Feeds

How I hacked SIM cards with a single text - and the networks DON'T CARE

US and Euro telcos won't act until crims do, white hat sniffs

Top 5 reasons to deploy VMware with Tegile

Karsten Nohl, the security researcher who broke into SIM cards with a single text, has told The Register he is dismayed by the mobile industry's lukewarm response to his revelations - and has revealed, for the first time, exactly how he did it.

Nohl thought exposing the flaws in SIM security would force the telcos to fix them. Theoretically, the two flaws would have worked in tandem to intercept calls and threaten the security of wireless NFC applications - such as pay-by-wave and other contactless payments.

The German expert now claims that the most serious of the two flaws has been deliberately ignored by an industry that wants to, allegedly, keep the backdoor ajar so that it can silently roll out software updates to handsets... a gaping access route that may not be closed until it's too late.

Nohl discovered he could infiltrate SIM cards by sending specially formatted SMS messages, and found a flaw that would enable him to break out from the cards' inbuilt security sandbox. Yet he was astonished to discover that despite publicly announcing patches and giving every impression of caring, the industry had – according to Nohl – actually done nothing to fix the problems.

"We thought our story was one of white-hat hacking preventing criminal activities," Nohl told El Reg, lamenting that "as there is no crime, so no investigation". Despite CNN reporting that his own flaw had been used to distribute a fix, Nohl told us that the JavaCard bug was "here to stay" and was so "obvious" that it has to be "a backdoor, gross negligence, or both".

Safety by numbers

The first exploit, enabling an attacker to install an application in the secure storage area of a SIM card, has been examined in these pages before, but that only represents a threat if the injected software can break out of the JavaCard sandbox. Nohl claimed that was possible, but until now hasn't explained exactly how.

JavaCard is an operating system, sharing only a name and some syntax with the Java language. JavaCard licensees get a reference implementation from Oracle and then add their own secret source code to differentiate their products, so not all manufacturers' SIMs had this flaw – but many did.

Java, even the version used by JavaCard, is supposed to be "memory safe" in that there are no pointers with which one can read, or write to, arbitrary locations in memory. Cardlets (as JavaCard apps are known) can only reference data structures they create themselves, and there's no mechanism for inter-cardlet communications.

What Nohl discovered was that by referencing a variable which referenced a variable which referenced an array he could bypass the bounds check that JavaCard is supposed to perform. Create an array of 10 elements, reference it from a distance and address the eleventh location, and secured memory is yours to explore – and rewrite – as you wish. Exploiting this to malicious ends is left as an exercise for the reader.

Nohl says he warned Gemalto, the world's largest SIM card manufacturer – which is among those SIM-makers whose cards exhibit the flaw – about the existence of the bug. Gemalto, Nohl alleges, told him that it didn't matter – only signed applications could be run so their ability to breach the sandbox was irrelevant.

But the researcher points out that in 2010 Gemalto was able to upgrade bank cards in the field after a calendar bug broke millions of German cards. Bank cards are not designed to be upgraded after being issued, and Nohl contends that a similar flaw was exploited then.

The Register put both of Nohl's allegations to Gemalto, but it had not responded at the time of publication.

GSM standard

It's the combination of SMS exploit (to gain the application key) and JavaCard flaw (to break out of the sandbox) that makes the situation worrying, along with Nohl's contention that network operators have become overly reliant on the GSM standard and are losing the skills necessary to secure their systems.

"Smaller networks don't even know what the SIM cards are configured to do," he told us. He claimed that in the US, network operator Sprint isn't authenticating or encrypting SIM updates at all, and that both Vodafone and Telefonica are still issuing SIM cards with the insufficiently secure 56DES cryptography.

We've asked Voda and Telefonica about Nohl's claims, but only had a response from Vodafone UK by the time of publication: the telco said that (in the UK at least) strong encryption has been mandated for "many, many, years".

This is still quite an obscure attack, requiring a hacker familiar with the memory layout (the soft mask) of the SIM, and one prepared to send the multiple SMS messages necessary to crack the software update key. For the moment the effort probably outweighs the payoff, but that will change as SIMs increasingly host banking and loyalty apps (as well as popular social networking services like Facebook Chat), making them a more attractive hacker target.

As Nohl put it: "Skills are underdeveloped because the crimes are underdeveloped ... crime is even more convincing than anything."

Until there's a serious crime using this insecurity, the vulnerabilities in our SIM cards will probably remain. ®

Beginner's guide to SSL certificates

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?