did anyone mention the BTS yet?
there's an open-sauce GSM basestation project underway, There are many positive things to say about the http://openbts.sourceforge.net/ project , however it's very likely we'll see fake/pirate/private GSM BTS soon. Did anyone mention that the BTS informs the handset what level of encryption to use - "today, Malcom, we'll be using weak"
GSM eavesdropping is TECHNICALLY EASY - you need a USRP software radio and do upto 3 months typing in Python/C bodging free and open bits of software together. Then private individuals can ELINT/SIGINT/COMINT listen & track GSM, a USRP software radio costs around £520 and is not illegal to own or play with. it's not an overstatement to say - don't do mission critical things on GSM.