Cell Phone Interception At Def Con

ChrisPaget writes "I'm planning a pretty significant demonstration of GSM insecurity at Defcon next week, where I'll intercept and record cellular calls made by my attendees, live on-stage, no user-input required. As you can imagine, intercepting cellphones is a Very Big Deal in the eyes of the law; this blog post is an attempt to reassure everyone that their privacy is being taken seriously despite the nature of the demo. I'm not just making it up either — the EFF have helped significantly with the details."

Will there be any GSM calls with "no user-input"?

[sznupi]

Is jamming UMTS network also planned? (yes, lots of folks still don't have handsets with UMTS; but at Defcon...)

Re:Just be careful

[Itninja]

Are you sure just intercepting is illegal? I have had police scanners in the past that would pick up cell phone (and nearby cordless phone) conversations all time. My understanding at the time was the law was violated only if I recorded and/or distributed the information. This was years ago, so the laws may have changed....or maybe it was illegal all along and I am a huge criminal.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Feds in audience

[Anonymous Coward]

Is that why defcon attendees are unable to utilize even rudimentary tools to identify the source of a poisoned W.A.P.? Or how about the fact that they flail around with iptables when goatse is replacing all the pics on *everyone's* loading pages?

Am I trolling? Yeah. But some people do consider defcon to be detrimental at this point. HoPE at least maintains a sense of humor and is balanced by the sense that creative works without utility value may still be recognized as inherently valuable by certain observers.

Defcon is more about utility and less about spirit every year if you go by the attendees.

Then again, the best outcome for CyberCommand is an increase in quality of relationships formed between the NSA and the Hacker community now that the guv can at least front that they are separating the application from the theory. Maybe is same for Defcon - doomed to be average and evil so others can be free and good.

Re:Just be careful

[Anonymous Coward]

More than just this, it is taken very seriously. All scanners have to be build not just to block the cell frequencies, but also to not be easily modifiable to intercept them (ie: the cell bands may be different or not blocked for interception in Europe, and often two radios will be sold in different countries and just have jumpers switched to disable/enable bands for transmission/reception...can't do this for scanners on cellphone frequencies. You have to have a separate model that cannot be modified in any easy way to intercept them).

This is taken pretty seriously actually.

Cordless phones, not as big of a deal, old ones were easy to pick up on scanners, modern ones use spread-spectrum technology. Police are also harder now, thanks to digitally trunked systems (see APCO-25). That said, you can still do both of these types of scanning, and do them legally provided there's no encryption.

However...cellphones once again are different. It's not too hard to build something to intercept the frequencies, but even building or owning such equipment is a federal offense. Then, when you use the equipment, that's another federal offense.

So...it'll be interesting to see if any charges as pressed here :)

Re:Smart phone hacks?

[RebootKid]

I leave the hard drive out of my laptop, boot off of read-only media. I write back to flash drives for data that needs saving. I leave my phone in airplane mode. Never had a problem, but have been called "paranoid" ;)