Chaos Computer Club Conference 2009

CCC GSM Session

Like last year I have been to the CCC Conference in Berlin. While there have been the usual hacking presentations and the same booths selling various wares like t-shirts, lock-picking tools, and blicken-light circuitry, there were two new themas for this year: makers and GSM. In fact among the most presentations I went to, two where not realed to computers, the first was about mixing electronics and couture, the second on Con-Langs, artificially built human languages.

Women have always been a minority in the hacking community, so there was something refreshing of having a girl explain how sewing and electronics mix, what thread a stitches to use to get reasonable electric resistance, how to anchor micro-controllers that have been redesigned to be pretty on conductive cloth. The clothes she showed are clearly prototypes, but I would not be surprised to see teenagers wearing such clothes. I was particularly impressed by the velocity of the progress, one slide showed hand sewing the conducting wires, on the next she was talking about programming a stitching machine to build cloth-circuitry.

In general, I think the makers and do it yourself culture has a lot to bring to the hacker community, bringing a broader scope, and realizations that can influence and benefit society at large. Generic components and rapid prototyping machines will in my opinion be the next big thing.

The second noteworthy aspect of the conference was the focus of the security community on the GSM protocol. Given the fact that this protocol is as widely deployed and used as the internet protocol, and has a large impact on the lives of many people, attention is due. This year’s result is that there are now open-source projects to build a test (or rogue) GSM network. After trying to figure out the protocol from the handset side, the community has finally found a way in from the network side.

The results are not pretty, the protocol is riddled with security holes. This is made worse by the fact that this is a master-slave architecture, so the handset blindly trust the network, the network can order mobiles phones to disable themselves, send their position, and probably other things. You can expect nasty discoveries and back-lash from the telecom operators next year.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.