In the cat-and-mouse game played by those who break secure encryption codes and those who make them, the cats just scored another point. The mice squeaked that it really wasn't a point, really.
The New York Times and Wired News ran bylined pieces on the announcement by two Israeli researchers that they have figured out how to listen in on scrambled GSM cell-phone calls using only the computer power of a souped-up PC. (The San Jose Mercury News ran a much shorter version of the Times copy but omitted the byline.) The GSM standard is little used in the U.S.; only about 5 million cell phones rely on it, including those made by Omnipoint (OMPT). But GSM accounts for nearly 100 million phones in Europe and 230 million worldwide.
Writing for the Times, Sara Robinson nicely conveyed the incremental nature of the work of the cats - the code breakers. Early in the piece Robinson gave room to an Omnipoint spokesman calling the researchers' claim "ridiculous ... an academic exercise that would never work in the real world." Robinson then wheeled over to the Berkeley research group responsible for the groundwork behind the Israelis' announcement, finding someone who disagreed: "This is a big deal," the researcher said, pointing out that it puts the interception of GSM calls "within the reach of corporate espionage."
Declan McCullagh, reporting for Wired News (whose Net traffic is now redirected to servers at Lycos (LCOS)), covered more completely the history of attacks on cell-phone codes. He was able to do this because Wired's format, unlike that of the Times, allows for links to material outside the news site.
McCullagh talked to both cats and mice, the latter represented by the GSM Association's James Moran. McCullagh asked him why the GSM encryption algorithms had grown in the dark, away from public scrutiny - which most experts say is the only way to make them bulletproof. Moran replied that when the codes were developed, in the late 1980s, "it wasn't the attitude at the time to publish algorithms." - K.D.
Researchers Crack Code in Cell Phones
Two Say They Cracked A5/1 Encryption Code
San Jose Mercury News
Cell Phone Crypto Penetrated