Why aren’t Stingrays rendered ineffective by standard MITM defenses? – Information Security Stack Exchange


There’s been a lot of reporting in the past few years about law enforcement agencies using IMSI catchers (also known as Stingrays after a popular brand of them) to intercept cellular communications.

Stingrays and other IMSI-catchers violate the cell tower agreements by producing an illegal signal, pretending to be a cell tower.They control the encryption flag, which will cause a phone to downgrade security either to the least secure algorithm, or disable encryption completely. As far as a MITM goes, they may pass along the phone call data to a legitimate tower, or they may simply send back an error code the user sees as a call failure.

Virtually all modern phones technology is rooted in GSM technology. GSM standard was intentionally designed to be able to run with weak encryption. This allowed the export of GSM to Eastern Europe. Modern cell phones support different protocols, classic GSM, GPRS, HSDPA, 3G, 4G, …

Each of these was developed at their own time and the most basic protocol allowed for optional encryption or was using a “proprietary” encryption protocol that was vulnerable. This means your iPhone can still speak basic, vulnerable GSM – and can be tricked to use it.


Posted from WordPress for Android

1 Comment

  1. Tomi Engdahl says:

    Hackaday Prize Entry: Catch The IMSI Catchers

    An IMSI catcher is an illicit mobile phone base station designed to intercept the traffic from nearby mobile phones by persuading them to connect to it rather than the real phone company tower. The IMSI in the name stands for International Mobile Subscriber Identity, a unique global identifier that all mobile phones have. IMSI catchers are typically used by government agencies to detect and track people at particular locations, and are thus the subject of some controversy.

    As is so often the case when a piece of surveillance technology is used in a controversial manner there is a counter-effort against it. The IMSI catchers have spawned the subject of this post, an IMSI catcher detector app for Android. It’s a work-in-progress at the moment with code posted in its GitHub repository, but it is still an interesting look into this rather shadowy world.

    Android IMSI-Catcher Detector

    An open source app to detect fake base stations (IMSI-Catcher / StingRay) as well as silent SMS in GSM/UMTS networks on your mobile phone.


Leave a Comment

Your email address will not be published. Required fields are marked *