[liberationtech] Exactly how are satellite transmissions tapped/intercepted, in Syria and elsewhere?

Brian Conley brianc at smallworldnews.tv
Tue Nov 29 12:33:10 PST 2011 

On Mon, Nov 28, 2011 at 11:47 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:

> On 11/28/2011 08:46 PM, Brian Conley wrote:
> > For the most part I expect users will be relying on satphones and not
> > modems, voice calling, SMS, and email are likely the only use cases
> > they might consider.
> >
>
> That is extremely scary. There is off the shelf hardware/software for
> voice print analysis, recording of data transmitted, SMS archival, etc.
>
>
Of course its scary, so is being an activist and a revolutionary. Please
understand that is not meant to be flip, however I find that the most
important aspect of any tool or guide is to create informed consent, which
means being as clear and upfront as possible about potential risks and the
reality regarding what can be done to create a "best case/worst case" as
well as producing an accurate threat model. I feel that too often people in
a position to help refuse to provide knowledge because they would feel bad
if someone got killed doing something that put them at risk, rather than
asking how many people will get killed without providing access to better
knowledge.

The question I have is what is the method for intercepting the SMS or email
sent by any specific Satphone, I'm assuming you can use radio frequency
triangulation to get the data, and will need another tool to extract the
SMS or email content.


> Such users should consider this for that use case:
> http://www.cryptophone.de/en/products/satellite/
>
> If someone elsewhere runs a cryptophone PBX, anyone could call in and
> call insecure numbers from that PBX:
> http://www.cryptophone.de/en/products/pbx-integration/
>
> It's not free software but I've used it with some success. Bare satphone
> usage is Syria is just scary. I'll just say it directly, it's dangerous.
>

OK, but:

#1 this is operating on thuraya frequencies yes, so won't it still be
subject to triangulation?

#2 i will certainly look into the possibility for acquisition of this item,
but its definitely not going to be anywhere near as accessible as inmarsat,
iridium, or thuraya phones, which brings me back to my core point, since
activists will definitely continue to use these devices, and the barrier to
access for other tools is still so high, there is a need for clear,
concise, accessible documentation about the best/worst case scenarios for
these devices.


> > Any thought what the timeframe for radio direction finding might be?
> >
>
> The saying goes "Attacks only get better" and I'm certain that the old
> adage applies here. There are real time systems for this exact task and
> they are off the shelf surveillance solutions. When you see them in
> action it will probably make you physically ill.
>

Oh I'm quite aware they will make me ill, that's why I brought the
questions to this list, to get some of the best "worst-case scenario input"
I could find. I was asked to help with this, though I'm fairly certain its
a somewhat impossible job. As you've noted repeatedly, satellite
communications are not safe by any estimation, its the proprietary hardware
and many other things that are involved in these issues.


> > I'm also trying to determine whether iridium phones may be any
> > "better" than Inmarsat, and how much better, etc. it's clear thurayas
> > are no longer an acceptable option by any regard.
> >
>
>
> Iridium phones and Inmarsat phones aren't so different in terms of
> security, privacy, anonymity, etc.
>
> For example:
>
> http://www.shoghi.co.in/Thuraya-System,GSM-Interception-System,Voice,Fax-Internet_Monitoring-Analysis_System,Interception,Logging-system,Aerial-Vehicle.pdf
>
> With that said, I think the best device in the world for an impossible
> job is an Iridium Satellite pager. These things are awesome. They are a
> receive only satellite pager that uses the Iridium constellation. It
> works for the entire planet and it's cheap cheap cheap.
>
> You can transmit a message to the pager by visiting a web page that
> works over Tor:
> http://messaging.iridium.com/faq/
>
> More info here:
> http://www.satellitephonesdirect.com/iridium_sendamessage.html
>
> This is the best device for the job:
> http://www.highspeedsat.com/motorola-9501.htm
>
> This is probably also a reasonable device but I've never used it:
> http://www.highspeedsat.com/kyocera-sp-66k.php
>
> If two people have these pagers and both have access to the net via Tor,
> it's possible for them to communicate in a way that doesn't leave a
> trace beyond normal internet/Tor usage. Short of jamming, it's a pretty
> reasonable way to ensure that messages reach a person but the person
> isn't exposed beyond their general region. You can select multiple
> regions too. The Motorola 9501 is a small device and it is easily hidden.
>
> You could easily encrypt a Tor bridge IP address for your contacts in
> Syria and send a new one every hour.
>

Thanks, thats great information and very helpful given the circumstances
individuals in Syria are working with, however still not applicable to
"majority access" however it is definitely worth it to begin raising
awareness about the existence of this tool! I'm assuming it roams
automatically but as with all satellite devices only works with a strong
line of sight at the proper angle?

cheers

Brian


> All the best,
> Jake
>



-- 



Brian Conley

Director, Small World News

http://smallworldnews.tv

m: 646.285.2046

Skype: brianjoelconley

_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list