The importance of both mobile network and software security continues to grow as more personal and significant information is communicated wirelessly. Two new attacks threaten the security of the GSM standard, an unwanted headache for mApp developers, while two others threaten the Android and Apple families of moblie operating systems.

Blackberry’s messenger service, BBM, encrypts messages and then routes the data through the company’s servers in Canada. This means the censors can’t read your mail, which irked the Emirate enough to make them take action, signs point to Saudi Arabia following suit.

This is a big setback to causes, like the Green movement in Iran, which spread their message and build momentum online. When governments can route all the country’s data through servers they control, sending anonymous communications becomes very difficult. The question for ICT4D practitioners is how can countries leapfrog to 4G networks and will it be done in a manner that respects privacy and limits government snooping.

As if hiding from the government wasn’t bad enough, GSM security took a double blow from a technology that spoofs a legitimate tower to intercept communications and software that speeds the decryption of the A5/1 algorithm used by many networks both presented at the Black Hat Hackers conference. The “Kraken” decryption software is approaching the point at which live eavesdropping becomes practical.

The spoofing device demoed by Chris Paget takes a different approach to exploiting GSM security. He hacked together an antennae that drowns out legitimate network signals fooling nearby mobiles into establishing connections and thereby allowing him to listen to conversations. He says, “If you have the ability to deliver a reasonably strong signal, then those around are owned.” While his device can’t currently read data, more sophisticated devices used by the intelligence community are able to, and the principle applies to even next generation networks.

The Android App, used to change a phone’s wall paper, had been downloaded between 1 and 4 million times but was shown by mobile security firm Lookout to be secretly sending data to a website registered in China. The data included the SIM card number and voicemail password if programmed into the phone.

The importance of network security becomes even more crucial as the range of services that we use mobiles for expands. Criminal elements could employ a spoofing device to steal banking data or to prevent communications in a conflict zone.

Also on TechChange Main

Is Forcing Open the Internet a Next Frontier for Humanitarian Intervention?

The recent demonstrations in Belarus, Tunisia, Bahrain, and especially Egypt have all recently demonstrated the importance of the Internet and...

Staff Spotlight: Christopher Ford, Senior Director of Hybrid Events

Q: So, tell us more about yourself. Why do you like working on events? I like variety. I like the...

The Health and Development Foundation Launches an IVF/ART School and Celebrates One Year Anniversary of Text4baby Russia

This guest post is by Sara Buzadzhi a past participant in TC309 Mobile Phones for Public Health. Can't wait for June...