Mobile phone SIM card with serious security vulnerabilities? 750 million phones are under threat.

&http://www.aliyun.com/zixun/aggregation/37954.html >nbsp;    According to the New York Times, a German mobile security expert has revealed It found a mobile phone SIM card security encryption technology in a loophole, hackers to use this vulnerability to user phone control and constitute a network of crime.      Kasten Nore, founder of the Security Research Laboratory in Berlin, Germany, Karsten Nohl that the encryption flaw on the SIM card allows hackers to obtain the SIM's digital key-a 56-digit sequence of digits, Hackers use this key to open the SIM card chip and modify it.      Noel also said that when he obtained the key, he could send a virus to the SIM card user via a text message, which could enable the hacker to monitor the caller, shop through the mobile payment system, or even speak to the handset owner. According to Noel, it takes about two minutes to get a user through a SIM card, and only a simple personal computer. He estimates that up to 750 million phones could be attacked.      "We can remotely install spyware on your phone and operate completely independently of your phone." "We can spy on you," says Noel. We know the encryption key for your call. We can read your short message. We're not just listening to your phone, we can also steal your SIM data, even your mobile identity and the money in your account.      Noel said that the SIM card encryption flaw he discovered exists because these SIM cards are encrypted using a "data Encryption Standard" that was presented in the 70 's, known as the "Encryption Standard" D.E . S. " Encryption method. After discovering the vulnerability, he conducted a universal study through two years of SIM cards on 1000 mobile phones running on the European and North American mobile networks (of course, these phones and SIM cards are owned by both himself and his research team). According to Noel, the study found that about One-fourth of the SIM cards still run the old encryption technology with security vulnerabilities.      It is reported that the current global daily use of mobile phones about 6 billion, of which about half of the mobile phones are used "D.E.S." Encryption technology. For the past 10 years, most operators have been using a more secure encryption method known as "three-dimensional d.e.s", but many carriers are still using old standards. Encryption is to disguise the SIM card, so that each cell phone has a unique digital signature.      GSM Association speech"We have taken into account the consequences and instructed these network operators and SIM suppliers to consider the possible impact," Clerclers Clanton, Claire Cranton, said in a statement. She adds that it is likely that only a handful of mobile phones use the old "vulnerable" standard.      Clanton declined to comment on Noel's comments that "there will be 750 million potential attacks on mobile phones" and said the GSM association would not comment on the review before the Las Vegas Black Hat conference.      Large Dutch sim supplier Gemalto said that the GSM association had informed the company of the preliminary findings of Noel and that the German SIM card maker Giesecke & Devrient Company also said it had " Analyzed this attack plan.          Noel said he had suggested that GSM associations and chip manufacturers use better filtration techniques to prevent similar attacks. He advises operators to phase out SIM cards that use "D.E.S." Instead of using new encryption techniques. He added that when consumers use a SIM card for more than three years, the operator should replace the new SIM card for the user.      Giesecke & Devrient said in a statement that it had been phasing out the use of "D.E.S" since 2008. Encryption technology SIM card. The German company says its SIM card uses a unique operating system and even uses "D.E.S." Encryption technology, there will be no "authentication code messages" as described in Noel.