Listening to GSM with HackRF. Listening to GSM using HackRF Imsi Cellular Interceptor buy

Cell Phone Listening - one of the methods of unauthorized access to personal data. Includes interception and decryption of GSM packets (digital communication standard used in mobile phones), SMS and MMS messages.

The risk of intrusion into the privacy of the owners of phones, smartphones and tablets, or rather, their negotiations and correspondence is growing day by day. Devices that scan and analyze the flow of radio signals, special software for decrypting GSM and other technical and software tricks have become more accessible today than ever before. If you wish, you can buy them, or even get them for free (utilities). Listening to a mobile is now the prerogative of not only the special services.

Who is tapping phones

The contingent of those eager to know the content of private conversations and SMS messages is large enough, it includes both amateur spies and sophisticated professionals. These people have different goals and intentions, respectively.

Phone tapping is carried out by:

Law enforcement - to prevent terrorist attacks, provocations, to collect evidence during the operational-investigative process, to search for offenders. With the written permission of the prosecutor or the court, they can intercept and record telephone conversations in all wireless (including GSM) and wired switching lines.
Business competitors - they turn to the pros for conducting industrial espionage: collecting compromising evidence on the management of a rival company, finding out commercial plans, production secrets, information about partners. They do not spare money and effort to achieve their goal, they use the latest equipment and high-class specialists.
Close circle (family members, friends, acquaintances) - depending on the financial solvency, telephone communication is monitored independently (after a brief acquaintance with the technology). Or they turn for help to "craftsmen" who provide the service at affordable prices. The motives for espionage are predominantly of a domestic nature: jealousy, division of inheritance, intrigue, excessive displays of care, banal curiosity.
Swindlers and blackmailers - operate exclusively on their own. Choose victims (subscribers mobile communications) purposefully. During the interception of conversations, they find out all the information of interest (business activities, meetings, immediate plans, circle of acquaintances). And then they use it in conjunction with social engineering methods to influence the owner of the phone in order to lure him out of funds.
hackers - they intercept conversations mainly by software - viruses. But sometimes they also use devices that scan GSM. Victims for the attack are chosen randomly, according to the principle of "who gets caught." Their interests are the extraction of information "trophies". Puns recorded from private telephone air, funny misunderstandings, showdowns are laid out by digital hooligans in various online publications for the amusement of visitors.
Jokers - usually known victims. They organize "one-time" espionage for the sake of "fun", a prank, or to make some kind of surprise. Although sometimes they succumb to the vile temptation, having heard from the lips of the listened interlocutors some secret from their personal or business life.

Mobile Listening Methods

1. Installation of the "bug"

The traditional method of surveillance, but, nevertheless, effective and affordable in terms of the financial issue. A tiny device the size of a pinhead (or even smaller) is installed in the victim's phone in no more than 10 minutes. At the same time, his presence is carefully masked, visually and hardware.

The "bug" is powered by a battery, so it functions even if there are no telephone conversations, that is, it constantly "listens" to the surrounding space within the microphone sensitivity radius. Sound broadcasts via GSM-connection or via a given radio channel, depending on the technical modification of the device.

2. GSM signal interception

From a technical point of view, one of the most difficult methods. But along with this, and one of the most productive, powerful. Its principle of operation is based on gaining unauthorized access to a private GSM channel and subsequent decryption of its packets. The signal interceptor installs scanning equipment with integrated software designed to “read” signals between the repeater tower and the subscriber. And then, after waiting for the connection to be established (if the hunt is for a specific number), it starts wiretapping.

Mobile encryption algorithms

All mobile operators use secret data encryption algorithms to encode signals. Each of them serves to perform specific tasks:

A3 - prevents phone cloning (protects the authorization procedure);
A5 - encodes the digitized speech of subscribers (ensures the confidentiality of negotiations);
A8 is a service crypto key generator that uses the data obtained by the A3 and A5 algorithms.

Interceptors focus their attention on the A5 algorithm (which masks speech), which they intercept and decrypt. Due to the peculiarities of exporting the A5 cryptosystem, two versions of it were developed:

A5/1 - for Western European countries;
A5/2 (stripped down, weak version) for other countries (including the CIS states).

For some time, the essence of the A5 algorithm was a mystery behind seven seals, a technological secret at the level of a state secret. However, by the beginning of 1994, the situation had changed radically - sources appeared that revealed in detail its basic principles of encryption.

To date, almost everything is known about the A5 to the interested public. In short: A5 creates a 64-bit key by unevenly shifting three linear registers, the length of which is respectively 23, 22 and 19 bits. Despite the high resistance of the key to hacking, hackers have learned to "open" it on medium-power equipment - both in strong (/1) and in weak versions(/2). They use special software (developed by them) that unravels the A5 "tangle" using a variety of cryptanalysis methods.

Interception and monitoring equipment

The first mobile listening devices appeared immediately after the adoption of the GSM standard. There are about 20 top solutions that are actively used for wiretapping by private and legal entities. Their cost fluctuates between $2-12,000. CM. Budyonny - design engineers equipped the departments of the Ministry of Internal Affairs with listening devices.

Any model of GSM-interceptor (sniffer), regardless of the technical characteristics (design, speed, cost), performs the following functions:

channel scanning, active detection;
control of the control and voice channel of the repeater/mobile phone;
signal recording to external media (hard drive, USB flash drive);
definition phone numbers subscribers (called and calling).

The following devices are actively used to monitor mobile channels:

GSM Interceptor Pro - covers a coverage area of 0.8-25 km, supports A1 / 1 and / 2;
PostWin is a complex based on a class P-III PC. In addition to GSM-900, it intercepts AMPS/DAMPS and NMT-450 standards;
SCL-5020 is an Indian-made device. Determines the distance to the repeater, can simultaneously listen to up to 16 GSM channels.

3. Changing the "firmware" of the phone

After a technical modification, the victim's phone copies all the conversations and sends them to the hacker via GSM, Wi-Fi, 3G and other relevant communication standards (optional).

4. Introduction of viruses

After infecting the OS of a smartphone, a special spy virus begins to covertly perform “chart recorder functions” — that is, it captures all conversations and redirects them to intruders. As a rule, it is distributed in the form of infected MMS, SMS and email messages.

