Hi Nico and thanks for your answer.
You and Sylvain are right: there is a misunderstaning... my side :).
I intended to talk about authentication, not encryption.
So the question would be: do the mno disable authentication for some (or
all) the mt SMSs? I think you sent a bunch of SMS to a 'mobile' app to
check the presence of auth: how many of them (I'm interested in the
magnitudo of your tests).
Can you give the ML a ping when your code will be released (if you're
planning to do so)?
Have a nice day.
Dario.
On Wed, Jan 9, 2013 at 9:10 PM, Nico Golde <osmocom(a)ngolde.de> wrote:
Hi,
* Dario Lombardo <dario.lombardo.ml(a)gmail.com> [2013-01-09 20:41]:
As described in Nico Golde's talk at 29c3,
mobile operators can
deactivate
encryption on MT SMSes.
I think this is a misunderstanding, please check the
slides/video.
To check if a MT is encrypted I've started
'mobile'
with GSMTAP, and I've sent an sms to the mobile. Encryption seems to be
requested by the network. Now the question is: how can I be sure that
encryption is always activated?
If the network is not encrypting, you don't get a CIPHER
MODE COMMAND message. For MT you would have to generate
events that cause this, like sending an SMS. For MO you can
simply to a service request.
Cheers
Nico