NSA spying: What's the best phone encryption & IMEI random number generator?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
With all the NSA mass data collection on us going on, is there a  
way for we Americans to encrypt our phone calls and to randomly
change our IMEI numbers with each phone call?

It's not illegal, I already know that, at least not in the USA
- NOTE: In Britain, I think it's illegal to change your IMEI but  
not in the USA. In France, I think it's illegal to use encryption,  
but not in the USA.

So, this is only a USA question:

Q: Is it possible for us to encrypt our (smartphone Android)
phone calls (I have a Galaxy SIII with 4.1.2) and to randomly
change our IMEI numbers?

NOTE: No individual can hide from a state-sponsored adversary should
that adversary AIM for them; however, I'm not worried about them  
aiming specifically at me as much as my duty as an American citizen
to protect what little privacy we have left (which is what this  
country stands for).


Re: NSA spying: What's the best phone encryption & IMEI random number generator?

I should know better than to answer such a question.

Quoted text here. Click to load it

<
http://www.youtube.com/watch?v=AmpXFju2XTk

I haven't tried it, nor do I plan to.  The problem is that your cell
phone account is tied to the IMEI/ESN number.  You can change it, but
in order to make a phone call, you'll need to inform your service
provider.  That pairs the new IMEI with your previous phone number,
which is easily traceable.  Unless you're dealing in stolen phones,
juggling IMEI/ESN numbers on your own phone is a waste of time.

Quoted text here. Click to load it

It may not be illegal (I don't know for sure), but it will certainly
bring down the wrath of the cellular provider if you get caught.  I
almost had that problem.  I've been buying and selling used cell
phones for many years.  In order to test the phones, I just change the
IMEI/ESN number on the VZW web page or just do the *228 thing.  After
testing the phone, I would put the account back to my original phone.
One day, I did about 15 phones in succession when I got an SMS message
to call VZW.  I was transferred to security, who wanted to know what
the [expletive] I was doing.  I played dumb and he eventually went
away.  

Quoted text here. Click to load it

Not randomly.  You need to make sure it's still the number for the
same type of phone.  You don't want to accidentally register a phone
that doesn't have data or you may find yourself without data service.
Also, with 7 billion phones and who knows how many devices out there,
there's a fair chance you're going to either hit a phone in use or a
stolen phone.  You might want to check the IMEI/ESN first.
<http://checkesnfree.com

Quoted text here. Click to load it

That's right.  Errr... Far Right.
So much for the science fiction.  Now, let's do it the right way...

I don't think you're going to be able to do much inside the phone. You
could probably write an Android SIP client with built in encryption
and use the phone data only.  That can get expensive but is probably
secure.  
<http://www.cellcrypt.com
<http://cryptophoneaustralia.com/background/cryptophone-technology/
<http://en.wikipedia.org/wiki/Crypto_phone

A slightly more sane method is to use a handset with built in audio
encryption.  That scrambles just the audio, and will work over
land-line, VoIP, Skype, as well as cellular.  You can probably roll
your own with a PIC that has an A/D and D/A inside.  
<http://blog.modernmechanix.com/wiretap-proof-telephone/
Well, maybe something smaller:
<http://www.pimall.com/nais/cellphonevoicekeeper.html

Good luck and please don't ask me for bail money.


--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558


Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Voice codecs are (gasp) designed to work with voice. When you try to put  
anything other than voice through them, all bets are off. So playing  
with the analog audio doesn't work well over a codec.

Analog encryption methods don't work so well even on a POTS or NFM link.  
Schemes like frequency inversion for example. Some words shoot right  
through inversion since your ear/brain locks on the cadence. Rolling  
code inversion is a bit better, but really, you need to go digital for  
encryption.

I've been looking at what the feds buy for their secure SIP. You can  
trawl fbo.gov and look for yourself. Here is one example:
Quoted text here. Click to load it

But it seems to me you are going to need to manage certs. It would be  
tough to call anyone at random and be encrypted.

If you have been to the NSA museum, they have an old analog encryption  
system that consisted of LPs and fancy turntables. Presumably each site  
had the same LP. I don't know how they phased locked the system, but it  
was a Bell Labs project, so they could have synced through the telco  
system on another line.

Basically if your "locals" are identical, you can mod/demod anything  
with a mixer. People have done this using broadcast signals as the  
modulation source, i.e. the audio from broadcast, not the RF itself.  Of  
course you both have to be able to receive the same radio or TV station.

The Mumbai attack was coordinated with Blackberry BBM. Secure enough to  
confuse India. Incidentally BBM should be cross platform shortly. The  
apps for non-Blackberry devices have been submitted to the app stores.

Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it

The external audio scrambler was obviously for voice only.  I forgot
to mention that it doesn't work well with data, fax, or analog modems.