Measures to protect your mobile phone from eavesdropping

Installing a security application in the phone OS that prevents connection to false repeaters, checks the identifiers and signatures of the bases mobile operator, detects suspicious channels and spyware, blocks other programs from accessing the microphone and video camera. Top solutions: Android IMSI-Catcher Detector, EAGLE Security, Darshak, CatcherCatcher

Carrying out technical diagnostics of the battery: when listening, it quickly discharges, heats up when the phone is not in use.
Immediate response to suspicious phone activity (backlight turns on randomly, unknown applications are installed, interference, echo and pulsing noise appear during conversations). It is necessary to contact the repair shop so that the specialists examine the phone for the presence of "bugs" and viruses.
Turning off the phone by removing the battery at night, ideally - insert the battery into the phone only to make an outgoing call.

Be that as it may, if someone wants to listen to your phone, sooner or later he will be able to do it, on his own or with someone else's help. Never lose vigilance and at the slightest manifestation of signal interception symptoms, take appropriate measures.

SIM card cloning

One of the common problems is SIM card cloning. You can often find ads on the Internet about an easy way to clone a card, and there are many utilities, such as SIM Card Seizure. As the goals of cloning, they usually indicate the ability to make free calls at someone else's expense and the ability to listen to the conversations of the owner of the cloned SIM card. In the first use case, the owner of the clone will have problems receiving incoming calls, but outgoing calls can be made freely. The main consumers are people who then at the subway offer passers-by cheap calls to any country in the world. As for listening to the subscriber, the next section is devoted to the consideration of this issue.

The previous section described the SIM card authentication process (Figure 120). Basic in this process are the IMSI parameters and

K I . In order for a clone to be able to authenticate with the AUC, it must know these parameters. Finding out IMSI is easy, it can be written on the card itself or attached to it. It can be easily read from the SIM card using a smart card reader. But with K I, everything is somewhat more complicated.

As you already know, K I is stored in only two places - in the SIM card memory and in the AUC memory. K I is never transmitted in the clear during authentication, i.e. it cannot be intercepted during authentication. Attackers have 4 options for obtaining K I . The first option is an insider in the operating company. This option is preferable, because you can get information on several cards at once. The disadvantages of this option are that, due to the significance of K I, access to their values is strictly limited, and if a mass leak is detected, the insider will be quickly calculated. In addition, AUC often lacks functionality to read KI for the same security reasons. The second option is based on the theft of KI immediately after receiving a batch of SIM cards from the manufacturer. The problems here are the same as in the previous version: the number of people with the necessary access is calculated in units.

Third option: read K I from the SIM card memory. Let's start with the fact that you need to get physical access to the card (remove it from the victim's phone under some pretext, know the PIN code). An important drawback: the SIM card does not have an interface through which you can directly read or change K I .

And finally, the last option: calculate K I . The attacker must have knowledge of the A3 algorithm used by the operator. In this case, you can try to calculate K I by observing the results of converting RAND to SRES. To do this, RAND is manually formed, the encryption algorithm is called, and RAND is passed to it. This process is automated by programs such as SimScan and WoronScan.

This is how the first clones of SIM cards were obtained. This became available due to the leak of information about the A3 algorithm, called COMP128, to the network. A vulnerability was discovered in the algorithm that allowed picking up KI in an acceptable number of attempts. After the vulnerability was discovered, most operators replaced it with something more resilient. There are currently three versions of the COMP128. The second and third versions are currently considered unopened. And although there are programs on the network that declare the possibility of hacking these versions, in fact it always turns out that their goal is to force the user to download the Trojan.

If the attacker does not have information about the implementation of A3, then he can try to pick up K I by brute force. Here another obstacle arises: the number of attempts to select KI is limited. At

SIM cards have a built-in A3 call counter, and when a certain threshold (65535) is exceeded, the card is blocked and stops responding to registration requests (although other functions work, for example, the phone book). Under normal operating conditions, when A3 is called every time the SIM card is registered in the network (when the phone is turned on), such restrictions do not interfere with the subscriber. But to get K I, more attempts may be needed.

If the attacker managed to pick up K I , then he gets the opportunity to call at someone else's expense. But there are several limiting factors here. First, because the money in the account will start faster than usual, it is very likely that the owner of the SIM card may notice this. In a detailed printout, “extra” calls will immediately be detected. This also applies to "unlimited" tariffs, because. they also have restrictions, in particular when calling abroad. Therefore, the attackers seek to pronounce the entire available balance as soon as possible and get rid of the clone. Secondly, if both cards are registered in the network, then incoming calls will come to the card that was last authorized, or from which the last outgoing call was made. Accordingly, a legitimate user may notice that he will no longer receive expected calls. It is generally contraindicated for malefactors to pick up the phone for the purposes of conspiracy. Otherwise, the user's correspondents will immediately detect fraud. Thirdly, the operator can calculate SIM-cards that are registered in the network in geographically separated places for a limited time. If the card is suspected of being cloned, the operator will block the card and issue a new one to the subscriber.

In summary, we can say that cloning SIM cards is possible, but rather difficult. If the operator modernized the implementation of A3 in a timely manner, and its employees are loyal and incorruptible, then subscribers should not be afraid of the appearance of clones of their SIM card. In addition, the relevance of such fraud decreases, because. the demand for cheap calls abroad is offset by the possibility of Skype calls, as well as offers from legal operators.

Interception of conversations in the GSM network

Most of the GSM hacking articles are based on Eli Barkan's 2006 article and Karsten Noh's research.

In their article, Barkan et al showed that since in GSM, error correction goes before encryption (and it should be vice versa), a certain reduction in the search space for selecting K C is possible and the implementation of a known-ciphertext attack (with completely passive listening to the air) in an acceptable time using pre-computed data.

The authors of the article themselves say that when receiving without interference for a hack within 2 minutes, 50 terabytes of pre-computed data are required. In the same article (in the section about A5/2) it is indicated that the signal from the air always comes with interference, which complicates the selection of the key. For A5 / 2, a modified algorithm is presented that is able to take into account interference, but at the same time requires twice as much precomputed data and, accordingly, the cracking time doubles. For A5/1, the possibility of constructing a similar algorithm is indicated, but it is not given. It can be assumed that in this case it is also necessary to double the amount of precomputed data.

The A5/1 key selection process is probabilistic and time dependent, i.e. the longer the audition goes on, the more likely it is to pick up K C . Thus, the 2 minutes stated in the article is an approximate, and not a guaranteed time for the selection of K C .

