尽管诺尔不会在7月30日于拉斯维加斯召开的黑帽安全技术大会前正式展示他的研究结果，但他已与全球移动通信系统协会(GSMA)分享部分成果。发言人克莱尔·克兰顿告诉《纽约时报》记者：

　　我们已经开始考虑这些安全漏洞所带来的影响，并着手向网络运营商已经SIM卡供应商提供技术指导。

　　看上去他们正在开始着手处理这件事，并且完全信任如AT&T和Verizon这样的网络运营商可以快速及时地解决这些问题。

　　译者：张免

　　Millions Of Cell Phones Could Be Vulnerable To This SIM Card Hack

　　With the NSA leaks going full force it probably won't sound like news at all that a German cryptographer claims to have hacked a SIM card. But that's never been done before, so it's kind of a big deal, and shows that millions of phones are potentially vulnerable.

　　The founder of Security Research Labs in Berlin, Karsten Nohl, studied the encryption methods in thousands of SIM cards to figure out how a hacker could find the card's unique 56-digit access key. The vulnerability he discovered could impact as many as 750 million phones and would open them to call surveillance, fraudulent purchases and even a type of identity theft. Nohl told Forbes,

　　Give me any phone number and there is some chance I will, a few minutes later, be able to remotely control this SIM card and even make a copy of it.

　　In addition to compromising access keys, Nohl discovered a flaw in the "sandboxing" technique that keeps sensitive data separate on SIM cards. By sending a binary SMS to a number of phones, he can collect data that eventually allow him to break through the encryption on some of the phones. Each vulnerability Nohl identified only applies to certain SIM cards, but in the wrong hands they could endanger a large percentage of the SIM cards in use right now.

　　Though Nohl isn't officially presenting his findings until the Black Hat security conference in Las Vegas on July 30, he did share them with the GSM Association. A spokeswoman, Claire Cranton, told the New York Times:

　　We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted.

　　Definitely sounds like they're on it, and totally trust enormous mobile providers like AT&T and Verizon to act quickly and nimbly in resolving this issue.

　　希望手机运营商尽快给出解决对策，同时希望此技术不要为别有用心之人所掌握。

转截请注明:文章来自 pc捍卫者 http://www.pchwz.com 本站发布此文为传递更多信息之目的,不表明pc捍卫者赞同其观点