A security expert has developed an antenna, costing only $1,500 dollars, that can eavesdrop on anyone’s private cellphone calls, even those that are encrypted. The cell phone base station tricks cell phones into routing their outbound calls through it, allowing someone to intercept even encrypted calls in the clear.
The device tricks the phones into disabling encryption and records call details and content before they’re routed on their proper way through voice-over-IP.
The low-cost, home-brewed device, developed by researcher Chris Paget, mimics more expensive devices already used by intelligence and law enforcement agencies – called IMSI catchers – that can capture phone ID data and content. The devices essentially spoof a legitimate GSM tower and entice cell phones to send them data by emitting a signal that’s stronger than legitimate towers in the area.
“If you have the ability to deliver a reasonably strong signal, then those around are owned,” Paget said.
Paget’s system costs only about $1,500, as opposed to several hundreds of thousands for professional products. Most of the price is for the laptop he used to operate the system.
Doing this kind of interception “used to be a million dollars, now you can do it with a thousand times less cost,” Paget said during a press conference after his attack. “If it’s $1,500, it’s just beyond the range that people can start buying them for themselves and listening in on their neighbors.”
Paget’s device captures only 2G GSM calls, making AT&T and T-Mobile calls, which use GSM, vulnerable to interception. Paget’s aim was to highlight vulnerabilities in the GSM standard that allows a rogue station to capture calls. GSM is a second-generation technology that is not as secure as 3G technology.
Encrypted calls are not protected from interception because the rogue tower can simply turn it off. Although the GSM specifications say that a phone should pop up a warning when it connects to a station that does not have encryption, SIM cards disable that setting so that alerts are not displayed.
“Even though the GSM spec requires it, this is a deliberate choice on the cell phone makers,” Paget said.
The system captures only outbound calls. Inbound calls would go directly to voicemail during the period that someone’s phone is connected to Paget’s tower.
The device could be used by corporate spies, criminals, or private investigators to intercept private calls of targets.
“Any information that goes across a cell phone you can now intercept,” he said, except data. Professional grade IMSI catchers do capture data transfers, but Paget’s system doesn’t currently do this.
His setup included two RF directional antennas about three feet long to amplify his signal in the large conference room, a laptop and open source software. The system emitted only 25 milliwatts, “a hundred times less than your average cell phone,” he said.
Paget received a call from FCC officials on Friday who raised a list of possible regulations his demonstration might violate. To get around legal concerns, he broadcast on a GSM spectrum for HAM radios, 900Mhz, which is the same frequency used by GSM phones and towers in Europe, thus avoiding possible violations of U.S. regulations.
Just turning on the antennas caused two dozen phones in the room to connect to Paget’s tower. He then set it to spoof an AT&T tower to capture calls from customers of that carrier.
“As far as your cell phones are concerned, I am now indistinguishable from AT&T,” he said. “Every AT&T cell phone in the room will gradually start handing over to my network.”
During the demonstration, only about 30 phones were actually connecting to his tower. Paget says it can take time for phones to find the signal and hand off to the tower, but there are methods for speeding up that process.
Paget said he could also capture phones using 3G by sending out jamming noise to block 3G. Phones would then switch to 2G and hook up with his rogue tower. Paget had his jammer amplifier on stage but declined to turn it on saying that it would “probably knock out all Las Vegas cell phone systems.”
To address privacy concerns, he set up the system to deliver a recorded message to anyone who tried to make a call from the room while connected to his tower. The message disclosed that their calls were being recorded. All of the data Paget recorded was saved to a USB stick, which he destroyed after the talk.
Customers of carriers that use GSM can protect their calls from being intercepted in this manner by switching their phones to 3G mode if it’s an option.
Source: Gizmodo.
Related News:
Different Standards Of The Cell Connection, How To Boost Them?
Message Sender Sued For Distracting The Driver And Causing The Accident
New Technology To Charge Your Mobile Phone With Your Shoes
Scosche Introduces A Solution For Cellphone Usage During Driving - CellC ...
LightSquared And PCTEL Make Partnership For Fix GPS Interference Issue
MIT's DIY Cellphone : Make Your Own Cellphone Now!Recent Tech News
Verizon Wireless brings a cell phone that is specially built for the travelers. The full QWERTY phone is global ready, i.e. ready to roam with you in over 200 countries. It is a great phone for frequent flyers who needs stay connected where ever they go. This phone is slim, lightweight design and can be carried easily. Other features include TXT/Email, Stereo Bluetooth support, 2MP camera and a large 2.4-inch screen.
Dell’s consumer products division is not doing well lately, because of competition from cheap entry-level products in emerging markets by other companies. The company’s earnings reduced by a factor of three. Its shares tumbled in extended trade. Its consumer unit is struggling to slow down the decline in sales. Overall, Dell is struggling. Now the company is planning to revamp its consumer unit with sales of new touchscreen laptops and tablets featuring Windows 8 OS.
The case between Oracle and Google has dragged on for a while. The court had to determine whether or not Google had used Java APIs in the Android software and that were such infringements covered under fair use. While the jury did agree to the former, it was unsure to the latter question. Now, though, the jury has come out with a decision and it is in favor of Google, ruling that Google didn’t infringe Oracle’s patents.
The hard drive industry has been shrinking rapidly. There have been acquisitions and mergers left, right and middle. One of the main reasons is that the a lot of storage is now going into the clouds, offered by alternate tech giants and the traditional hard drive big-wigs are having a hard trying to catch up. The latest in the list of acquisitions is Seagate’s intents of buying the hard drive vendor LaCie at $186 million.
