Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Cellphones Security Encryption Privacy Wireless Networking

Hacker Builds $1,500 Cell Phone Tapping Device 109

We previously discussed security researcher Chris Paget's plans to demonstrate practical cell phone interception at DefCon. Paget completed his talk yesterday, and reader suraj.sun points out coverage from Wired. Quoting: "A security researcher created a $1,500 cell phone base station kit (including a laptop and two RF antennas) that tricks cell phones into routing their outbound calls through his device, allowing someone to intercept even encrypted calls in the clear. Most of the price is for the laptop he used to operate the system. The device tricks the phones into disabling encryption and records call details and content before they are routed on their proper way through voice-over-IP. The low-cost, home-brewed device ... mimics more expensive devices already used by intelligence and law enforcement agencies — called IMSI catchers — that can capture phone ID data and content. The devices essentially spoof a legitimate GSM tower and entice cell phones to send them data by emitting a signal that's stronger than legitimate towers in the area. Encrypted calls are not protected from interception because the rogue tower can simply turn it off. Although the GSM specifications say that a phone should pop up a warning when it connects to a station that does not have encryption, SIM cards disable that setting so that alerts are not displayed. Even though the GSM spec requires it, this is a deliberate choice of the cell phone makers, Paget said."
This discussion has been archived. No new comments can be posted.

Hacker Builds $1,500 Cell Phone Tapping Device

Comments Filter:
  • Disabled warning (Score:5, Interesting)

    by maxwell demon ( 590494 ) on Sunday August 01, 2010 @11:25AM (#33101236) Journal

    If the GSM spec does specify the warning should be there, does that mean the manufacturers are violating their GSM license when they disable that warning? Or could they be sued for false marketing because the phone you bought does not follow the GSM spec despite being called a GSM phone?

    In short: Could they be (successfully) sued for it?

  • Re:Give it a month (Score:4, Interesting)

    by bsDaemon ( 87307 ) on Sunday August 01, 2010 @11:39AM (#33101316)

    Then there will be another 3 years of court cases and lobbying to make the government pay the cell carriers to upgrade their equipment, although much of the issue is on the phones not properly realizing they're on a bogus tower and not providing the required notification. So everyone will have to upgrade phones if they're on a GSM network.

    Of course, we'll be on iPhone 7 by the time AT&T finally concedes to the upgrade, and iPhone 10 by the time its done, and as they're the only GSM carrier of consequence in the US, user upgrades likely won't be an issue 'cause everyone will be clamoring for it while remaining blissfully ignorant of this situation.

    But the reality of the situation is probably closer to the fact that the government will just let this whole thing slide under the assumption that the easier it is to do, the cheaper they'll be able to obtain 3rd-party products to conduct intercepts for investigations.

  • Re:Give it a month (Score:5, Interesting)

    by poetmatt ( 793785 ) on Sunday August 01, 2010 @11:51AM (#33101360) Journal

    actually, what about the prospect of intercepting our own phone calls?

    As noted if you can do this on a laptop and then voip a call, couldn't people do this at home as a pseudo-femtocell?

  • by hitmark ( 640295 ) on Sunday August 01, 2010 @12:16PM (#33101482) Journal

    have GSM encryption ever been about end to end encryption? My understanding is that the encryption only covers the radio signal, so that someone with a radio scanner cant just grab the call out of the air. The police can get a warrant and make a call to the telco and have them set up a tap at the base station or some other convenient place.

    i suspect the message is not there more out of convenience, as the message would be popping up all the time when going between stations of various generations. Also, we seem to be confusing handset makers (nokia, HTC, apple etc) with the telcos (AT&T, T-mobile). From the summary, its the SIM, not the phone, that says if the message should show or not. That means its the telcos that suppress the message, not the handsets. given the number of involved parties in the mobile phone business, it helps to place the blame where it belongs.

  • Haha (Score:4, Interesting)

    by X.25 ( 255792 ) on Sunday August 01, 2010 @01:09PM (#33101778)

    I can't even explain how common this thing is, and how many geeks are playing with it.

    He didn't actually *build* the hardware, he purchased it - some smart people actually build these things, and hobbyists play with it.

    Why this guy felt like he had to take a credit for it is beyond me.

Logic is a pretty flower that smells bad.