Maniaque
2010-06-02 09:49:21 UTC
Hi,
I was thinking about Bluetooth proximity detection, and the brouhaha
around RFID usage over the past few years (big brother can monitor you
as you pass through any checkpoints), and I wondered how this issue
also applies to GSM.
Everyone knows that GSM operators can locate turned-on / active
headsets, and maybe some handsets even when they are turned off, but
I've never seen any mention of LOCAL detection of individuals by GSM
device signature...
In a quick search I found the following device which claims to do
something like this, but the description suggests that it's a pretty
complex process:
http://www.ukspyequipment.com/more/on/details/00052
Does anyone know whether the GSM standard allows for "easy" detection
of devices by IMEI or IMSI signatures within their broadcasts, or
whether the standard uses a more-complex session-based protocol which
would make detecting these signatures require eavesdropping on the
entire conversation, or whether there is some sort of cryptography
handshake in use (like in SSL) which would in theory make it
impossible to get these IDs without breaking the encryption?
I know these are pretty basic questions about the GSM standard, but
sadly I wouldn't know where to even start in reading the spec...
The Wikipedia page on GSM suggests that the standard uses pre-shared
key and challenge-response, but there is not enough detail to know
whether that is just for Data/Payload or also for identifying
information such as : http://en.wikipedia.org/wiki/GSM#GSM_service_security
The fact that there is a device out there that is (or claims to be)
able to harvest this information suggests that this stuff cannot be
too complicated, but maybe it's just a very sophisticated device??
Any information/thoughts would be appreciated.
Thanks,
Tao
I was thinking about Bluetooth proximity detection, and the brouhaha
around RFID usage over the past few years (big brother can monitor you
as you pass through any checkpoints), and I wondered how this issue
also applies to GSM.
Everyone knows that GSM operators can locate turned-on / active
headsets, and maybe some handsets even when they are turned off, but
I've never seen any mention of LOCAL detection of individuals by GSM
device signature...
In a quick search I found the following device which claims to do
something like this, but the description suggests that it's a pretty
complex process:
http://www.ukspyequipment.com/more/on/details/00052
Does anyone know whether the GSM standard allows for "easy" detection
of devices by IMEI or IMSI signatures within their broadcasts, or
whether the standard uses a more-complex session-based protocol which
would make detecting these signatures require eavesdropping on the
entire conversation, or whether there is some sort of cryptography
handshake in use (like in SSL) which would in theory make it
impossible to get these IDs without breaking the encryption?
I know these are pretty basic questions about the GSM standard, but
sadly I wouldn't know where to even start in reading the spec...
The Wikipedia page on GSM suggests that the standard uses pre-shared
key and challenge-response, but there is not enough detail to know
whether that is just for Data/Payload or also for identifying
information such as : http://en.wikipedia.org/wiki/GSM#GSM_service_security
The fact that there is a device out there that is (or claims to be)
able to harvest this information suggests that this stuff cannot be
too complicated, but maybe it's just a very sophisticated device??
Any information/thoughts would be appreciated.
Thanks,
Tao