Quoted text here. Click to load it

Really?  Remind me to intoduce you to the local commerical fishermen,
all of whom use voice scramblers of one form or other.  It works just
fine over VHF marine radio.  Not so well over the new narrow band FM
radios.  Most popular technology seems to be rolling code inversion.
For example:
<http://www.midians.com/html/voice-security-products.php

Quoted text here. Click to load it

They do go digital.  Inversion is too easy to decode.  Any computer
that can simulate a multipler, tone oscillator, and low pass filter,
can demodulate speech inversion.  If you look at the spectra on an
analyzer, you'll see a "hole" or dip at the inversion frequency.  The
inversion frequency will hop around, but I'm told a DSP can mostly
follow it.  Extra credit for speech inverters with carrier leakage at
the inversion frequency.

Quoted text here. Click to load it

The latest for long range is a GPSDO (GPS diciplined oscillator).  As
long as the pseudo random codes are time synced, everything sounds
quite clear.

Quoted text here. Click to load it

RIM/Blackberry is losing customers to Apple and Android devices and is
finally opening up their network to competative devices.  

Oops.  Gotta run.
--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On 9/8/2013 8:27 PM, Jeff Liebermann wrote:
Quoted text here. Click to load it

The Serbs used these speaker-mics during the war. Really terrible.  
Easily defeated by any intelligence agency. If Somalia had a NSA, they  
could defeat the system.
Quoted text here. Click to load it
Like I said, rolling code works. But that is NOT a simple inversion  
scheme. Rather, the change the code in a psuedo random manner. MXComm  
used to make those chips. [I'd have to see if they are still in business.]

In the 80s, I was doing modem chips. We had plenty of voice band mixers  
handy and tried simple frequency inversion. Some words shoot right  
through. Cadillac for instance. You could even tell the difference  
between go and no. The CADOJ used to use these frequency inverters, but  
there are computer programs to decode them with sound cards. There are  
555 plus op amp circuits to do simple inversion decoding.

The GPSDO is just an accurate time base. I have a Starloc. You are  
probably thinking of something else.




Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On Sun, 08 Sep 2013 20:44:59 -0700, miso wrote:

Quoted text here. Click to load it

I'm curious what software? I used Daisy loooooooong ago. Very long ago.
Then I got out of the business of designing chips.


Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On 9/8/2013 9:24 PM, Misha wrote:
Quoted text here. Click to load it
I used the Daisy back in the day. What was it we did? Sing, drink,  
dance? I've also run the old Calma GDS1 with the storage screen, but  
never the digitizer. Also the old Aplicon that used the gestures way  
before people talked about gestures.



Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it

I used the 3D Applicon mechanical system on a DEC PDP-11/34 do design
microwave radios in about 1982.  I used the pen and tablet to do the
gesture thing, but found the menu picker tablet overlay thing easier
to learn.  Everyone had a gesture cheat sheet taped to their monitor
as there were just too many gestures to remember.


--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On 9/9/2013 6:54 PM, Jeff Liebermann wrote:
Quoted text here. Click to load it

The Applicon had such a ridiculously large menu that you have to wonder  
why they bothered with gestures. Like what did it save? The companion  
plotter was that "air hockey" thing. Xynetics?

Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it


The Applicon menu system was not very heirachial.  It had maybe two
levels (2D, 3D, and I/O).  Effectively, it was flat menu system with
thousands of commands and jestures.  I drew most of the lines from the
command line.  It was easier than trying to draw on the screen.  

One big problem for me was that most of what I was doing on the 3D CAD
system was not authorized.  Officially, I was using the CAD system
after hours to "learn" how to use the system.  Instead, I was
brainstorming and designing the next generation of products.  One of
the VP's drifted by every few evenings to look over my shoulder and
ask questions.  Somehow, I forgot to mention that what I was doing was
NOT what the company was going to be producing.  He liked what he saw
and was furious when he discovered that the real product looked more
like the traditional rack mounted behemoth.  I later implimented those
ideas for other companies.

Quoted text here. Click to load it

Yep.  Xynetics.  I don't recall which model.  We later got a vertical
bed pen plotter, that saved on floor space.
<http://en.wikipedia.org/wiki/Applicon
Somewhat later, there was a Xynetics bed plotter at Intel, Santa Cruz
that occupied most of a room.  Offhand, I would guess a 6x15ft bed.  I
have no idea how they got it in and out of the building.  Probably in
pieces.  Nice white formica surface, perfect for air hockey.


--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it

Yep, except that I was collecting them.  At one point, I had about 10
of them with various interfaces and power systems.  Cheap printers
that generated no RFI for VHF and HF packet radio.  Very easy to
refill the ink carts.  I used the HP-IB version on some of my test
equipment for screen and diagnostic dumps.  I think I paid about
$15/ea.

--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On 9/11/2013 11:26 PM, Jeff Liebermann wrote:
Quoted text here. Click to load it

Uh, assuming they would print! That was the problem with the stinkjet.  
We threw away about 50 or so.

I think in the stinkjet era we used HP pen plotters.

Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On Thu, 12 Sep 2013 13:04:16 -0700, miso wrote:

Quoted text here. Click to load it

Personally, I gave up on the consumer HP printers after dealing with the  
end-of-life chips they put in the ink tanks (I'm not even talking in the  
printer heads, mind you - but in the ink tanks themselves!).