Carsten Nohl is developing the most famous GSM hacking project. His computer security firm was going to post in the end of 2009 open access rainbow tables of session keys of the A5/1 algorithm, which is used to encrypt speech in GSM networks.

Karsten Nohl explains his demarche against A5/1 as a desire to draw public attention to existing problem and force telecom operators to switch to more advanced technologies. For example, UMTS technology involves the use of a 128-bit A5 / 3 algorithm, the strength of which is such that it cannot be hacked by any available means today.

Carsten calculates that a complete A5/1 key table would be 128 petabytes in size when packaged and stored distributed across multiple computers on a network. To calculate it, about 80 computers and 2-3 months of work will be required. The use of modern CUDA graphics cards and Xilinx Virtex programmable arrays should significantly reduce the computation time. In particular, his speech at 26C3 (Chaos Communication Congress) in December 2009 made a lot of noise. Briefly formulate the essence of the speech as follows: soon we can expect the appearance of low-cost systems for online decoding A5 / 1.

Let's move on to engineering problems. How to get data from the air? To intercept conversations, you need to have a full-fledged scanner that should be able to figure out which base ones are broadcasting around, at what frequencies, which operators they belong to, which phones with which TMSIs are currently active. The scanner must be able to follow the conversation from the specified phone, correctly process transitions to other frequencies and base stations.

There are offers on the Internet to purchase a similar scanner without a decoder for 40-50 thousand dollars. It cannot be called a budget device.

Thus, to create a device that, after simple manipulations, could start listening to a conversation on the phone, it is necessary:

a) implement the part that works with the ether. In particular, it allows you to specify which of the TMSI corresponds to the phone you are looking for or, using active attacks, force the phones to “discover” their real IMSI and MSISDN;

b) implement an algorithm for fitting K c for A5/1 that works well on real data (with noise/errors, gaps, etc.);

d) combine all these points into a complete working solution.

Karsten and the rest of the researchers basically solve the "c" point. AT

In particular, he and his colleagues suggest using OpenBTS, airdump and Wireshark to create an IMSI interceptor (IMSI catcher). More details about the device and the interception of calls with its help are described below in the “Man-in-the-middle attack in GSM” section. So far, we can say that this device emulates a base station and is embedded between the MS and a real base station.

The speakers argue that a SIM card can easily prevent a phone from showing that it is running in A5/0 encryption mode (i.e. no encryption at all) and that most SIM cards in circulation are just that. It's really possible. In GSM 02.07, it is written (Normative Annex B.1.26) that the SIM card contains a special OFM bit in the Administrative field, which, if set to one, will disable the connection encryption indication (in the form of a barn lock). In GSM 11.11, the following access rights to this field are specified: read is always available, and write permissions are described as "ADM". A specific set of rights that govern entries in this field is set by the operator at the stage of creating SIM cards. Thus, the speakers hope that most of the cards are released with the bit set and their phones do not really show an indication of the lack of encryption. This really makes the work of the IMSI catcher much easier.

the owner of the phone cannot detect the lack of encryption and suspect something.

An interesting detail. Researchers have encountered the fact that phone firmware is tested for compliance with GSM specifications and is not tested for handling abnormal situations, therefore, in case of incorrect operation of the base station (for example, the “dummy” OpenBTS that was used for interception), phones often freeze.

The greatest resonance was caused by the statement that for only $ 1,500 it is possible to assemble a ready-made kit for listening to conversations from USRP, OpenBTS, Asterisk and airprobe. This information was widely circulated on the Internet, only the authors of these news and articles derived from them forgot to mention that the speakers themselves did not provide details, and the demonstration did not take place.

In December 2010, Carsten and Munaut (Sylvain Munaut) again spoke at the 27C3 conference with a report on the interception of conversations in GSM networks. This time they presented a more complete scenario, but it has a lot of "hothouse" conditions.

For location discovery, they use Internet services, which make it possible to throw “send routing info” requests into the SS7 network. SSV is the network/protocol stack that is used to communicate telephone operators(GSM and "terrestrial") with each other and for communicating GSM network components with each other.

Further, the authors make a reference to the implementation of mobile communications in Germany. There, the RAND obtained as a result of the query correlates well with the region code (area code / zip code). Therefore, such requests there make it possible to determine with an accuracy of the city or even part of the city where this subscriber is located in Germany. But the operator is not required to do so.

Now the explorers know the city. After that, they take a sniffer, go to the city they found earlier and start visiting all its LACs. Arriving at the territory that is part of some LAC, they send an SMS to the victim and listen to see if the victim's phone is paging (this happens over an unencrypted channel, in all bases at once). If there is a call, then they receive information about the TMSI that was issued to the subscriber. If not, they go to check the next LAC.

It should be noted that since IMSI is not transmitted during paging (and the researchers do not know it), but only TMSI is transmitted (which they want to know), then a “timing attack” is performed. They send several SMS with pauses in between and see which TMSIs are being paged by repeating the procedure until only one (or none) remains in the list of "suspicious" TMSIs.

To prevent the victim from noticing such a “probing”, an SMS is sent that will not be shown to the subscriber. This is either a specially created flash sms, or an incorrect (broken) SMS, which the phone will process and delete, while nothing will be shown to the user.

Having found out the LAC, they begin to visit all the cells of this LAC, send SMS and listen for paging responses. If there is an answer, then the victim is in this cell, and you can start cracking her session key (K C) and listen to her conversations.

Before that, you need to record the broadcast. Here, the researchers suggest the following:

1) there are custom-made FPGA boards that are capable of simultaneously recording all channels or an uplink (communication channel from a subscriber (phone or modem) to a base station mobile operator), or downlink (communication channel from the base station to the subscriber) of GSM frequencies (890-915 and 935-960 MHz, respectively). As already noted, such equipment costs $4050, so the availability of such equipment for a simple security researcher is doubtful;

2) you can take less powerful and cheaper equipment and listen to some of the frequencies on each of them. This option costs about 3.5 thousand euros with a solution based on USRP2;

Session key hack. Being in the same cell with the victim, they send SMS to it, record the communication of the victim with the base, and crack the key, taking advantage of the fact that during the session setup (session setup) there is an exchange of many half-empty packets or with predictable content. Rainbow tables are used to speed up hacking. At the time of 26C3, these tables were not so well filled and hacking was not done in minutes or even tens of minutes (the authors mention an hour). That is, before 27C3, even Carsten (the main researcher in this area) did not have a solution that allowed him to crack KC in an acceptable time (during which, most likely, there would be no session key change (rekeying)).

