Down in the Republic of Chile, government regulators have made a bold move to increase openness in the nation’s wireless industry. As of January 2nd, all phones sold in the country must be unlocked for use on any compatible carrier. This rule change will go along with mandatory number portability set to go into effect January 16th.
If you thought the competitive landscape in the US wireless industry couldn’t get any worse, you’d be wrong. Today AT&T announced a landmark deal with Deusche Telekom AG to buy up T-Mobile USA for a whopping $39 billion dollars. The deal which works out to a mixture of cash and stock is being sold to the public as an attempt to improve the network quality for both carriers, while offering a “fast, efficient and certain solution to the impending exhaustion of wireless spectrum in certain markets”.
Mobile security concerns often center around high-power smartphones, but at the Chaos Computer Club Congress some German researchers demonstrated even feature phones are vulnerable. By setting up a small GSM test network in the lab, researchers were able to test various SMS messages with different malicious payloads. The results were startling.
The German researchers were able to find vulnerabilities in many feature phones from Nokia, Sony Ericsson, and LG. The so-called "SMS of death" had different effects on each handset. Some were just disconnected from the GSM network, others were forced to reboot, but some (including models from Sony Ericsson and Nokia) were rebooted without registering the message as received. That means the network will continue sending the message, making the phone useless. The only way to fix this issue is to put the phone's SIM card in a non-susceptible phone.
The researchers stressed that the same vulnerability probably exists in many phones, but they only tested a handful of popular models. If these exploits make it into the wild, unscrupulous individuals could send these messages en masse, forcing a mobile provider to pay up to stop the attack. Now that the details are known to manufacturers, future phones can avoid this problem, but existing feature phones rarely get firmware updates. Fixing current handsets might be a no-go.
While Google-China ties have devolved into what is effectively a glacial impasse, Android continues to move briskly in that country. It is fast catching on as the operating system of choice among Chinese manufacturers eager to enter the tablet market. Now, ZTE has chosen the open source platform for its maiden tablet. The ZTE Light is a 7-inch device that weighs around 400gm and supports both GSM and WCDMA standards. Although the Light's price still remains a mystery, it is expected to be an affordable alternative to tablets like the iPad and Samsung Galaxy Tab.
We heard news yesterday that Windows Phone 7 would not be available on Verizon until 2011. Now Microsoft has clarified the situation, and the reality is a bit of a bummer. There will be no support for CDMA networks in Windows Phone 7 until 2011. That's why Verizon is not planning for handsets.
A Microsoft senior product manager told Cnet, "We had to make some trade-offs. Even Microsoft doesn't have unlimited resources. We had to prioritize doing fewer things, really, really well." The two major CDMA networks in the US, Verizon and Sprint, will just have to wait. The GSM standard is much more common in the world, which is why Redmond decided to go that route.
This isn't the first time CDMA has been kicked to the curb. Until Android 1.6, there was no support for CDMA. In fact, when HTC launched the HTC Hero on Sprint (running Android 1.5) they had to roll their won code for the CDMA network. If you've been waiting for WinPho7, will you jump ship to a GSM carrier, or wait for it to come to you?
Wired editor Chris Anderson issued a strange bit of information via a tweet last night. Apparently, he was told by a T-Mobile manager in no uncertain terms that the nation's number four carrier would be getting the Apple iPhone 3GS later this year. The new iPhone 4 is apparently left out of the deal. This is still strictly rumor material, but it seems to jive with previous rumors.
There have been rumors that the iPhone could come to T-Mobile. The transition to T-Mobile would be simpler for Apple than moving to Verizon. T-Mobile also uses the GSM standard like AT&T does. The iPhone would just need GSM chips capable of operating on T-Mobile's 3G frequency. Verizon uses CDMA, and would require a much larger redesign of the phone's internals.
User's have been clamoring to get access to the iPhone on another carrier. Verizon is often cited as the best option considering their expansive network. T-Mobile has a much smaller, but faster, HSPA+ data network. Would you be interested in the iPhone if it were on T-Mobile?
Chris Paget made a name for himself back in 2009 when he exposed security vulnerabilities in RFID that allowed him to wirelessly download the contents of US passports from a parked car, and he’s making headlines again by exposing serious problems in the GSM cellphone network. Using nothing more than an off the shelf laptop, and a pair of RF antennas he was able to successfully imitate an AT&T cellphone tower which allowed him to intercept and record phone calls. “As far as your cell phones are concerned, I'm now indistinguishable from AT&T,” he told a crowd at this year’s DefCon security conference.
