How you might circumvent a mobile network

Mobile technology is evolving and as smartphone memory (including increased flash storage space), battery life and network performance improves, so will the opportunities to circumvent the existing mobile networks. Nothing is impossible with the advances being made with smartphones right now. The events in Egypt, Libya and Syria, got me thinking about how mobiles could be used without governments/mobile operators spying on the voice and data calls.

Cell towers (sites) would provide the coverage and if the cell site was knocked offline, the mobile network wouldn’t exist. So what if you could find a way to circumvent the loss of a cell network? I actually believe (and this is based on research I am doing) that somewhere right now, government or even hackers are looking into ways of communicating outside of the 3G/4G(LTE) networks. LTE (Long Term Evolution) is the latest transmission technology (4G) which provides greater bandwidth and speed for data hungry smartphones – far greater than 3G was ever capable of. If LTE isn’t introduced then the 3G network will grind to a halt – or will it?

Some suggest (and I’m included in this ‘some’) that a hybrid mesh network could be developed that supports a cell network without a cell network. I hear you say what? Think the TOR network folks. Imagine if you could turn any mobile smartphone into a IP network hub with public key encryption which transmits wireless signals, with host smartphones (nodes) connecting using a client-side app? WiFi hotspot technology works is a slightly similar concept.You could jump off a cell providers network onto a ‘private’ TOR-like network where no-one could eavesdrop or intercept your data/voice transmissions. You could also use the network for P2P sharing which would bridge the Internet. There are endless opportunities. Social networking (Twitter and Facebook) would act as the messaging platform which allow for people (mobiles) to connect as and when – so the scene is set.

This leads me to my final thought. What if by jumping off the cell network you could also open a new opportunity for mobile malware writers to exploit? By this I mean the ability to propagate malware from a smartphone ‘hub’ to connecting client smartphones. It’s possible but could be managed with an intelligent mobile app permission management application – only downside here is expect to see lots of prompts :(.

This is a very interesting theory and one in which the late Steve Jobs might have been looking into to power the network behind his now famous iPhone devices.

Safe surfing folks!

This entry was posted in mobile, privacy. Bookmark the permalink.

3 Responses to How you might circumvent a mobile network

  1. David says:

    Hi Julian, I was at a lecture by a swedish professor of telecomms (5 yrs ago) and he said that there were enough 3G smartphones available now that it would be cheaper to hop and ripple data from one phone to another probably using a protocol beyond TCP/IP (some mentioned a disruptive tolerant protocol that expects connectivity to be a bit variable) anyway the upshot was that a 3G or 4G network by phone-2-phone mesh alone would work better and be much cheaper than building 3G/4G towers everywhere. Other people who would be happy = less informed citizens who protest about ‘deadly radio towers near their school/home’ – there wouldn’t be any network of towers other than where there were hardly any people = WIN WIN situation.

    As usual dotMil is already partially into mesh (sensor) networks, there are already fully defined attacks and defences from White Nodes, Black Nodes and Grey Nodes! – your malware hub is a grey node, Black nodes are even naughtier.
    Last week I heard from Charles Brookson G3GBA of the GSMAssociation at an open event that 2G = GSM has rather a lot of security issues that are being fixed now, but your malware false BTS attack is possible today with 2G/GSM – luckily is costly at around £1k and needs lots of black hat skill.

    GSM/2G originally featured a handset to handset direct mode – within a cell, but this was deprecated to allow for centralised Lawful Interception. I think GSM-Railways has maintained handset to handset as an option. We do need research other than dotMil into mesh sensor networks as they could be incredibly useful!

    regards, Davey

    • Julian says:

      #Davey# My research (although) in its infancy seems to steer towards an IP related model (possible reliance on MAC addresses) but thinking out of the box I’d stick my neck on the line and say it’s possible a disruptive tolerant protocol might actually work. I believe we have clearly highlighted that the 3G/4G network could actually use a phone-2-phone mesh which would do away or reduce the data flows going through the cell towers. The cell towers in this example could buffer any data overflows in this instance. Not too sure on your node evaluation (maybe an offline discussion) but yes I do know from my Nortel days that GSM had some rather nasty flaws. Cyber criminals could find a way to DDoS a network but that is some way off. Cost prohibitive and why? are two thoughts that spring to mind. You are also spot on when you talk about handset to handset mode – I remember Nokia demonstrating to me way back and that was when texting was used just for engineering purposes 😉

  2. Pingback: How you might circumvent a mobile network | News | IT Security Magazine - Hakin9

Leave a Reply

Your email address will not be published. Required fields are marked *