The researchers then take advantage of the fact that rekeying is rarely done after every call or SMS, and the session key they learn won't change for a while. Now, knowing the key, they can decode encrypted traffic to/from the victim in real time, and do frequency hopping at the same time as the victim. In this case, four flashed phones are really enough to capture the air, since it is not necessary to write all the frequencies and all the timeslots. The researchers have demonstrated this technology in action. True, the "victim" sat still and was served by one hundredth.

Summing up the intermediate result, we can affirmatively answer the question about the possibility of intercepting and decrypting GSM conversations on the fly. In doing so, you must keep the following in mind:

1) The technology described above does not exist in a form available to anyone (including script kiddies). This is not even a constructor, but a blank for constructor parts that need to be completed to a usable state. Researchers repeatedly notice that they do not have clear plans for posting in general access implementation specifics. This means that based on these developments, manufacturers in the Middle East are not mass-producing $100 devices that everyone can listen to.

2) OsmocomBB supports only one family of chips (albeit the most common one).

Unlike the demo, in reality there are thousands of paging messages in a load average LA. Moreover, paging does not work at the time of sending, but at certain time windows and in batches (according to paging groups with their own queues, the number of which is the remainder of dividing IMSI by the number of channels, which can be different in each cell), which again complicates the implementation .

4) Let's say LA is found. Now we need to “feel” the subscriber's answer. The phone transmitter has a power of 1-2 watts. Accordingly, scanning it from a distance of several tens of meters is also a task (not an easy one). It turns out a paradox: LA covers, for example, an entire region (city). In it, for example, 50 cells, some of which have a range of up to 30 km. We are trying to catch and decipher radiation on an omnidirectional antenna. To accomplish this task in this embodiment, a lot of equipment is required. If we proceed from the premise under which the victim is in direct line of sight, i.e. the distance at which the interception looks more realistic, the directional microphone is much more effective and simpler. It should be noted that in the demonstration, the researchers intercept their phones at a distance of 2 meters.

5) The movement of the prey between cells also causes problems, because you also need to move with it.

6) The phones used in the demonstration require hardware modification, they need to remove the filter from the antenna, otherwise the “alien” uplink phones will not “see”. The filter in the phone is needed in order to "listen" not to all frequencies, but only to "one's own".

7) If the network regularly changes the key (rekeying) or changes the TMSI (none of the researchers took this into account), then this method does not work at all or works very poorly (the decryption time may be longer than the conversation time).

8) Listening to the entire network will not work, you need to know the phone number.

Protection against traffic interception

1) Instead of a constant byte, use random values for paging empty GSM messages.

2) Change K C after each call.

3) Change TMSI as often as possible.

Points 2 and 3 can be solved by simple reconfiguration of the provider's network elements and do not require firmware or hardware updates.

In addition, various modified phones are on the market, for example, the Cancort crypto smart phone, which provides operation on GSM 900/1800 communication lines in two modes:

Open mode (Normal GSM mode);

Encryption mode with hack-proof encryption of information.

Cancort performs the following functions:

Encryption/decryption of short messages (SMS service)

Data encryption/decryption (BS26 and GPRS service).

Email encryption/decryption.

Encryption / decryption of information of all telephone directories (SIM PB).

Encryption/decryption of MMS information.

You can also use scramblers for protection, which have proven themselves well in protecting conventional telephone networks. An example is GUARD GSM. This device (like analogues) is connected to a cell phone via a wired headset and is small in size. The GUARD GSM scrambler has thirty two scrambling modes.

The principle of operation of this scrambler is based on the initial destruction and temporary rearrangement of sound on the transmitting side with its subsequent restoration on the receiving side. This process is two-way. Temporal permutation of segments of the speech signal and the restoration of their sequence at the reception takes a certain time interval. Therefore, a mandatory property of such equipment is a small signal delay on the receiving side. The beginning of a conversation, as a rule, begins in an open mode and then, on a mutual command, the devices switch to the scrambling mode. When negotiating, the device simultaneously performs two functions, scrambling and descrambling. That is, the speech uttered by one of the subscribers is encrypted on his part, and the second scrambler located at the second subscriber decrypts this speech. And the same thing happens in the opposite direction, when the second subscriber starts talking.

Specifications:

1. Speech intelligibility of at least 95%.

2. Connection type full duplex.

3. Signal delay in the line no more than 100 ms.

4. The level of protection of the linear signal is temporary.

5. Use in networks of the GSM 900/1800 standard.

6. Type of connection to cell phone wired headset 7. Overall dimensions 80x45x16 mm

Attack "man-in-the-middle" in GSM

The attack discussed earlier actively used a device called IMSI-catcher. This section discusses how such a device works and its limitations.

On the Internet, you can find many offers for the sale of special devices that can emulate base stations. Such announcements declare that such emulators allow you to secretly listen to any conversations without informing the operator and without even knowing the phone number of the person being tapped.

Devices with similar functionality do exist (for example, the RA 900 complex manufactured by Rohde & Schwarz), but they have far less impressive capabilities:

1) secretly you can only determine whether the phone is in the coverage area, into which the SIM card with the specified IMSI is inserted, or get a list of IMSI / IMEI but not phone numbers in the "pseudo-base" coverage area. This implies that the IMSI is known to the attacker.

2) You can listen to outgoing conversations from a specific phone, but the subscriber will have signal encryption disabled. In addition, the caller's number will be changed or hidden. At the same time, the subscriber himself can detect this and establish the fact of listening (or suspect).

3) With direct listening, incoming calls cannot be delivered to the subscriber and, accordingly, cannot be listened to. For other network subscribers, the listened subscriber is "out of coverage area".

As you can see, the functionality assumes the presence of certain information about the victim.

How IMSI-catcher works

IMSI-catcher is a device that, on the one hand, behaves like a base station of the GSM network, and on the other hand, contains a SIM card or some other technical means to connect to communication networks. It is used as follows:

1. The device is placed near the victim's mobile phone. The range is determined based on the power level of a real base station.

2. During operation, the device appears as a normal station. Naturally, she must impersonate the station of the operator to which the victim belongs. The GSM standard does not require the base station to authenticate itself to the phone (unlike UMTS networks, for example), so this is fairly easy to do. The frequency and signal strength of the fake base are selected so that the real base stations of all neighboring networks do not interfere with its operation.

