So while these very high level alerts from Pwnie are nice, I want to see what is really happening. Have I gotten any silent SMS or silent calls ? What network am I on and what cellID am I on ? Do I have an encrypted connection ?
I'm fairly certain that Pwnie does not have a baseband that they control and so there is a lot they (and we) cannot do, but there are things that can be done, and that outdated table of suspicious events can probably be expanded (and updated for LTE).
Comments ?
I was at their booth today at RSA and they confirmed that these cellular functions are not available on the PWN Phone, which makes me suspicious that the cell modem they are using is not a USB modem, but rather a minipci module that goes into their box. Would like to know what modem they chose...
That's useful. It should be possible to do almost as well with a suitably programmed phone, if you can get to the RF control level. What's needed is something that gives to the app level the same kind of info that's available for nearby WiFi stations. Then anyone could write analysis apps.
"Cell tower pinning", so that your phone remembers the cell towers in an area and reports new ones, would be useful. When a new one pops up, that's an interesting event. That capability would be useful for other purposes, such as finding and reporting coverage holes.
I kind of wish we would just use a more secure cellular protocol to begin with. And I know that's a lot to ask for, but can't we just have nice things?
Encrypted content over the cellular protocol seems more plausible than a secure protocol, given that a) it's a feature that phones can roam across networks and b) the way these "exploits" work is for LE to emulate an endpoint in a system whose principles actively collaborate with LE (to some degree under force of law).
https://opensource.srlabs.de/projects/mobile-network-assessm...
(scroll down to table)
So while these very high level alerts from Pwnie are nice, I want to see what is really happening. Have I gotten any silent SMS or silent calls ? What network am I on and what cellID am I on ? Do I have an encrypted connection ?
I'm fairly certain that Pwnie does not have a baseband that they control and so there is a lot they (and we) cannot do, but there are things that can be done, and that outdated table of suspicious events can probably be expanded (and updated for LTE).
Comments ?
I was at their booth today at RSA and they confirmed that these cellular functions are not available on the PWN Phone, which makes me suspicious that the cell modem they are using is not a USB modem, but rather a minipci module that goes into their box. Would like to know what modem they chose...