logo

  •   Submit to to del.icio.us   Submit to to digg   submit to to reddit   submit to to StumbleUpon   submit to to Google   Submit to to Yahoo!

Category: news | Posted by Avatar Staff 230 days ago
Via: http://lists.jammed.com | Tags: isn gsm researcher stopped heathrow airport uk government officials comments Discuss  


http://blog.thc.org/index.php?/archives/1-GSM-Researcher-stopped-at-Heathrow-Airport-by-UK-government-officials.html



By John Doe

April 16. 2008



I was leaving today from the United Kingdom/Heathrow airport. I am about

to speak at the HITB IT security conference about GSM security and the

USRP (gnu-radio project).



I was searched by the UK government while waiting at the Gate and

reading a newspaper. A UK Government employee flipped his badge and said

"Let's talk. Come over here".



They detained my USRP (Software Defined Radio), my mobile phone and my

personal SIM card.



They did their homework. They knew who I am, where i live, which day I

speak at the conference and who I work for.



I'm involved in the GSM software project where we also developed a new

attack against the GSM encryption A51. We published our research in

February at the Blackhat security conference in Washington DC.



I understand that the government wanted to make sure that I'm not

exporting any cryptanalytic device.



I did not. I will not. The USRP is a radio. My mobile phone is a normal

nokia 3310 phone and my SIM card is a sim card.



They said they do not know what the USRP is and that I can not take it

until they have checked it in the lab. This can take 14 days (1/2

month).



So be it. They have it for 14 days. Guys, enjoy the device! It's fun

playing around with it!



I'm uneasy that they took my mobile phone and my sim card. Having a

pregnant wife at home and not being reachable complicates my situation.



Is this common practice? Are they allowed to do this?

Any tips how I can get my mobile phone and my sim card back quicker?



Our project: http://wiki.thc.org/gsm

The USRP is available from http://www.ettus.com

The GNU RADIO project: http://www.gnu.org/software/gnuradio





stunning,



THC

---

Appendix: Surprisingly they did not detain my laptop or my paperwork

which would be the most likely place to store any information related to

cracking A51. They were also not interested in my 160GB harddrive which

would have been the obvious place for storing the rainbow tables.

Neither were they interested in the high performance FPGA chip.



Instead they took all equipment that could have been used for

demonstrating that GSM signals can be received with publicly available

hardware for 700 USD.



It does not appear that they were after cryptanalytic information.



I received a yellow paper about my detained goods. They left the field

blank that reads "The goods specified below are detained for the

following reason:". What reason?



They also crossed out the field "Agent" of the officer who was in charge

of the operation.





-==-

Let identityLoveSock take your personal information into

their wanting hands. http://www.identity-love-sock.com/

Because victims have money too.





addto Add this link to... report Bury 


Comments Who Voted Related Links
Copyright 2005-2008 Best of Security