‘Fake’ cellphone towers found in U.S.

Moritz moritz at headstrong.de
Sun Sep 7 06:25:57 PDT 2014


On 09/05/2014 11:28 AM, stef wrote:
> On Thu, Sep 04, 2014 at 05:57:17PM -0700, coderman wrote:
>> bit more detail here:
>>  https://www.sba-research.org/wp-content/uploads/publications/AdrianDabrowski-IMSI-Catcher-Catcher-ACSAC2014-preprint-20140820.pdf
> 
> catchercatcher has been presented in 2011:
> http://events.ccc.de/congress/2011/Fahrplan/attachments/1994_111217.SRLabs-28C3-Defending_mobile_phones.pdf
> 

SRLabs' works are covered and extended in the new paper by Adrian, a
very good read.

> ..based on the word of a company that markets "firewalled baseband
> phones" and cites personal research in undisclosed locations instead
> of releasing actual data.

I agree. I was asked to review and test a CryptoPhone (and I still use
it daily). The warnings err on the cautious side of things and single
events only rarely/never mean a real attack. Unless we see more data,
this is completely marketing bullshit.

As someone who tries to move forward an Open Source implementation of
something like their (quite limited) Baseband Monitor (misleadingly
called Baseband Firewall), I am pretty annoyed by their patent:
https://patentimages.storage.googleapis.com/pdfs/US20140004829.pdf --
especially given that Frank Rieger, the owner of the patent, is official
speaker for the CCC and should know better.

http://esdamerica.com/ ("Manufacturer of CryptoPhone" - which is
bullshit, since they use unmodified Samsung S3 hardware)

"ESD America’s team maintains operational security and confidentiality
for our clients. Clients include Government, Intelligence, Police,
Military, Narcotics Task Forces and Royalty. Products are centred on
intelligence gathering, surveillance, reconnaissance and encryption as
well as sourcing other specialised products and training."

*shakes head*



More information about the cypherpunks mailing list