• General

  • Can anything shield IMSI from IMSI catchers?

fluxcondensator 1. An attacker could potentially disable airplane mode.

How? They'd need access to the device and at least one of the PINs or passwords to unlock one of the profiles to do this. In that case, there may be no need for an exploit.

    de0u Enabling airplane mode disables the cellular radio, but Wi-Fi can be re-enabled and used without activating the cellular radio again

    I looked up your source to see how to do this but did not find directions. How does one do this?

        Murcielago thank you, so if I go to a protest with this setup and find a hotspot, stingrays would not see my SIM or IMSI numbers while I chat on Signal or Session?

            K8y find a hotspot

            If you think it's safe to connect to some random hotspot during a protest I have bad news for you. Unfortunately there's no Wall of Sheep during such events.

            • K8y replied to this.
            • K8y likes this.

                0xsigsev good point...the free open hotspot itself might be a trap by the surveillance team! Is that what you mean?

                Would a VPN take care of that?

                    K8y Is that what you mean?

                    Yes.

                    K8y Would a VPN take care of that?

                    No. They're your first hop, it may protect from some randoms setting up shady hotspots to play with people, but in this case I'd not count on it.

                    • K8y replied to this.
                    • K8y likes this.

                          0xsigsev hmmm...are there such things as "pocket routers"? Is this what "raspberries" are?

                          How can someone connect to a secure Internet while in airplane mode on the go...would a Starlink connection solve this?

                              K8y

                              K8y thank you, so if I go to a protest with this setup and find a hotspot, stingrays would not see my SIM or IMSI numbers while I chat on Signal or Session?

                              This is an interesting conversation, with a lot of history. To add, here are some links that may answer questions about IMSI catchers, etc. in general:

                              Plain language technical information about IMSI catchers: https://www.eff.org/wp/gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell-networks

                              If you're generally interested in protest security - this 'Surveillance Self Defense' guide is pretty good and has a section on attending a protest: https://ssd.eff.org/

                              It's not just IMSI catchers though... Device/Person correlation can be derived from: AGPS location privilege given to an app that sells this data (e.g. Google fulfilling geo-fence warrants) or connecting to your University's Library Wi-Fi (e.g. Pamona College, etc. recently)...

                                    K8y There are, but they in turn would need a sim card to connect to a cellular tower. U got the point i guess, unless u can obtain a sim card that in no way can be linked to your real identity, and preferably buy the portable router cash, so imei can't be linked to u, might be an option then.

                                    • K8y likes this.

                                      Hill_Sphere I've just read the article linked, and came across an interesting observation.
                                      I'll quote the bit that i found interesting (Section 3.2.3)

                                      Section 3.2.3: Why aren’t users alerted that encryption is off?

                                      At this point, many people ask: why doesn’t their phone tell them something’s up? According to the GSM specifications, cell phone users are supposed to be notified when encryption is disabled, and in some markets they used to be. However, this caused a lot of confusion because:

                                      People would travel with their phones to places where cell towers were configured very differently (e.g. in some countries cell network encryption is banned) and it would cause a “Warning: encryption disabled” pop-up to come up a lot.
                                      Cell towers everywhere were misconfigured, also causing this pop-up to appear a lot.

                                      These issues led to many confused consumers and support calls to mobile carriers, resulting in the warning ultimately being disabled.

                                      @GrapheneOS , apologies fot the tagging, but this made me wonder, is this warning implemented somewhere on carrier level, or on the phone itself?
                                      If on the phone itself, wouldn't it be a nice addition, especially on GrapheneOS, to reimplement this 'feature' perhaps after a toggle, if seen as feasible in the first place?

                                      • de0u replied to this.

                                          Onlyfun thanks. Does the sim card work with grapheme pixels? It says it is for GL.iNet Devices though I don't see their line of phones...

                                          And the portable router doesn't need to be plugged into a wall, but simply can be carried in your pocket (battery operated or rechargeable) so you can use with Graphene Pixels on airplane mode WiFi secure messaging to avoid getting on someone's radar?

                                              Onlyfun also can this router be set up anonymously so no identifiers are seen at protest scannings?

                                                  K8y thanks. Does the sim card work with grapheme pixels? It says it is for GL.iNet Devices though I don't see their line of phones..

                                                  Yw. I have no idea, but they say: For use with other devices or mobile phones, APN setting(wbdata) may need to be manually configured. If you need assistance, our technical support team is available at support@gl-inet.com to guide you through the process.

                                                  so i would give it a try, $10 doesn't seem a lot even if it fails.

                                                  K8y And the portable router doesn't need to be plugged into a wall, but simply can be carried in your pocket (battery operated or rechargeable) so you can use with Graphene Pixels on airplane mode

                                                  no wall is required afaik. as mobile as your mobile phone.

                                                  K8y secure messaging to avoid getting on someone's radar?

                                                  still detectable. anonymity is necessary to maintain. messaging as well, not only secure.

                                                  • K8y likes this.

                                                        r134a Is this warning implemented somewhere on carrier level, or on the phone itself?
                                                        If on the phone itself, wouldn't it be a nice addition, especially on GrapheneOS, to reimplement this 'feature' perhaps after a toggle, if seen as feasible in the first place?

                                                        You may be interested in this recent post about an EFF research project: https://discuss.grapheneos.org/d/20515-meet-rayhunter-a-new-open-source-tool-from-eff-to-detect-cellular-spying/

                                                            de0u Wow, thanks for pointing me to that thread! i've managed to miss it. This seems a very interesting project, i'll look some deeper into it and possibly install it & contribute data to it, depending on my local laws which i first have to research.

                                                              I suspect the price of this device will go up significantly soon.. I wonder what's the sim compatibility since it looks to be a Verizon specific device.