This week on Dark Reading there was more talk of the cracking of the GSM A5/1 over the air encryption. There is certainly a lot of attention swarming to this topic, rightly so given the pervasiveness of mobile. In addition the hacker community is making statements of the A5/3 encryption who is built into some of the 3G standards.
I think that the biggest concern does lay solely with the cracking of A5/1, but that there is a HUGE community of software programmers interested in “seeing” how vulnerable these encryption protocols actually are and if they can break them. In general this is a good thing to overcome the Kool-Aid Syndrome (where carriers and mobile technologists because too enamored with legacy and the status quo) and get telecom vendors, standards bodies, and carriers to think innovatively and out of the box. However it’s only a good thing if malicious behavior does not reign supreme.
Imagine if the confidential mobile communications of a government official or corporate CEO were intercepted and held for ransom. Imagine if terrorists were somehow to exploit this vulverability to their advantage. As with any socially and globally impactful technology, there are two sides to the coin: the good side and the dark side!
How do we solve this both near term and long term? Do we ban cellphones in certain instances or environments? Is this even feasible given the human appendages that cellphones and smartphones have become?