[Replicant] Question regarding a freedom respecting modem

Denis 'GNUtoo' Carikli GNUtoo at cyberdimension.org
Tue May 25 09:42:28 UTC 2021


On Mon, 24 May 2021 23:50:54 +0000 (UTC)
m d <mdreplicantmd at yahoo.com> wrote:

>  > ##I'm also unsure if there are more ways than the IMEI to identify
> > ##devices. It's for instance possible to identify the family of WiFi
> > ##chips being used just by looking at what is being transmitted. So
> > it ##may be possible to still get some identifying information out
> > of the ##device even if the IMEI has been changed.
> > 
> > Radio fingerprinting pointed above?
> ##Yes, I wasn't aware of any papers for GSM. Thanks for the link,
> I'll try ##to find the time to read it.
> OK no problems. By the sound of your previous hypothesis of
> identifying devices by family of wifi etc... + this research paper,
> it might be "safe" to assume that IMEI identification of use for
> blacklisting of devices. Therefore even a device with a spoofed IMEI
> might not be able to falsify its identity. 
I guess that it could work at some level at least. Like with IEEE
protocols like Ethernet or WiFi, one could write code that generates a
random address and then, since the failure rate is probably higher, try
to register to the network, and try another address if that fails.

> The other thing which I forgot to ask previously, you might not know
> the answer to this but, would it be possible to correlate the call
> logs from several sim cards to an IMEI? As in, would a service
> provider be able to gather all call logs from a device's IMEI if this
> device had been used with different sim cards?
It depends on what kind of things that service provider logs.

Services provider typically track which SIM card is being used (the
phone uses it to register to its network). In addition some also track
the IMEI of the devices being used. So you end up being able to link
IMEIs and SIM cards. 

In many cases, people have to gives a copy of their identification
papers to get a SIM card or continue using it in the long run, so in
most cases they can link it that to a person.

In addition I would expect networks to track calls, at least for
billing purposes. So you can links calls to that too.

Many networks are probably also tracking users positions in real time,
so it becomes really scary.

For the position, there are workarounds, like always leaving your phone
at home, or turning off the modem[1].

As for the metadata (calls, SMS, etc), beside using Internet protocols
I don't know any solutions.

For the content of the SMS, silence can encrypt the SMS, but its
protocol is probably not standard, so the other side also need Silence.

And for the calls, beside using Internet protocols, I also don't know
any solutions.

When Replicant 11 will start becoming usable, it might be interesting
to look into randomizing the MAC address of at least the WiFi
interfaces.

References:
-----------
[1] With Replicant 6.0 0004 we will have the modem.sh script bundled
    in the images to do that. The downside is that if the modem is off
    the phone can't receive any SMS or calls nor send any SMS or calls.
    The 3G data also doesn't work when the modem is off.

Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20210525/f1910af4/attachment.asc>


More information about the Replicant mailing list