DEF CON 18 - Chris Paget - Practical Cellphone Spying

Рет қаралды 63,272

Күн бұрын

Chris Paget - Practical Cellphone Spying
It's widely accepted that the cryptoscheme in GSM can be broken, but did you know that if you're within radio range of your target you can intercept all of their cellphone calls by bypassing the cryptoscheme entirely? This talk discusses the practical aspects of operating an "IMSI catcher", a fake GSM base station designed to trick the target handset into sending you its voice traffic. Band jamming, rolling LACs, Neighbour advertisements and a wide range of radio trickery will be covered, as well as all the RF gear you'll need to start listening in on your neighbours.
Chris Paget has over a decade of experience as an information security consultant and technical trainer for a wide range of financial, online, and software companies. Chris' work is increasingly hardware-focused, recently covering technologies such as GSM and RFID at venues such as Defcon and Shmoocon. With a wide range of experience encompassing software, networks, radio, cryptography and electronics, Chris enjoys looking at complex systems in unusual ways to find creative attacks and solutions.
For copies of the slides and additional materials please see the DEF CON 18 Archive here: defcon.org/html/links/dc-arch...

Пікірлер: 18

@scottstewart6162 8 ай бұрын

I was watching this like it was released yesterday. I eventually realized that it wasn't and looked to see it was 9 years ago. I'm sure several things have changed, but also that it probably doesn't take much more effort than this video shows to get the same result. Living very populated areas makes you much more at risk of these techniques than those that live in rural areas. Also, living in a warzone, or hostile government, kind of area will raise the chances of interception by a good bit.

@thewhitefalcon8539 8 ай бұрын

Actually, 4G beefed up security, and there was a talk about it at this year's DEFCON. It's called "detecting fake 4g base stations in real time"

@Anvilshock 2 жыл бұрын

DEFCON subject competence: outstanding DEFCON audio competence: appalling

@sjoervanderploeg4340 5 жыл бұрын

I was going to make a smart comment on the SMS part, but then I realized setting up a SMSC to relay messages would indeed not be identifiable by the receiver as the SMSC uses the CID from the MO (in this case you). You could however intercept them and convert them into a flash SMS with the number added, sadly the recipient wouldn't be able to save the message... Who still uses SMS, besides me? :p

@puma9354 4 жыл бұрын

Android users

@brian95240 2 жыл бұрын

Off-the-wall question here, but,, since T-mobile have just told me that 2G support ends in 2022, is there a workaround to use it afterwards? My wish is for someone to create a program that tricks 3G into becoming back compatible and forcing the sim to recognize 3G as 2G. That would allow our dinosaurs to avoid extinction. Plus, imagine how many will end up in a landfill. Whoever is capable, of said 2G spoofing project, would be saving lots of room in such landfills as well.

@thatoneintrovert9618 Жыл бұрын

Couldn't you just create your own GSM network with a USRP?

@brian95240 Жыл бұрын

@@thatoneintrovert9618 is that easy to do?

@thewhitefalcon8539 8 ай бұрын

@@brian95240 no. But it's the nature of things. You can't pretend 3G is 2G, and if you force T-mobile to install a bunch of new 2G equipment across their network, YOU'RE forcing them to produce waste.