Unencrypted MT

Dario Lombardo dario.lombardo.ml at gmail.com
Thu Jan 10 08:51:20 UTC 2013


Hi Nico and thanks for your answer.
You and Sylvain are right: there is a misunderstaning... my side :).
I intended to talk about authentication, not encryption.
So the question would be: do the mno disable authentication for some (or
all) the mt SMSs? I think you sent a bunch of SMS to a 'mobile' app to
check the presence of auth: how many of them (I'm interested in the
magnitudo of your tests).
Can you give the ML a ping when your code will be released (if you're
planning to do so)?
Have a nice day.
Dario.

On Wed, Jan 9, 2013 at 9:10 PM, Nico Golde <osmocom at ngolde.de> wrote:

> Hi,
> * Dario Lombardo <dario.lombardo.ml at gmail.com> [2013-01-09 20:41]:
> > As described in Nico Golde's talk at 29c3, mobile operators can
> deactivate
> > encryption on MT SMSes.
>
> I think this is a misunderstanding, please check the
> slides/video.
>
> > To check if a MT is encrypted I've started 'mobile'
> > with GSMTAP, and I've sent an sms to the mobile. Encryption seems to be
> > requested by the network. Now the question is: how can I be sure that
> > encryption is always activated?
>
> If the network is not encrypting, you don't get a CIPHER
> MODE COMMAND message. For MT you would have to generate
> events that cause this, like sending an SMS. For MO you can
> simply to a service request.
>
> Cheers
> Nico
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/baseband-devel/attachments/20130110/ee587553/attachment.html>


More information about the baseband-devel mailing list