A paper by Alex Biryukov and Adi Shamir to be published soon outlines a method to recover the key for an encrypted GSM conversation in less than a second using a PC with 128 MB of RAM and 73 GB of hard drive space.

The paper describes an attack which exploits subtle flaws in the algorithm which may have been apparent if the algorithm had been available for peer review. The GSM MOU had developed the algorithms in secret relying on the  discredited "security by obscurity" approach. This approach is  certain to guarantee that a failure in security will be a most public event. The attack analyses the out put of the A5/1 algorithm during the first two minutes of a conversation

While the existing attacks on the algorithm are feasible for large organisations, this new attack changes things. It brings the system into the range of ordinary hackers without significant technological resources. Indeed it makes the very idea of hacking GSM seem mundane. That,  is a terrifying thing for the telephone companies that have used the security of GSM as a selling point to get subscribers to convert from the less secure analogue mobile phones.

The smokescreen from the GSM MOU organisation has already started. Speaking to Declan McCullagh of Wired News, James Moran, the fraud and security director of the GSM MOU association claimed that "nowhere in the world has t been demonstrated -- an ability to intercept a call on a GSM network." It was also claimed by the same association that  GSM was "designed to conform to the most stringent standards of security possible from the outset". I guess these people believe their own press releases because GSM was hacked because the algorithms and technology did not conform to the most stringent security standards possible.