The demonstration was supposed to highlight a major flaw in the 2G GSM system which automatically directs phones to the tower with the strongest signal, apparently without proper authentication. So far the system only works on outgoing calls, but is a pretty critical flaw in the most commonly used wireless technology in the world. "GSM is broken," Paget said, "The primary solution is to turn it off altogether." I’m willing to bet carriers will take his recommendation “under advisement”, but hopefully a more reasonable fix is possible with the existing hardware.
It is unknown at this point if similar vulnerabilities exist in CDMA, but for the time being anyway, it will be the last refuge for tin foil hat wearing propeller heads who need to keep their calls private at any cost.
Verizon, the largest wireless provider in the US, operates a CDMA network as opposed to AT&T that relies on GSM technology. Even though the report quotes unnamed sources and is in the realm of speculation, the paper has so much faith on its tipsters that everything is presented with the conviction of indubitable truth.
But if rumors of a CDMA iPhone are indeed true, the smartphone would no longer remain an AT&T exclusive. Such a move would also put the smartphone, which accounts for a large chunk of mobile internet bandwidth, within the reach of 91 million Verizon customers. Also, lets not forget that there are more than half a billion CDMA subscribers around the world.
According to the report, Taiwan-based Hon Hai Precision Industry Co. has been retained as the contract manufacturer for the next GSM iPhone, whereas Pegatron Technology Corp., an ASUSTeK subsidiary, has been given the task of mass producing CDMA iPhones. And it will begin producing them in September.
Neither Verizon nor Apple seemed willing to comment on the latest iPhone rumor. “There has been lots of incorrect speculation on CDMA iPhones for a long time. We haven't seen one yet and only Apple knows when that might occur,” a Verizon rep told the Wall Street Journal. Apple simply refused to comment.
Talking away on a GSM wireless network? Might as well be talking through tin cans tied to a string. You’d be getting about the same assurance of privacy. It’s not bad enough the A5/1 security algorithm, which serves as the security backbone for the GSM network, was recently cracked. Now the another security algorithm, the KASUMI system, has also been cracked. And it took scientists at Weizmann Institute of Science in Israel two hours to do it.
The KASUMI is a 128bit A5/3 algorithm, which is implemented across 3G networks. Using a “related-key sandwich attack”, the team of Orr Dunkelman, Nathan Keller, and Adi Shamir tore it apart using a simple PC and two hours time. From their description, it was child’s play. They started with by using one key for encryption of a message, and then changed it to a different key. They write: “By using this distinguisher and analyzing the single remaining round, we can derive the complete 128 bit key of the full Kasumi by using only 4 related keys, 226 data, 230 bytes of memory, and 232 time. These complexities are so small that we have actually simulated the attack in less than two hours on a single PC, and experimentally verified its correctness and complexity.” See, child’s play.
Karsten Nohl, who was the wunderkind behind the cracking of the A5/1 algorithm, says this new research shows that it’s time to reconsider KASUMI and move away from A5/1. “The attack should stand as a reminder that A5/3 and any other cipher will need to be replaced eventually. Hopefully this fact is considered when upgrading GSM,” said Nohl.
The GSM industry is taking an ostrich approach to these announcements: bury its head and the threat no longer exists. Which means, for the time being, you’d better watch what you say when using your GSM phone.
AT&T finally seems ready to admit that this whole Android thing isn’t just a flash in the pan. The carrier that brought you the iPhone will be launching five Android phones in the first half of 2010. The announcement was a bit short on details, but there were some clues as to which handsets to expect.
AT&T plans to offer a Motorola handset with a “unique form factor”. This can only be the Moto Backflip we told you about recently. This phone is “blessed” with an awkward looking reverse clamshell design and a lack of Google apps (in the prerelease version at least). The announcement also said Dell’s first smartphone would be coming to the network. That clearly means a version of the Mini 3i with US 3G bands.
The remaining phones are to be HTC devices. No details on what these might be. Knowing HTC’s penchant for repackaging the same hardware, these phones could end up being variations of the Hero. We may see some of the phones spied in the leaked roadmap from a few weeks back. Any AT&T customers planning to buy into the Android craze?