|
|
|
|
|
|
by andor
4342 days ago
|
|
|
Their development roadmap has some details, not all of which seem viable. They want to make 2-3 apps: 1. Detect hidden SMS and (SIM card?) app installations through public APIs. I don't think this will work. 2. Send AT commands to the baseband processor and use the results to detect anomalies. My guess is that the baseband doesn't expose enough information for this to work. 3. Connect to an OsmocomBB phone running CatcherCatcher [0] via USB. This should work, since CatcherCatcher seems to work. [0] https://opensource.srlabs.de/projects/mobile-network-assessm... |
|
|
We're merely using any possible way to overcome the ridiculous AOS limitations on displaying highly important and relevant network variables and data. One of those is the Ciphering Indicator that has been 3GPP "required" for the last 10-15 years, but which Google and most Network providers choose to ignore. (Since they didn't wanna implement better encryption, until very recently.) Another is finding the Timing Advance and various Network (RRC) Timers.
(1) There are several types of silent SMS, most of which are already detectable and there is nothing strange with that. It does need further testing for a greater variety of devices, and to see what would happen on a real IMSI catcher.
(2) Your guess is partially right, since it is strongly HW dependent, some basebands expose everything (MTK) and other (Qualcomm) expose very little, since they have their own protocols (DM/QMI). But the SIM card filesystem does provide useful info. So a combination of AT commands, SIM card readings and also API access to Service Mode (Samsung) menus, can provide all that we need and more. But it is a rather technical challenge for our developers to do this, and for me to collect all support material needed.
(3) OBB support would be trivial, but we're not really proposing this. Very few people would bother going through the pain of finding an appropriate OBB compatible phone, less implementing it as a piggy-back to an Android. So unless some OBB developer serves the required Java + binaries to us on a silver platter, this will not be a feature of AIMSICD.