[gbon]

Besides the software compatibility with protocols different from GSM (2G) there is serious hardware problem: RLT-SDR dongles can't operate above 1.4 GHz. This limit is for the better models (i.e. those with a better shielding ). In my experience the cheap models as the one mentioned in the article have problems above 1 GHz. I'm telling you because GSM support ~900 Mhz and ~1800 Mhz frequencies and, as I tested, only the traffic around 900Mhz is visible. So, even in the 2G domain, you can't see everything.

[squarefoot]

Some SDR devices can go higher than 1800MHz, the HackRF One for example receives and transmits from 1 MHz to 6GHz and has been used to decode some GSM and LTE traffic.

https://sdr-x.github.io/Whole-20MHz-config-LTE-signal-is-dec...

https://greatscottgadgets.com/hackrf/

Way different price though still interesting.

[gabrielblack]

Exactly, I've a "premium" RTL-SDR and I se only the traffic on 900 MHz band. A more expensive SDR is required to sniff seriously. This is amateur hardware, professional hardware ( as the models described in the Snowden's documents ) can reach 100k E or more. That hardware can elaborate every frequency, more frequency in parallel with maximum reliability, a 20$ hardware simply can't. A good compromise can be one of the commercial SDR like Lime, etc.

[fapjacks]

I've been working in this space for the last few months. While you are correct, you can buy and easily modify a cheap downconverter to receive frequencies quite a lot higher than the plain old rtl-sdr by itself. [0]

[0] https://www.rtl-sdr.com/potentially-receiving-up-to-10-ghz-w...

[superkuh]

Technically you could use one of the older (or custom ~$40) rtlsdr dongles with the Elonics E4000 tuner which goes all the way up to 2200 MHz (I have a couple). They're what I use for doing any >1400 MHz work with dongles. They'd work just fine with this toolset.