Where is the review of your engineer, @jacksparao?The project is very interesting better I will suggest my Kernel Engineer; I feel he is the right person.. He will be writing the review soon...
Last edited:
Where is the review of your engineer, @jacksparao?The project is very interesting better I will suggest my Kernel Engineer; I feel he is the right person.. He will be writing the review soon...
What's the purpose? You can reach me (as well as the OP @E:V:A) here on XDA..Please share your mail id to my private box.. I will share my engineer id.. Note he will be the proper suit..
BTW - are you trying to advertise this XPosed framework thingy on XDA? You also had another "very useful" post in the Open PDroid-thread about it..
You did not get the point of this project. Tools like Xposed are being developed to restrict permissions of apps, but this thread is completely about notifying a user if he is being tracked by forces like the police or other individuals using IMSI catchers.maybe we should ask Edward Snowden this question?
indeed,
(and similar apps) are pursueing the goal of privacy via 3 different routes.
- pdroid,
- Xposed,
- "permission master"
obviously, xposed is the one to run with least effort on the user side, then perm. master, then pdroid (unless you use CM9+).
This mai77 is either ignorant and can't read or part of the NSA trying to discourage development of software that can warn innocent citizens that their privacy is being intruded upon. Sadly, given the latest developments, the latter is more likely of the two.
Too bad @E:V:A did not reply, hope he'll keep contributing. Set your bookmarks to THIS WEBSITE and THIS GITHUB!@E:V:A, if you're still alive, I'd appreciate if you share where YOUR GitHub is located! Would be cool if we had ONE place to start and not three different GitHub accounts with scattered progress. Thank you ahead for replying.
You bet, I hope that this project will get featured one day on the XDA portal to attract even more developers.This is superbly reassuring! Looks like there is interest and ground work being done at the academic level.
Wise words, but sadly, only security enthusiasts realize that. The goal of this thread should be to create an app, that makes it easy for the average user to get in touch with security in a rather playful way and get notified on threats. The interface of the final app shall be as uncluttered and simple as possible. But that is why I have set up the new GitHub - to let people contribute.Security in phone communication is certainly an already huge and growing concern, as mobile devices, most notably, our smart phones are increasingly relied upon as the main form of communications and entertainment across the globe. Whoever can tap into private data transmitted between such devices without consent, will have unprecedented and unfair political and economic power advantage.
Well, our app may not change how the world is working, but certainly it will make a difference. Let's see..Do we want our children to inherent a World where their ideas and actions can make a difference or one where it can not?
Ha, you better do that! I'm counting on everyone to keep this project alive and flowering. Let's hack this!Definitely keeping a watch on that project. And spread the word.
Let me summarize your post: You clearly have not understood the point of this project and make it way too simple. Don't get me wrong, but you are one of these guys why other people or developers leave or even not start anything due to annoyance of this type of "smart thinking" of peeps who tell them "with money you can already buy all that crap already". Thanks for your answer here, but PLEASE learn english first, then read everything carefully again and rethink your "smart" theories. Don't get depressed, posting while drunk happens to the best of us.i have read the thread and i think you are a little overcomplicating the situation:
i want to point out a few options and i can link you to where you can buy these products, ill try to be historically correct
maybe we should ask Edward Snowden this question ... indeed, pdroid,Xposed,"permission master"
(and similar apps) are pursueing the goal of privacy via 3 different routes.
...
UPDATE: Found two interesting projects who are already on GitHub! Check out the Master Thesis, Software to detect IMSI-Catchers. Especially the Papers-Section is a small gold nugget. Even more awesomeness: Smartphone Attack Vector!
...
"The nation’s mobile phone carriers received more than 9,000 requests last year for cell-tower dumps, which identify every mobile phone at a particular location and time, often by the thousands."
Thank you so much for being back with new stuff on the matter, @E:V:A! I just added your clarification to the GitHub pages as well as to the corresponding website. If there's more you'd like to see there, feel free to let me know. Here's my suggestion: We already have the developer roadmap, but wouldn't it be more useful to break it down into smaller steps? We could assign each small step to specific users who could then contribute that to the GitHub? Would be cool if you add the GitHub link to the OP.This project:
- Detects IMSI based device location tracking
- Provides counter measures for device tracking
- Can provide swarm-wise-decision-based cellular service interruption
- Can provide secure wifi/wimax alternative data routes through MESH-like networking.
- Detect and prevent remote hidden application installation
- Detect and prevent remote hidden SMS-based SIM attacks
- Prevent or spoof GPS data
- Does NOT secure any data transmissions
- Does NOT prevent already installed rogue application from full access
Other projects:
- Provide full device encryption
- Provide secure application sand-boxing
- Provide secure data transmission
- Provide firewalls
Sound good.T...We already have the developer roadmap, but wouldn't it be more useful to break it down into smaller steps? We could assign each small step to specific users who could then contribute that to the GitHub? Would be cool if you add the GitHub link to the OP.
Wait a minute.. yep, now I did. Thank you for adding it! If you have a free minute (I know it's difficult), are you able to break down the preliminary development roadmap into smaller, assignable steps? Have a great day!
[...] there should be a Ciphering Indicator (CI) showing the user when the GSM phone/data connection is not using encryption. Unfortunately for many people in the rest of the world, this feature have not been properly (if at all) implemented in the Android OS
[...]
The problem is that since this is an "administrative operation", it may require something called a "facility lock password". However it is not clear to me what this is. Is it just a CHV PIN/PUK or is it something only known to the OEM or cellular service provider?
