Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Does anyone use this "IMSI-Catcher Detector" on their mobile device?
Does it work?
Is there an equivalent for iOS?

Description:  
Detect fake base stations (IMSI-Catchers) in GSM/UMTS Networks.  

Site:
http://secupwn.github.io/Android-IMSI-Catcher-Detector/

Freeware:
https://f-droid.org/repository/browse/?fdid=com.SecUpwN.AIMSICD


Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
Arthur Jones wrote:

Quoted text here. Click to load it


Here is my analysis:

This goal is certainly doable:
a. Collects relevant RF related variables using public AOS API calls. (LAC,  
CID, TA etc)

This simply won't be enough:
b. Collects detailed BTS information from a pulic database such as  
OpenCellID or Mozilla Location Services

Say the cops/NSA/whomever set up a fake tower but give it connectivity. That  
is, they set up a man in the middle tower. You sniff it and it isn't in the  
database. So what do you do? Do you log it as a new tower? Hey, maybe it is  
new, or maybe it is a Stingray.  

If you attend some event, the odds are there will be a COW. Do you log it?  

No problem:
c. Save everything in our SQLite database

This is a good idea, but everybody should block SMS at the carrier:
d. Detect hidden/silent (Type-0) SMS's

Who knows if this can be done:
e. Detect hidden App installations (Googles INSTALL/REMOVE_ASSET)

I think the fundamental problem with IMSI catching is getting a reliable  
database. The carriers don't provide this database since it would be useful  
to the competition. [We know blah blah blah only has so many towers because  
blah blah blah's database says so.]  

Potentially a MVNO might be able to provide a IMSI sniffer capable service.  

Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Sun, 23 Nov 2014 14:37:31 -0800, miso wrote:

Quoted text here. Click to load it

I agree.


Not likely. And, it's ok not to be 100% anyway.

Quoted text here. Click to load it

Again, less likely than a real tower. And, again, doesn't need to be 100%,  
just like anti virus heuristics aren't 100%.

Quoted text here. Click to load it

Two ways to create a "reliable" database, in so much as /any/ database
is reliable. First is to use known published databases (for example fcc  
databases) and second is to check with openness (crowd sourcing).

Lots of databases are maintained that way.

Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
Arthur Jones wrote:

Quoted text here. Click to load it

I'm assuming you haven't been reading everything on alt.internet.wireless,  
especially since this thread is cross posted.

For all intents and purposes, there is no FCC database. Not since 2003. The  
FCC grants a regional license. If the cellular provider can get their tower  
past the local authority (planning commission, city council, county,  
whatever), the FCC is fine with that, provided it is in the geographical  
region. There are problem some rules with towers near the border of the  
region, but basically the FCC is hands off.

There is a Google database of tower locations, and it is shit.

COWS are quite common.



Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
"IMSI catcher catcher" StingRay counter surveillance project proposal from  
www.cita.es in Madrid, Spain now open for international comments at http://
goo.gl/iKPwQ8  

We are looking for partners in every European country interested in R&D and
 judicial actions, in an European Economic Interest Grouping (EEIG), or wit
h a contract to negotiate in each case but now we appreciate comments and p
roposals considering the draft at http://goo.gl/QGxysR

After years researching and expert witnessing on counter surveillance right
 now we work on
1. Any technology or equipment that can get audio or metadata from GSM mobi
le phones
2. Any instrument useful to detect IMSI catchers or StingRay or fake GSM ba
se stations
3. Any expert witnessing approach for Courts of Law while and after any GSM
 surveillance considering telcos responsibilities on their customers and co
nsumers damages and risks.  

Norway, Sweden, Finland and Germany noticed fake base stations with cheap s
ystems used by journalists unofficially but in Spain there is a criminal ca
se with evidences of illegal use of an IMSI catcher or StingRay in Madrid,  
so we have the chance to expert witness and learn about judiciary limits re

link
https://docs.google.com/document/d/1O0WQHEUNoClIQ1mXsfaOc0plaJz1ASLhPjsbzI5
kJbA/edit?pli=1

IMSI catching is also competition. Whatever is legal for one, must be also  
legal for everybody, but when a Court forbids an activity, it must be forbi
dden for everybody. The Government must use IMSI catchers for law enforceme
nt only for legal purposes, but if public officials use anything like that  
for their own profit or to protect personal interests, the crime is on thei
r side. We suspect why some officials in Spain are 'desperately' trying to  
hide use of surveillance cell towers.  