However, I still use (and love) HP office B&W laser printers; but I will  
never buy another HP ink printer for the rest of my natural life!


Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it

Tis true.

Another problem is HP ink fades.  My office graphic artist would hang various posters she  
created on HP DesignJet and other HP printers and all the artwork faded.


--  
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On Sun, 08 Sep 2013 20:27:10 -0700, Jeff Liebermann wrote:

Quoted text here. Click to load it

Hi Jeff,
Just curious. Why would the Santa Cruz fishermen need to scramble
their voices?


Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it


They don't want the other fishermen to know if they're catching fish
or where they're located.  Any fishing boat stupid enough to announce
their position and their catch is likely to find themselves in very
crowded waters.

We have a chronic problem with one of the sheriff repeaters.  One of
the European marine frequencies just happens to land on the repeater
input.  When the cruising commercial fishing boats arrive in the area,
the repeater is polluted with scrambled audio.  Fortunately, it's only
in the early morning, when the fish are active.  It became a
sufficiently irritating problem that some official managed to get the
FCC enforcement burro involved.  That turned into a farce, and did
nothing useful.

Phil Zimmermann (author of PGP) has a new company:
<https://silentcircle.com
<http://www.cnn.com/2012/08/11/tech/silent-circle-encryption/index.html
<https://business.silentcircle.com/silent-phone/
Again, note that the encrypted smartphone calls are made over the data
channel, not the voice channel.

--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On Sun, 08 Sep 2013 14:26:27 -0700, Jeff Liebermann wrote:

Quoted text here. Click to load it

The IMEI is meaningless to the cell phone provider.  

It's like a NIC address. Just a bunch of numbers to id a device, but  
any other set of numbers work as well.

Changing the IMEI will scramble the metadata for someone like you  
or me, but I doubt the added obscurity will confuse the NSA by much.

Then again, they never caught Tsarnav due to a spelling quirk in  
their do-not-fly lists, so, it might be worth the try.

Re: NSA spying: What's the best phone encryption & IMEI random number generator?
Quoted text here. Click to load it

The GSM network simply cannot handle the same two IMEIs using the
network simultaneously.  So IMEI uniqueness is essential to the
network.

This is why all dual-sim dual-active phones have *two* different IMEI
numbers, one for each sim slot.  Contrast that with dual-sim
dual-standby phones, which usually use the same IMEI for both sim
slots.. in which case they can both register, but if one becomes
active the other is disabled.

--Tracking--

All mobile phones are trackable.  A provider may only opt to refuse
registration from blacklisted IMEIs, but what's to stop them from
tracking the theif?  Nothing, apart from economics, AFAIK.  Of course
the OPs natural concern is whether he can be tracked.  Why not?

--Denial of Service--

Couldn't someone deny service to someone else simply by cloning their
IMEI, and staying active on the same network?  I'm conjecturing, but
it seems being able to change IMEIs would control for someone who
would do this kind of attack against you.

Quoted text here. Click to load it

Suppose you change the IMEI before every new SIM is inserted... don't
you think the IMEI+SIM combination appears like a new phone and
different user?

Otherwise, if you don't change IMEI numbers, every past sim will be
associated to each other and every future sim, no?


Re: NSA spying: What's the best phone encryption & IMEI random number generator?
On Sun, 08 Sep 2013 14:26:27 -0700, Jeff Liebermann wrote:

Quoted text here. Click to load it

Hey there Jeff,
I know you're famous on a.i.w, so I respect your response.

I never understood WHY people say that the IMEI number matters to the  
telco. I put different SIM cards in my phone all the time, and thereby  
use either T-Mobile or AT&T and I haven't explicitly registered the  
cell phone with either company.

So, how exactly is an IMEI "tied" to the phone company? I never understood
that.  

The SIM card *is* tied to the company - but in my experience, it works
in any (unlocked) phone of any IMEI.

So, that's why I never understood when people say you can't change  
your IMEI. You "effectively" change your IMEI every time you put your
SIM card in another phone (which happens all the time).

Can you explain?


Re: NSA spying: What's the best phone encryption & IMEI random number generator?

Quoted text here. Click to load it

The GSM providers (AT&T and T-Mobile) use SIM cards for identifying
the owner and the account, but not the phone.  The CDMA providers
(Sprint and Verizon) do not use SIM cards.  Instead, they use the
MEID/IMSI/IMEI/ESN numbers.  When you activate a phone on Verizon,
it's by those numbers:
<http://www.verizonwireless.com/b2c/nso/enterDeviceId.do
On a smart phone, dial *#06# to display the number(s).  What the IMEI
number does for the vendor is identify the phone and it's
capabilities.  

More later.  Really busy tonite.
  
--  
Jeff Liebermann     jeffl@cruzio.com
150 Felker St #D    http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann     AE6KS    831-336-2558

Site Timeline