<p>The worlds most popular radio system has over 3 billion handsets in 212 countries and not even strong encryption. Perhaps due to cold-war era laws, GSM's security hasn't received the scrutiny it deserves given its popularity. This bothered us enough to take a look; the results were surprising.<br><br>From the total lack of network to handset authentication, to the "Of course I'll give you my IMSI" message, to the iPhone that really wanted to talk to us. It all came as a surprise -- stunning to see what $1500 of USRP can do. Add a weak cipher trivially breakable after a few months of distributed table generation and you get the most widely deployed privacy threat on the planet.<br><br>Cloning, spoofing, man-in-the-middle, decrypting, sniffing, crashing, DoS'ing, or just plain having fun. If you can work a BitTorrent client and a standard GNU build process then you can do it all, too. Prepare to change the way you look at your cell phone, forever.</p>
<p>Chris Paget's technical focus is on systems analysis, analogue design, and microcontrollers. His recent work has concentrated on RFID technologies such as Prox, EPC Gen2 and EMV, he was the lead designer on the ProxPick. Chris is a regular presenter at Defcon, Shmoocon, and Black Hat.<br></p>
<p>Leading H4RDW4RE's Berlin research laboratory, Karsten Nohl's particular expertise is in cryptography and smart-card security. His recent work includes reverse-engineering and cryptanalysing MiFare, Legic, and other security-centric silicon. Karsten is a regular presenter at the CCC and as many other security conferences as he has time for.</p>