Feeds

Dubai mobe cracking demo barred by Heathrow boffin bust

Authorities impound open source radio gear

Intelligent flash storage arrays

A mobile phone security researcher has been left baffled by UK government airport authorities, who impounded basic equipment while claiming that he could be illegally exporting high-end code breaking technology.

The action meant he had to cancel a demonstration of a groundbreaking exploit of GSM encryption in the Middle East.

Steve Mueller, a German national living in London, was approached by an official while reading a newspaper in the departure lounge of Heathrow's terminal 3. It was minutes before his Emirates flight was due to take off on Monday 14 April.

In his day job Mueller works for a company that helps businesses secure their mobile communications, but was travelling as an independent researcher to present his work on GSM cracking to the Hack in the Box conference in Dubai.

The official identified himself as an export control officer, and took Mueller aside to a search room, where his checked-in luggage had been taken from the plane's cargo hold. After a swift rummage, the officials confiscated his aged Nokia 3310 and a cheap USB device called a Universal Software Radio Peripheral (USRP). They ignored two more phones, a laptop, and a high performance FPGA chip.

"They said they didn't know what it was, so they were taking it," Mueller said in a telephone conversation with The Register. The field on the yellow form he was given to record the confiscation that read, "the goods specified below are detained for the following reason", had been left blank.

Mueller said: "They told me they wanted to make sure I wasn't exporting any cryptanalytic equipment.

"They knew exactly who I was and where I was going. They even knew what time I was speaking."

He boarded the plane without the items, having been told they would be sent away for tests. The Nokia, which Mueller had intended to use as part of a demonstration in his talk in Dubai, also contained his personal SIM. On arrival, he posted in frustration on his blog: "Having a pregnant wife at home and not being reachable complicates my situation."

It didn't particularly surprise Mueller that the authorities were monitoring his work, however. He made waves at the Black Hat conference in Washington DC in February by announcing that he and a fellow researcher had developed a new attack that cracks standard GSM transmissions, encrypted using the A5/1 algorithm, in as little as 30 seconds.

Remote control for virtualized desktops

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.