3. The victim's phone is forced to choose a fake base as the best available base station due to its good and strong signal. The selection principle has been described previously. As a result, the attacker can determine the victim's IMEI.

4. To listen to conversations during registration, the fake base informs the phone about the need to switch to A5 / 0 encryption mode, that is, without encryption at all. The GSM phone cannot refuse.

5. After that, all outgoing calls of the victim pass through the fake station in the clear and can be recorded / listened to there. In this case, the device acts as a proxy, independently connecting to the dialed number and transparently broadcasting the voice through itself in both directions.

Limitations of IMSI-catcher

1. When connected to a fake station, the victim becomes unavailable for incoming calls. To support incoming calls, the device must be serviced by the operator's network in the same way as other base stations. To do this, you need to connect to some kind of base station controller (BSC) and register in its routing tables. But if an attacker has access to the operator's network at a level that allows connecting and configuring new base stations, then in this case it is more efficient to use SORM. If, in addition to the victim, other people get into the coverage area of the device mobile phones located next to the victim, they will show coverage, but neither incoming nor outgoing calls will be serviced. This may arouse suspicion.

2. Majority modern phones have an indication of encryption (in the form of a padlock) and the victim may be wary if he sees that the connection is not encrypted.

3. To broadcast outgoing calls, the device needs an output in telephone network. If you use your own GSM module with a SIM card for this, then outgoing calls from a fake station will be made with a number different from the number of the victim. To hide this, you can use the service "hiding the number of the caller" (calling line identification restriction, CLIR), which can also alert the recipients of the call and they can report this to the victim. Alternatively, when using WiFi + VoIP, you can replace the fake station number with the correct one, but this complicates the design.

For a more accurate substitution, the device must use a SIM card of the same operator used by the victim, in which case the attacker will be able to broadcast the victim's calls to service and short numbers.

4. If the victim is moving, it can easily leave the coverage area of the device, this will lead to the fact that the process will have to start over.

These shortcomings show that the use of such a device is limited to short-term interception of conversations and is practically not suitable for long-term listening.

Thus, the main use of such a device may be to identify the victim's SHZSHMSH, about which only its location is known exactly, and then use the information about SH5I to conduct normal listening by means of SORM.

Conclusion

Interception of messages in MBM networks is possible. But, given the conditions necessary for the implementation of the interception, we can say that the MBM is much better protected than it is shown in films and the Internet.

We turn to the consideration of hacking GSM. Articles about vulnerabilities in A5/1 appeared about 15 years ago, but there has not yet been a public demonstration of the A5/1 hack in the real world. Moreover, as can be seen from the description of the network operation, it must be understood that in addition to cracking the encryption algorithm itself, a number of purely engineering problems must be solved, which are usually always omitted from consideration (including at public demonstrations). Most of the GSM hacking articles are based on Eli Barkan's 2006 article and Karsten Noh's research. In their article, Barkan et al showed that since in GSM, error correction goes before encryption (and it should be vice versa), a certain reduction in the search space for selecting KC is possible and the implementation of a known-ciphertext attack (with completely passive listening to the air) in an acceptable time using pre-computed data. The authors of the article themselves say that when receiving without interference for a hack within 2 minutes, 50 terabytes of pre-computed data are required. In the same article (in the section about A5/2) it is indicated that the signal from the air always comes with interference, which complicates the selection of the key. For A5 / 2, a modified algorithm is presented that is able to take into account interference, but at the same time requires twice as much precomputed data and, accordingly, the cracking time doubles. For A5/1, the possibility of constructing a similar algorithm is indicated, but the algorithm itself is not given. It can be assumed that in this case it is also necessary to double the amount of precomputed data. The A5/1 key selection process is probabilistic and time dependent, i.e. the longer the audition goes on, the more likely it is to pick up KC. Thus, the 2 minutes stated in the article is an approximate, and not a guaranteed time for the selection of KC. Carsten Nohl is developing the most famous GSM hacking project. By the end of 2009, his computer security firm was going to release rainbow tables of session keys of the A5/1 algorithm, which is used to encrypt speech in GSM networks, to the public by the end of 2009. Karsten Nol explains his demarche against A5/1 as a desire to draw public attention to the existing problem and force telecom operators to switch to more advanced technologies. For example, UMTS technology involves the use of a 128-bit A5 / 3 algorithm, the strength of which is such that it cannot be hacked by any available means today. Carsten calculates that a complete A5/1 key table would be 128 petabytes in size when packaged and stored distributed across multiple computers on a network. To calculate it, about 80 computers and 2-3 months of work will be required. The use of modern CUDA graphics cards and Xilinx Virtex programmable arrays should significantly reduce the computation time. In particular, his speech at 26C3 (Chaos Communication Congress) in December 2009 made a lot of noise. Briefly formulate the essence of the speech as follows: soon we can expect the appearance of low-cost systems for online decoding A5 / 1. Let's move on to engineering problems. How to get data from the air? To intercept conversations, you need to have a full-fledged scanner that should be able to figure out which base ones are broadcasting around, at what frequencies, which operators they belong to, which phones with which TMSIs are currently active. The scanner must be able to follow the conversation from the specified phone, correctly process transitions to other frequencies and base stations. There are offers on the Internet to purchase a similar scanner without a decoder for 40-50 thousand dollars. It cannot be called a budget device. Thus, to create a device that, after simple manipulations, could start listening to a conversation on the phone, it is necessary:

b) implement a KC selection algorithm for A5/1 that works well on real data (with noise/errors, gaps, etc.);

d) combine all these points into a complete working solution.

