Re: Questions on GSM Penetration test

From: Tom Buelens (email@tombuelens.com)
Date: 01/26/02


From: "Tom Buelens" <email@tombuelens.com>
To: "M Lister" <mlist@m-net.arbornet.org>
Date: Sat, 26 Jan 2002 20:03:49 +0100


>
> Please forgive me if this sounds naive, but I was under a *STRONG*
> impression that it is practically impossible to copy a smart card. [Isnt
> that what is used as a SIM card]. From the little that I know of smart
> cards, security is their forte. I know absolute security is an unknown
> concept but still copying a smart card, wouldnt that be too
> difficult?? Wouldnt the cost involved in doing so probably be more than
> the benefits?
>
Aren't there Canadians watching US satelite broadcasts ?
Remember how some Canadians experienced the superbowl.
A guy I know from the CISSP review course test the security of smart cards.
In reverse enginereing you do not allways have to use 'digital' equipement.
You can 'peal off' a smart card layer by layer. You may try this at home
(but you will not get any result). There are other approaches. I do not know
them.
If you are a smardcard maker and you are looking to test the security of
your card click on this http://www.tpd.tno.nl/smartsite.html?id=41 [For
those wondering: only legal.]
It is a highly specialised field of sports. And I think it is costly.

Cheers,
Tom

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • Re: GPO and password policies
    ... where a smart card user would logon to if they were forced to use smart card ... > question somewhere in a exam about different password policies but I must ... >> Only one password policy to a domain. ... >> security measure to secure the resources on that domain. ...
    (microsoft.public.security)
  • Re: SCL Screen Saver ?
    ... There is a security option you ... can try on a computer with smart card readers in Local Security Policy/local ... having a password to use when the Screen Saver kicks on. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Problems enabling smart card login on windows 2000
    ... rates and provide you with turn-key smart card based security ... > Troubleshooting Windows 2000 PKI Deployment and Smart Card Logon ... > | Client Realm: ...
    (microsoft.public.win2000.security)
  • Re: WARGAMES style security
    ... If you're really serious about the logon security, ... (perhaps each using smart card). ... they'll be able to modify the system and log on as a local admin. ... and another to do smart card logon. ...
    (microsoft.public.security)
  • RE: SQL
    ... Subject: SQL ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)