bedside table will talk to the cell tower every ten minutes or so – well in our experience it’s more like every half an hour, for a five second burst. That isn’t going to disrupt your sleep. However, having a DECT cordless phone near your bed almost certainly will.

If you didn’t already know: the DECT cordless phone’s base station – the main docking point, if you have several handsets – gives out a constant pulse of RF, all the time. Even when you’re not talking on the handset. Keeping it a few feet from your head, while trying to sleep, is not such a good idea. Nor should you have a DECT base unit next to the home PC you use for hours at a time. All those hours you spend feet from a DECT cordless docking station really could leave you feeling completely ‘Spaced Out’.

So, while the article in the Sunday Mail is undoubtedly well intentioned, it could have payed more attention to DECT.

Written by owner in: DECT,General,GSM,WiFi |

Theme: TheBuckmaker.com Premium WordPress Themes | InMotion, Gesundheit