Karsten and the rest of the researchers basically solve the "c" point. In particular, he and his colleagues suggest using OpenBTS, airdump and Wireshark to create an IMSI interceptor (IMSI catcher). So far, we can say that this device emulates a base station and is embedded between the MS and a real base station. The speakers argue that a SIM card can easily prevent a phone from showing that it is running in A5/0 encryption mode (i.e. no encryption at all) and that most SIM cards in circulation are just that. It's really possible. In GSM 02.07, it is written (Normative Annex B.1.26) that the SIM card contains a special OFM bit in the Administrative field, which, if set to one, will disable the connection encryption indication (in the form of a barn lock). In GSM 11.11, the following access rights to this field are specified: read is always available, and write permissions are described as "ADM". The specific set of rights that govern the entry in this field is set by the operator at the stage of creating SIM cards. Thus, the speakers hope that most of the cards are released with the bit set and their phones do not really show an indication of the lack of encryption. This really makes the work of the IMSI catcher much easier. the owner of the phone cannot detect the lack of encryption and suspect something. An interesting detail. Researchers have encountered the fact that phone firmware is tested for compliance with GSM specifications and is not tested for handling abnormal situations, therefore, in case of incorrect operation of the base station (for example, the “dummy” OpenBTS that was used for interception), phones often freeze. The greatest resonance was caused by the statement that for only $ 1,500 it is possible to assemble a ready-made kit for listening to conversations from USRP, OpenBTS, Asterisk and airprobe. This information was widely circulated on the Internet, only the authors of these news and articles derived from them forgot to mention that the speakers themselves did not provide details, and the demonstration did not take place. In December 2010, Carsten and Munaut (Sylvain Munaut) again spoke at the 27C3 conference with a report on the interception of conversations in GSM networks. This time they presented a more complete scenario, but it has a lot of "hothouse" conditions. For location discovery, they use Internet services, which make it possible to throw “send routing info” requests into the SS7 network. SS7 is a network/protocol stack that is used to communicate between telephone operators (GSM and landline) and to communicate between GSM network components. Further, the authors make a reference to the implementation of mobile communications in Germany. There, the RAND obtained as a result of the query correlates well with the region code (area code / zip code). Therefore, such requests there make it possible to determine with an accuracy of the city or even part of the city where this subscriber is located in Germany. But the operator is not required to do so. Now the explorers know the city. After that, they take a sniffer, go to the city they found earlier and start visiting all its LACs. Arriving at a territory that is part of some LAC, they send an SMS to the victim and listen to see if paging of the victim’s phone is going on (this happens over an unencrypted channel, in all bases at once). If there is a call, then they receive information about the TMSI that was issued to the subscriber. If not, they go to check the next LAC. It should be noted that since IMSI is not transmitted during paging (and the researchers do not know it), but only TMSI is transmitted (which they want to know), then a “timing attack” is performed. They send several SMS with pauses in between and see which TMSIs are being paged by repeating the procedure until only one (or none) remains in the list of "suspicious" TMSIs. To prevent the victim from noticing such a “probing”, an SMS is sent that will not be shown to the subscriber. This is either a specially created flash sms, or an incorrect (broken) SMS, which the phone will process and delete, while nothing will be shown to the user. Having found out the LAC, they begin to visit all the cells of this LAC, send SMS and listen for responses to paging. If there is an answer, then the victim is in this cell, and you can start cracking her session key (KC) and listen to her conversations. Before that, you need to record the broadcast. Here, the researchers suggest the following:

1) there are custom-made FPGA boards that are capable of simultaneously recording all channels of either uplink (communication channel from the subscriber (phone or modem) to the base station of the cellular operator), or downlink (communication channel from the base station to the subscriber) of GSM frequencies (890 –915 and 935–960 MHz, respectively). As already noted, such equipment costs 40–50 thousand dollars, so the availability of such equipment for a simple security researcher is doubtful;

2) you can take less powerful and cheaper equipment and listen to some of the frequencies on each of them. This option costs about 3.5 thousand euros with a solution based on USRP2;

3) you can first break the session key, and then decode the traffic on the fly and follow the frequency hopping using four phones that have an alternative OsmocomBB firmware instead of the native firmware. Phone roles: 1st phone is used for paging and answer control, 2nd phone is assigned to the subscriber for conversation. In this case, each phone must write both reception and transmission. This is a very important point. Until that moment, OsmocomBB did not actually work, and in a year (from 26C3 to 27C3) OsmocomBB was completed to a usable state, i.e. until the end of 2010 there was no practical working solution. Session key hack. Being in the same cell with the victim, they send SMS to it, record the communication of the victim with the base, and crack the key, taking advantage of the fact that during the session setup (session setup) there is an exchange of many half-empty packets or with predictable content. Rainbow tables are used to speed up hacking. At the time of 26C3, these tables were not so well filled and hacking was not done in minutes or even tens of minutes (the authors mention an hour). That is, before 27C3, even Carsten (the main researcher in this area) did not have a solution that allowed him to crack KC in an acceptable time (during which, most likely, there would be no session key change (rekeying)). The researchers then take advantage of the fact that rekeying is rarely done after every call or SMS, and the session key they learn won't change for a while. Now, knowing the key, they can decode encrypted traffic to/from the victim in real time, and do frequency hopping at the same time as the victim. In this case, four flashed phones are really enough to capture the air, since it is not necessary to write all the frequencies and all the timeslots. The researchers have demonstrated this technology in action. True, the "victim" sat still and was served by one hundredth. Summing up the intermediate result, we can affirmatively answer the question about the possibility of intercepting and decrypting GSM conversations on the fly. In doing so, you must keep the following in mind:

1) The technology described above does not exist in a form available to anyone (including script kiddies). This is not even a constructor, but a blank for constructor parts that need to be completed to a usable state. Researchers repeatedly notice that they do not have clear plans for laying out the specifics of the implementation in the public domain. This means that based on these developments, manufacturers in the Middle East are not mass-producing $100 devices that everyone can listen to.

2) OsmocomBB supports only one family of chips (albeit the most common one).

3) The method of determining the location by requests to the HLR and enumeration of the LAC works in theory rather than in practice. In practice, the attacker either knows where the victim is physically, or cannot get into the same cell as the victim. If the attacker cannot listen to the same cell where the victim is located, then the method does not work. Unlike the demo, in reality there are thousands of paging messages in a load average LA. Moreover, paging does not work at the time of sending, but at certain time windows and in batches (according to paging groups with their own queues, the number of which is the remainder of dividing IMSI by the number of channels, which can be different in each cell), which again complicates the implementation .

4) Let's say LA is found. Now we need to “feel” the subscriber's answer. The phone transmitter has a power of 1-2 watts. Accordingly, scanning it from a distance of several tens of meters is also a task (not an easy one). It turns out a paradox: LA covers, for example, an entire region (city). In it, for example, 50 cells, some of which have a range of up to 30 km. We are trying to catch and decipher radiation on an omnidirectional antenna. To accomplish this task in this embodiment, a lot of equipment is required. If we proceed from the premise under which the victim is in direct line of sight, i.e. the distance at which the interception looks more realistic, a much more effective and simpler directional microphone. It should be noted that in the demonstration, the researchers intercept their phones at a distance of 2 meters.

