Feeds

Dubai mobe cracking demo barred by Heathrow boffin bust

Authorities impound open source radio gear

The Power of One Brief: Top reasons to choose HP BladeSystem

A mobile phone security researcher has been left baffled by UK government airport authorities, who impounded basic equipment while claiming that he could be illegally exporting high-end code breaking technology.

The action meant he had to cancel a demonstration of a groundbreaking exploit of GSM encryption in the Middle East.

Steve Mueller, a German national living in London, was approached by an official while reading a newspaper in the departure lounge of Heathrow's terminal 3. It was minutes before his Emirates flight was due to take off on Monday 14 April.

In his day job Mueller works for a company that helps businesses secure their mobile communications, but was travelling as an independent researcher to present his work on GSM cracking to the Hack in the Box conference in Dubai.

The official identified himself as an export control officer, and took Mueller aside to a search room, where his checked-in luggage had been taken from the plane's cargo hold. After a swift rummage, the officials confiscated his aged Nokia 3310 and a cheap USB device called a Universal Software Radio Peripheral (USRP). They ignored two more phones, a laptop, and a high performance FPGA chip.

"They said they didn't know what it was, so they were taking it," Mueller said in a telephone conversation with The Register. The field on the yellow form he was given to record the confiscation that read, "the goods specified below are detained for the following reason", had been left blank.

Mueller said: "They told me they wanted to make sure I wasn't exporting any cryptanalytic equipment.

"They knew exactly who I was and where I was going. They even knew what time I was speaking."

He boarded the plane without the items, having been told they would be sent away for tests. The Nokia, which Mueller had intended to use as part of a demonstration in his talk in Dubai, also contained his personal SIM. On arrival, he posted in frustration on his blog: "Having a pregnant wife at home and not being reachable complicates my situation."

It didn't particularly surprise Mueller that the authorities were monitoring his work, however. He made waves at the Black Hat conference in Washington DC in February by announcing that he and a fellow researcher had developed a new attack that cracks standard GSM transmissions, encrypted using the A5/1 algorithm, in as little as 30 seconds.

Designing a Defense for Mobile Applications

More from The Register

next story
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.