Schneier on Security

Clive Robinson • February 24, 2014 9:24 PM

@ Arclight,

It’s not clear to me whether this is another spoofing system, or more of a deployable “private cell system” for spooks, contractors, etc

Both.

The DoD and various NATO countries have been making pre-contract enquires in the recent past for “private cell systems” with a high degree of interoperability.

The sad truth for “military radio suppliers” is they can nolonger compeate with COTS cell phone systems on all fronts, not just those they traditionaly fail on. The same is true for commercial “Trunked PMR” suppliers to transportation and LEO’s and other first responders

It’s been noticed by “command” that soldiers prefer to use their iPhones for a whole host of reasons and some soldiers have designed apps to replace a lot of the “necessary bulk junk” they would otherwise have to deal with.

A look at the UK’s Met Police (one of the larger LEOs) shows that the “boots on the ground” officers are routienly carrying their “TETRA-Crap” radios and two or more mobile phones because the Tetra-crap is not working for them and the mobiles are.

Further when it comes to “under cover” operations unlike the traditional covert radios that are a very definate liability, mobiles are like gold watches etc seen as “status symbols” by criminals et al, thus an operative is almost expected to have the latest mobile phone to alay suspiscion by those they are trying to infiltrate…

Whilst traditional GSM security (A5/1 encryption etc) is sufficient for mild “privacy” from low level attackers and can be used for some tactical situations, more secure comms can be achived by the VoIP system mentioned, which would just be any other “game app” etc [1]. The advantage of “owning the base station” is you can route such traffic away securely without it ever touching the Internet with all it’s problems.

Further there is a lot of talk about “kill switches” and the like for use during “national emergancies”, a system such as this would not be effected by such things so would continue to work as long as the battaries and coverage do in any environment it’s employed.

And that raises another issue, there are quite a few places in the world where the NSA et al don’t have control of the local mobile phone systems or the legal leverage etc to do so, and for many reasons it might be undesirable to do so.

Adding another mobile base station is unlikely to attract the attention of a national monitoring athority in the same way as adding the equivalent of a PMR network or network in other bands. Mobile operators are starting to deploy “special events” systems at stadiums etc and other places, they are usually “trusted” to do any band planning etc themselves by the national authorities that in these times of austerity have better things to do with their diminishing budjets.

So yes such systems would be of considerable use for both providing “agent coms” and “target directed attacks” to any intel agency from high end National security to basic local/regional law enforcment. And to be honest I would expect the likes of Israel to be considerably more advanced in this area of work for a number of reasons.

[1] A quick scan on the Internet will show that there are quite a few people advertising Secure VoIP etc Apps for mobile phones. Although I have no idea of how good/bad they are and make no recomendation an example is http://www.securegsm.com/ to see what features are advertised.