5) The movement of the prey between cells also causes problems, because you also need to move with it.

8) Listening to the entire network will not work, you need to know the phone number.

Not so long ago, I studied the possibilities of HackRF to analyze the traffic of GSM networks, the synchronization signal of the device floats somewhat, but in any case, the result will be access to various system messages. Further, I assume that you have linux installed with gnuradio, and you are also the proud owner of hackrf. If not, you can use a live cd, information about which is in the "Software" section of the forum. This is a great option when hackrf works right out of the box.

First we need to determine the frequency of the local GSM station. For this I used gprx, which is included with the live cd. After analyzing frequencies around 900 MHz, you will see something like this:

You can see fixed channels on 952 MHz and 944.2 MHz. In the future, these frequencies will be the starting points.

Now, with the help of the following commands, we must install Airprobe.

git clone git://git.gnumonks.org/airprobe.git

cd airprobe/gsmdecode
./bootstrap
./configure
make

cd airprobe/gsm receiver
./bootstrap
./configure
make

Installation completed. Now we can receive the GSM signal. Run wireshark with the command

Select "lo" as the receiving device, and select gsmtap as the filter, as shown in the following figure:

Now go back to the terminal and type

cd airprobe/gsm-receiver/src/python
./gsm_receive_rtl.py -s 2e6

A pop-up window will open and you will need to turn off auto-collection, as well as set the slider to maximum. Next, we enter the GSM frequencies obtained earlier as the middle frequency.

We also select the peak and average values in the trace options section, as shown below:

You will see that only the correct sequence signal (blue graph) goes beyond the peak value (green graph) in places, indicating that this is a permanent channel. Now we need to start decoding. In the window, click on the middle of this same frequency jump. You may see errors, but this is normal. I started getting data in this way:

Now you can notice that gsm data is coming to wireshark. As I mentioned at the beginning of the article, the clock signal floats, so you need to keep clicking on the circuit to maintain the set frequency. However, the program works pretty well. As funny as it sounds, wrapping your hack rf in a towel (or similar) will increase the thermal stability of the clock signal and reduce spread. On its own, you probably won't find this method very useful, but I think at least it shows the huge potential of HackRF.

GSM interception
*GSM 900* Interception
The product *GM* is designed to receive and process signals
standard GSM-900, 1800 both in the absence and in the presence of cryptoprotection
(algorithms A5.1 and A5.2).
"GM" allows:
- control direct control or voice channel (radiation
bases)
- monitor the reverse control or voice channel (radiation
tubes)
- scan all channels in search of active ones in a given location
- scan channels selectively and set their rescanning time
- organize end-to-end listening
- organize selective listening by known TMSI, IMSI, IMEI,
AON number, Ki.
- automatically record the conversation on the hard drive
- control the conversation without recording
- search for an active subscriber (for open channels)
- fix the number dialed by the cellular subscriber
- fix the phone number of the caller on the cellular device (if
enabled caller ID system)
- display all registrations in the channel
The product contains two receiving channels - forward and reverse.
In the absence of cryptoprotection, *GM* can operate in two modes:
- search for an active mobile subscriber.
In the presence of cryptoprotection only in the mode
- control of the control channel of the station (forward and reverse);
When monitoring the control channel of a station, *GM* determines the following
parameters for each connection:
- IMSI or TMSI (depending on the mode of operation of the controlled
my network, these signals are transmitted by the base station);
- IMEI (when requested by the base station and when the energy

Availability of the mobile subscriber, since the radiation is fixed
tubes);
- dialed number (when connecting initiated by the mobile
of the subscriber and with his energy availability, since in this case the
tube radiation);
- ANI number (when it is transmitted by the base station).
In the active subscriber search mode, any next call is monitored.
compound. In this mode, *GM* constantly scans the entire range and
when an active subscriber is detected, it switches to control mode (of course
if the subscriber is currently talking, because the device turns on the transmitter
only for the duration of the call). If necessary (if this conversation is not
interested) the operator can reset the control mode and “GM” will again go to
into scan mode until it finds another active party. Mode
searching for an active subscriber is advisable to use when maintaining. AT
*GM* does not detect subscriber identifiers in this mode of operation!
When monitoring the control channel of the base station, two options are possible
works:
- in through mode
- in the feature selection mode
In end-to-end mode, the first available conversation in
monitored cell, and all registrations are displayed. If given
the conversation is not interesting, then the control can be stopped by pressing the button
Break.
In the selection mode, only connections with a given
TMSI, IMSI, IMEI, ANI number or dialed number. Selection list
includes up to 200 identifiers. In case of closed channel control
crypto mode selection is carried out according to the known Ki, which allows
uniquely identify the subscriber without specifying TMSI, IMSI or IMEI.
The selection list includes up to 40 subscribers.
*GM* is made in the form of a monoblock measuring 450x250x50 mm. Control
work *GM* is carried out from an external PC (it is possible to connect
laptop) via the RS-232 serial port.
The package includes a device with software,
allowing to read the Ki parameter from the SIM card, the reading takes place in
within 10 hours.
*GM* powered by mains alternating current 220V. so
DC voltage 12 V, for example from the on-board network of the car.
Under the order, it is possible to manufacture channels in the range of 1800 MHz and 450 MHz.

Abbreviation and designations
TMSI - temporary identifier (number) of the mobile subscriber
IMSI - International Mobile Subscriber Identity
IMEI - International Equipment Identification Number
mobile
stations
Ki – subscriber's individual authentication key
1. The complex is designed to receive signals from the TTT system.
2. The complex has two receiving and processing channels - one in the upper and one in the lower part of the range.
3. The complex provides tuning to any of the 124 possible control channels.

4. During the operation of the complex, two modes are possible:
- without selection;
- with selection.
The selection table can include up to 40 identifiers.
The identifier consists of IMSI and IMEI (it is possible to specify only IMSI or only IMEI).
The complex performs selection by IMSI, IMEI and TMSI. Selection by TMSI after turning on the complex
provided only after receiving a command with a given IMEI or IMSI.
Attention! IMEI - handset identification number (determined by its manufacturer). IMSI -
international identification number of the subscriber (recorded in the SIM card). In general, there is no direct
correspondence to the city number of the subscriber. The correspondence table is set by the operator (the company issuing
tubes).
5. Outgoing number identification is provided.
6. The handover mode is being worked out.
7. Processing in accordance with A5 algorithms is not provided.
8. The complex is controlled by a Windows program via a serial port.
9. Registration can be carried out both on a tape recorder and on a sound blaster.
10. When the power is turned on, the complex switches to the active subscriber search mode. Upon its discovery
the complex goes into receive mode. Reset of the subscriber is provided. In this mode, the control
no computer required. In this mode, subscriber IDs are not determined.
After starting the control program, the complex switches to the control mode of the specified channel
management (enforcement of points 3 ... 5 is ensured).

