A researcher at the DefCon hackers' meet has demonstrated kit for spoofing GSM base stations, allowing even those on a limited budget to intercept phone calls and text messages. The audience attending the talk by Chris Paget were able to see their own handsets transferring to his spoofed base station, with calls receiving a …
Storm in a teacup?
I don't know the timeline of this, but won't the problem go away when 2G is phased out?
Also, in terms of the notification failure, is it not the handset OS's that are to blame?
On the flipside, if you can get your own antenna for $1500 (depending on how much you actually care if people can listen to your calls), couldn't one just use this to boost the signal in your area kind of like the iPod FM radio attachments that were legitimised?
If you're running a spoofed base station, do you need to be able to disable the encryption? Surely you own the BTS and the keys on it, so can decrypt the calls anyway?
"""Surely you own the BTS and the keys on it, so can decrypt the calls anyway?"""
The only way to pass the 3G mutual authentication measures are to pass the crypto data between the legit BTS and the phone, which would normally set up an encrypted channel that you'd simply be forwarding, but which you could not listen in on. Silently disabling encryption would make it rather easy though.
GSM's had quite a good life...
It seems GSM's had a good run over the last 20 years. It certainly seems to have been both secure and reliable in the 17 years since I switched from the old analogue networks (insecure for both billing and calls), but like all old tech it eventually becomes obsolete.
Since the networks now seem to be concentrating on new WCDMA 3G only masts (if they even have their own GSM 2G network - i.e "3") and femtocells like the SureSignal are 3G only, ye olde GSM seems to be fading away - quite litteralty.
My old 1980s NEC 9A only lasted about 3-4 years before having to be replaced with a GSM Nokia 2140. 16 years on and that same Nokia 2140 still works and can make calls and send/receive texts using my current 3G SIM.
Goodbye 2G GSM, you did your job well, but in a world of data and HD voice I guess things move on (I still think 2G will outlive 3G though). :-)