Awesome, thanks for sharing! I'll contribute once the tool works with my HTC ONE. @E:V:A: I just discovered your announcement in the CatcherCatcher mailing list. Even developer Sascha of the SRLABS-Team did sent a separate callout to all developers. Do you have a good idea on Issue #1? You may leave your comment there. Thanks for digging forward with us!Our friends over at srlabs.de just released GSMmap - a tool that checks which encryption methods are used by your network operator.
https://opensource.srlabs.de/projects/mobile-network-assessment-tools/wiki/GSMmap-apk
Source is available under the terms of GPLv3.
https://opensource.srlabs.de/projects/mobile-network-assessment-tools/repository/gsmmap-android
EF - Elementary Files
AD - Administrative (Data) Field
BCD - Binary-Coded Decimal (compressed)
CHV - Card Holder Verification (usually your SIM code)
TLV - Tag, Length, Value
BER-TLV - Object that conform to the Basic Encoding Rules (BER)
RFU - Reserved for Future Use
-----------------------------------------------------------
Name: EFAD (Administrative Data)
Identifier: '6FAD' (28589)
File size: 3+X bytes
-----------------------------------------------------------
Byte Description
-----------------------------------------------------------
1 UE operation mode
2-3 Additional information (incl. cipher indication)
4 Length of MNC of IMSI
5-X RFU
-----------------------------------------------------------
UE Operation Mode: (byte 1)
-----------------------------------------------------------
This is the mode of operation for the MS.
Coding: (Initial value)
'00' - normal operation
'80' - type approval operations
'01' - normal operation + specific facilities
'81' - type approval operations + specific facilities
'02' - maintenance (off line)
'04' - cell test operation
NOTE: All other values are RFU (reserved for future) use
-----------------------------------------------------------
Additional Information: (byte 2-3)
-----------------------------------------------------------
Coding:
- Specific facilities code (if b1=1 in byte 1);
- ME manufacturer specific information (if b2=1 in byte 1).
Ciphering indication is enabled by enabling both the specific
facilities bit (b1) in byte-1 AND the cipher indicator bit (b1)
in byte-3. Thus the administrative data field has to be:
Byte-1: 0x01 0000 0001
Byte-2: 0x00 0000 0000
Byte-3: 0x01 0000 0001
Byte-4: 0x02/3 0000 001x
-----------------------------------------------------------
Length of MNC in the IMSI: (byte 4)
-----------------------------------------------------------
The length indicator refers to the number of digits,
used for extracting the MNC from the IMSI.
This value codes the number of digits of the MNC in
the IMSI. Only the values (b1-b2) '0010' and '0011' are
currently specified, all other values are reserved
for future use.
-----------------------------------------------------------
Relevant Documents:
TS 22.101
TS 31.102
TS 33.102
-----------------------------------------------------------
AT+CRSM=<command>[,<fileid> [,<P1>,<P2>,<P3> [,<data> [,<pathid>]]]]
<command> This is the operation to be performed:
176 READ BINARY
178 READ RECORD
192 GET RESPONSE
214 UPDATE BINARY
220 UPDATE RECORD
242 STATUS
<fileid> This is an integer which is the identifier of a elementary
datafile (EF) on SIM. Mandatory for every command except
STATUS and may be e.g.:
Hex Dec File
---------------------
6F37 28471 ACMmax
6F07 28423 IMSI
6F39 28473 ACM
6F41 28481 PUKT
6F42 28482 SMS
Structure:
[CLA INS P1 P2 P3 Data]
The bytes have the following meaning:
CLA Is the class of instruction (ISO/IEC 7816-3 [25]), 'A0' is used in the GSM application;
INS Is the instruction code (ISO/IEC 7816-3 [25]) as defined in this subclause for each command;
P1, P2, P3 Are parameters for the instruction. They are specified in table 9. 'FF' is a valid value for
P1, P2 and P3. P3 gives the length of the data element. P3='00' introduces a 256 byte data transfer
from the SIM in an outgoing data transfer command (response direction). In an ingoing data transfer
command (command direction), P3='00' introduces no transfer of data.
SW1 and SW2 Are the Status Words indicating the successful or unsuccessful outcome of the command.
-------------------------------------------------------------------------------
Dec. <sw1> <sw2> Description
-------------------------------------------------------------------------------
144 0x90 0x00 normal entry of the command, indicating OK
103 0x67 0xXX incorrect parameter P3
0x6B 0xXX incorrect parameter P1 or P2
0x6D 0xXX unknown instruction code given in the command
0x6E 0xXX wrong instruction class given in the command
0x6F 0xXX technical problem with no diagnostic given
0x9F 0xXX length XX of the response data
0x92 0x0X update successful but after using an internal retry routine X times
0x92 0x40 memory problem
0x94 0x00 no EF selected
0x94 0x02 out of range (invalid address)
0x94 0x04 file ID not found; pattern not found
0x94 0x08 file is inconsistent with the command
0x98 0x02 no CHV initialized
0x98 0x04 Access condition not fullfiled / unsucc. CHV verify / authent.failed
0x98 0x08 in contradiction with CHV status
0x98 0x10 in contradiction with invalidation status
0x98 0x40 Unsuccessful CHV-verification. Or UNBLOCK CHF / CHV blocked /UNBL.blocked
0x98 0x50 Increase cannot be performed. Max. value reached
-------------------------------------------------------------------------------
[B]AT+CRSM=176,28589,0,0,3[/B]
+CRSM: 144,0,"000000"
==> Bytes: 1-3 = 00,00,00
byte1: "MS operation mode"
byte2: "Specific facilities" B1
byte3: "Specific facilities" B2 (+ cipher indication)
==> [COLOR=Red]Ciphering indication is disabled[/COLOR]
Note: a response like this "+CRSM: 103,3" indicates that there is
a problem with P3 and that the value for P3 should be 3.
AT+CRSM=214,28589,0,0,3,"010001"
AT+CRSM=214,28589,0,0,3,"100010"