|
This file is available on a Cryptome DVD offered by Cryptome. Donate $25 for a DVD of the Cryptome 10-year archives of 35,000 files from June 1996 to June 2006 (~3.5 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. Archives include all files of cryptome.org, cryptome2.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org. Cryptome offers with the Cryptome DVD an INSCOM DVD of about 18,000 pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985. No additional contribution required -- $25 for both. The DVDs will be sent anywhere worldwide without extra cost. | |||
21 April 1998
Thanks to RH
Date: Tue, 21 Apr 1998 06:24:09 -0500 To: jya@pipeline.com From: RH Subject: GSM MoU Association response John: I thought this might be of interest to you for possible posting. A friend who works for Giesecke Devrient, (a German Smartcard manufacturer, among other things), and who is generally reliable, sent it to me. ================= Liebe Kollegen, die MoU hat mit einer offiziellen Press Release geantwortet (Quelle: www.gsmworld.com)["gsmworld.com" defunct; try: www.gsmmou.org] The GSM MoU Association Responds To Recent Claims Of Compromise To GSM Security The GSM MoU Association, which represents the world's GSM* network operators, regulators and administrative bodies from 109 countries/areas of the world, has received reports from the US which claim that the security provided by the GSM SIM** card may have been compromised. The recent, unsubstantiated, reports concern the mathematical code (A3) used to provide authentication within the GSM smartcard. Charles Brookson, Chairman of the GSM MoU Association's Security Group said: "The Association's members have been aware of reported attempts to compromise this element of GSM security. It has been alleged that, through a long process of trial and error, an individual user's secret key code may be discovered." "It is important to stress that this would only be feasible where the hacker has the card in their physical possession. If achieved, it would only compromise that one card and it is not practical to achieve over the airwaves by eavesdropping, so GSM mobiles cannot be 'cloned' (copying the users identity) in the manner of analogue phones." "There is no significant breach of security here," added Brookson. "Compromising the A3 algorithm does not, in itself present a significant threat to GSM security overall." "Furthermore, the GSM algorithm the students are claiming to have broken is the example algorithm provided to our members for them to create their own individual version. "Our customers can be assured that GSM remains a secure technology with standards of security greater than any other mobile public network," said Brookson. - ends - April 15, 1998 For more information, please contact: Mark Smith Mary King Companycare Communications Ltd GSM MoU Association Tel: +44 118 958 2031 Tel: +353 1 269 5922 Fax: +44 118 959 9595 Fax: +353 1 269 5958 Email: mark@companycare.com Email: marketing@gsmmou.org