Kevin J. O’Brien, New York Times:
Karsten Nohl, founder of Security Research Labs in Berlin, said the encryption hole allowed outsiders to obtain a SIM card’s digital key, a 56-digit sequence that opens the chip up to modification. With that key in hand, Mr. Nohl said, he was able to send a virus to the SIM card through a text message, which let him eavesdrop on a caller, make purchases through mobile payment systems and even impersonate the phone’s owner.
Black Hat begins in Las Vegas on July 27, while Defcon begins on August 1. It therefore isn’t surprising that security breaches and issues are being announced this week. You can expect a lot more where this (and the Apple Developer Centre breach) came from.