A firewall developed by the German firm GSMK for its secure CryptoPhone lets people know when a rogue cell tower is connecting to their phone. It's the first system available that can do this, though it's currently only available for enterprise customers using Android phones, Wired reported.
GSMK's CryptoPhone 500, a high-end phone that costs more than
The problem with rogue cell towers is widespread. The
IMSI catchers, stingrays or GSM interceptors as they're also called, force a phone to connect to them by emitting a stronger signal than the legitimate towers around them. Once connected, pings from the phone can help the rogue tower identify a phone in the vicinity and track the phone's location and movement while passing the phone signals on to a legitimate tower so the user still receives service. Some of the IMSI software and devices also intercept and decrypt calls and can be used to push malware to vulnerable phones, and they can also be used to locate air cards used with computers. The systems are designed to be portable so they can be operated from a van or on foot to track a phone as it moves. But some can be stationary and operate from, say, a military base or an embassy. The reach of a rogue tower can be up to a mile away, forcing thousands of phones in a region to connect to it without anyone knowing.
But GSMK's CryptoPhone firewall aims to combat this by monitoring all connections to the phone's baseband. It checks whether a particular cell tower lacks an ID like its neighboring towers—for example a name that identifies it as an AT&T or
"At the same time, the firewall is monitoring every instruction coming into and out of the base station—and it's showing you what baseband activity occurred but was not controlled by the operating system," says
It also allows you to see if your phone made suspicious connections that are brief—say, a minute and half connection that occurred in the middle of the night when you were doing nothing on the phone and no applications were updating.
ESD America has asked its 6,500 customers to notify them via email or tweet with a screenshot whenever their phone produces an alert about possible rogue activity to help them verify it. And in August alone, users sent in alerts showing the location of 19 rogue tower sightings spread throughout the U.S. The reports came in from casino executives in
"If someone gets the alert on the CryptoPhone to say there is an intercept, it doesn't mean their call is being listened to; but it means that they are one of the 1,000 or 10,000 people that are having their calls routed through the interceptor," says Goldsmith. "It doesn't mean that person is a target, but that they happen to be in a place where someone is a target."
Unfortunately, the firewall isn't available for every phone. It's currently designed for use on customized phones with the rest of the CryptoPhone operating system, although the firewall can be installed separately without other parts of the operating system. But it takes two to three months to customize a phone with the CryptoPhone operating system—Goldsmith's company has to replace the resident Android operating system with the modified CryptoPhone operating system. And the company will only do the installation for enterprise and government customers where multiple phones of the same type are being modified at once. Goldsmith says it would take too much work to do different phones individually.
He says he can envision a consumer-level app in the future that could be installed on phones by individuals. Although such an app wouldn't have all of the same functionality as the robust firewall has, it would still be able to alert you to a rogue cell tower. There are currently no plans for an app, however.
Most Popular Stories
- Frightfully Fun Films Return for Halloween
- Would Soccer Be Richer Without Small Clubs?
- Pfizer Approves $11 Billion Buyback Plan
- Cloud Lifts Microsoft's Quarterly Results
- Jennifer Aniston, Justin Theroux Set the Date
- IS Funded by Black Market Oil Sales, Racketeering
- Hollywood Eager to Grasp Hispanic Market
- Weekly Jobless Claims Rise but Remain Low
- Stocks Continue Strong After Opening Surge
- Teresa Giudice Must Serve Time in Prison