Re: Questions on GSM Penetration test

From: Tom Buelens (email@tombuelens.com)
Date: 01/26/02


From: "Tom Buelens" <email@tombuelens.com>
To: "M Lister" <mlist@m-net.arbornet.org>
Date: Sat, 26 Jan 2002 20:03:49 +0100


>
> Please forgive me if this sounds naive, but I was under a *STRONG*
> impression that it is practically impossible to copy a smart card. [Isnt
> that what is used as a SIM card]. From the little that I know of smart
> cards, security is their forte. I know absolute security is an unknown
> concept but still copying a smart card, wouldnt that be too
> difficult?? Wouldnt the cost involved in doing so probably be more than
> the benefits?
>
Aren't there Canadians watching US satelite broadcasts ?
Remember how some Canadians experienced the superbowl.
A guy I know from the CISSP review course test the security of smart cards.
In reverse enginereing you do not allways have to use 'digital' equipement.
You can 'peal off' a smart card layer by layer. You may try this at home
(but you will not get any result). There are other approaches. I do not know
them.
If you are a smardcard maker and you are looking to test the security of
your card click on this http://www.tpd.tno.nl/smartsite.html?id=41 [For
those wondering: only legal.]
It is a highly specialised field of sports. And I think it is costly.

Cheers,
Tom

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/