We are ready to make a complaint about application of European Union law co
nsidering DIRECTIVE 2009/136/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNC
IL of 25 November 2009 amending Directive 2002/22/EC on universal service a
nd users' rights relating to electronic communications networks and service
s, Directive 2002/58/EC concerning the processing of personal data and the  
protection of privacy in the electronic communications sector and Regulatio
n (EC) No 2006/2004 on cooperation between national authorities responsible
 for the enforcement of consumer protection laws (risks to personal securit
y, which may for example arise from disclosure of personal information in c
ertain circumstances, as well as risks to privacy and personal data) as wel
l as enquiries and complaints about application of Union law at http://ec.e
uropa.eu/atwork/applying-eu-law/complaints_en.htm
as you can see in our draft (in Spanish but ready for automatic translation
 to any language) at
https://docs.google.com/document/d/1BhagjjDofZkivOAOLSg5-wmDDKVOi0lG_faUVDQ
152o/edit

If you are interested or you can recommend customers, partners o sponsors i
n any country please send a message to Eng. Miguel Gallardo E-mail: cita902
998352@gmail.com
or call us by phone +34 902998352 CITA & APEDANICA from 9 am to 11 pm Madri
d time  
or just comment this document draft using the option up-right "comments" at
https://docs.google.com/document/d/1Gwk_UTOGT7kzfOzMSpp71WcqDXvBtqM_PTfJsBT
tLow/edit  
Short link at http://goo.gl/iKPwQ8
We shall appreciate broadcasting in Twitter mentioning @miguelencita

Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Sun, 23 Nov 2014 19:46:33 +0000, Arthur Jones wrote:

Quoted text here. Click to load it

The similar Roaming Info reports when the carrier has changed on you.
https://f-droid.org/repository/browse/?fdcategory=Phone+%26+SMS&fdid=com.brapeba.roaminginfo


Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Mon, 24 Nov 2014 07:26:36 +0000, Andrew Beckett wrote:

There is also a GSM security mapper available for some devices.
https://f-droid.org/repository/browse/?fdcategory=Science+%26+Education&fdid=de.srlabs.gsmmap


Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Sun, 23 Nov 2014 19:46:33 +0000, Arthur Jones wrote:

Quoted text here. Click to load it

I just installed the imsi catcher detector on my android phone.
It reports a single screen with three items on the screen.
http://i60.tinypic.com/2e4ja5h.png

I'm not sure what I'm supposed to do with that information though.
How can I tell it's a /real/ tower or not?



Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Mon, 24 Nov 2014 16:06:58 +0000 (UTC), Andrew Beckett

Quoted text here. Click to load it
An even more relevant question since this is an iPhone forum; is there
such an app for iPhone?

Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Mon, 24 Nov 2014 10:33:01 -0600, BobbyK wrote:

Quoted text here. Click to load it

It should exist, since an iPhone is just as vulnerable to  
cell tower spoofing as an Android phone.

I've been testing the two apps on Android, and while imsi  
catcher detector reports the cellphone tower, what I really
want is a /log/ of the changes.  

Then, all I'd want is a pop up when a cellphone tower is
deemed suspicious (based on a given set of conditions).

Neither of the three free apps I tested do that, but, two of
the three I tested (1 and 2 below) tell you a lot of cell tower  
information, while I couldn't get the third to tell me anything,  
and the fourth free app only works on rooted Samsung phones.

1. wigle
2. imsi catcher detector  
3. roaming info
4. gsmmap  


Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
Quoted text here. Click to load it



The problem is whether iOS allows the app access to the
data that it needed to decide if it?s a fake IMSI catcher.

I ran into that problem with something as simple as an
OBDII adapter for cars which allow you to see the engine
diagnostic codes and sensor data on a phone or tablet.
The ones that use bluetooth don?t work with iphones
and ipads because of the detail of how bluetooth is done
by iOS. They work fine with android phones and tablets.

Quoted text here. Click to load it



  


Re: Anyone know if this Android "fake IMSI catchers" software works & exists for iOS?
On Mon, 24 Nov 2014 22:54:51 +0000, Andrew Beckett wrote:

Quoted text here. Click to load it

Here's a quick summary of my testing, after a day:
1. wigle => reports the current cell tower (lots of numbers)
2. imsi catcher detector  => reports the current cell tower
3. roaming info => I can't figure out what this one does
4. gsmmap => only works on rooted Samsung devices

None of them, to my knowledge, pop up a warning when/if the  
tower does something funky, and none leave a log that I know
of for you to manually check.

Given that you have to check in real time, they're not all  
that useful.  

But, it's a start.


Site Timeline