AOH :: IS1552.HTM

DECT phones and POS terminals are vulnerable

DECT phones and POS terminals are vulnerable
DECT phones and POS terminals are vulnerable 

By Peter Judge
05 January 2009

German security experts have built a cheap laptop-based sniffer that can 
break into cordless phones, debit card terminals and security door 
mechanisms - and the same gear will also work on the next generation of 
DECT, known as CAT-iq.

The attack on DECT, demonstrated at the 25th Chaos Communications 
Congress in Berlin on 29 December, used a Linux laptop with a modified 
.23 laptop card. It can intercept calls and information directly, 
recording it in digital form. Even if encryption is switched on, the 
system can bypass encryption - simply by pretending to be a base station 
that doesn't support it.

The DECT protocol is used in many millions of cordless phones, as well 
as in wireless debit card readers, security doors and traffic management 
systems. It has encryption built in, but the protocol is kept secret. At 
one time DECT was expected to be replaced by Wi-Fi, but it is being 
built into broadband routers, and a new generation of DECT is being 
prepared under the CAT-iq brand.

"CAT-iq merely adds new features such as wideband codecs and audio/video 
streaming to the existing DECT standard," said Ralf-Philipp Weinmann, a 
a cryptographer working in the LACS group at the University of 
Luxembourg, and part of the Dedected group that demonstrated the DECT 
problems. "It does not change anything security-wise. Hence our attacks 
apply to products implementing CAT-iq as well."


Please help with a donation! 

Site design & layout copyright © 1986-2014 CodeGods