BRIEF DESCRIPTION OF THE SYSTEM.
The widespread use of the system began in 1993 with the establishment of MTS and
obtaining permission to use the range 890 - 915 MHz and 935 - 960 MHz without 10 MHz,
intended for the operation of the radar.
According to the open press, there are currently between 180,000 and 220,000
users. According to economic indicators, the system is quite expensive and its users, as
as a rule, there is a stratum of society belonging to the so-called middle class (at least).
This fact created the prerequisites and the need to develop means of control over information,
system circulating in the network.
This standard has become widespread in areas with high population density.
The system is currently deployed and in operation in the following cities:
- MOSCOW;
- SAINT PETERSBURG;
- SAMARA;
- TOLYATTI;
- ROSTOV-ON-DON;
- KALUGA;
- SEVERODVINSK;
- MURMANSK;
- SMOLENSK;
- TULA;
- PSKOV;
- RYAZAN;
- VLADIMIR;
- ARKHANGELSK;
- PETROZAVODSK.
- KYIV
- DNEPROPETROVSK
- DONETSK
- ODESSA
The introduction of the system in some other cities, such as Yaroslavl, is also ending.
The standard provides automatic roaming with approximately 58 countries of the world.

The advantages of the system include a digital method of data transmission, a large number of
simultaneously served subscribers, the difficulty of creating twins (cloning a SIM card), convenience
subscriber operation, the ability to identify stolen devices when using legal SIM-cards and
etc.
The above factors have determined the feasibility of creating controls.
BASIC ALGORITHMS OF COMPLEX FUNCTIONING.
Radio traffic processing algorithms provide the most complete and high-quality access to
information circulating in the network, and also allow you to increase the capabilities of the complex when
new standards without changing the basic software by adding additional
modules. These include, for example, the planned introduction of a speech-enhanced vocoder,
data and facsimile transmissions. During the trial operation of the complex, it is possible to refine
modes for specific user tasks.
The complex is used in stationary and mobile versions.
MODES OF WORK.
(basic delivery set)
The scan mode allows you to determine the visible frequencies of the base stations at the standing point, as well as
basic network settings. In the course of work, the choice of time for analyzing a specific frequency is provided and
the mode of operation of the control channels is analyzed. This mode provides optimal
receive path configuration. The selected configuration can be loaded or saved on the fly.
Manual Scan Mode #1 provides automatic detection of loaded channels
visible frequencies with an indication of the presence of activity. Allows the operator to select which active
speech slots. If there is a subscriber in the radio visibility zone, it provides duplex reception.
Manual Scan Mode #2 provides automatic tuning to visible frequencies with
stop on active frequency slots and form up to four duplexes in end-to-end mode
machine. When the active channel is disabled, autoscan continues. Possible to continue
scanning by operator commands. This mode allows you to fix the negotiations in the machine
in the absence or presence of an operator of the maximum possible number of channels. Mainly used for
low traffic activity, for example, when there is no operator at night or when there are few
visible frequencies. Provides duplex reception in the presence of the latter in the radio visibility zone.
The mode of operation by temporary numbers allows on selected control channels (no more than six)
provide automatic tuning to temporary numbers of subscribers with statistics, and when choosing
a subscriber of interest according to the information received or when re-registering in the network when working in
mobile version, enter it into the database and constantly monitor with continuous monitoring.
The probability of constant control depends on the number of crossover frequencies (at 10-12, the probability
is 80%), as well as on the speed of movement (up to 80 km / h according to the standard of the signal used).
Additional delivery set.
Energy Determination Mode #1 provides determination of energetically available
determining active frequencies and issuing the result to the operator, at the command of the latter,
setting the channel for reception with simultaneous reception of duplex. Number of reception channels - up to four
duplexes.
Energy Determination Mode #2 provides determination of energetically available
subscribers within the range of portable devices. Allows you to provide auto-scan range with
determination of active frequencies and automatic tuning to active slots with fixation of negotiations. By
When the session ends, auto-control continues.
With the extended version, a module is supplied that allows you to determine and identify, when
the presence of a portable device in the radio visibility zone, the number of a fixed or mobile subscriber when
call in the direction of the base station, as well as when passing IMEI numbers make identification
subscriber.
Regions in Russia where MTS subscribers can use communication services:
(data as of April 6)
1. MTS
Moscow, Moscow region, Tver, Tver region, Syktyvkar, Ukhta, Kostroma, Komi Republic.
2. Russian Telephone Company (RTK) - connected to the MTS switch

Vladimir, Vladimir region, Kaluga, Kaluga region, Pskov, Ryazan, Ryazan region, Smolensk,
Smolensk region, Tula, Tula region
3. Recomm
Eagle, Lipetsk.
4. Tambov telecommunications
Tambov, Michurinsk.
5. National roaming
City, operator Service area
1. St. Petersburg
Northwest GSM
(250 02)
Arkhangelsk,
Vologda,
Leningrad region.,
Murmansk,
Novgorod the Great,
Petrozavodsk,
Severodvinsk,
Cherepovets
2. Samara
SMARTS
(250 07)
Astrakhan,
Tolyatti,
Ufa
3. Rostov-on-Don
Dontelecom
(250 10)
Azov,
Taganrog
4. Krasnodar
Kuban GSM
(250 13)
Adler, Anapa,
Gelendzhik,
Hot key,
Dagomys, Yeysk,
Lazarevskaya, Matsesta,
Krasnaya Polyana,
Dinskaya, Novorossiysk,
Tuapse, Sochi,
Timashevsk, Temryuk,
Krymsk, Khosta
5. Yekaterinburg
Uraltel
(250 39)
6. Nizhny Novgorod
NSS
(250 03)
(!!! For outgoing communication, you need
international access)
7. Stavropol
BecomingTeleSot
(250 44)
Essentuki,
Nevinomissk,
Kislovodsk,
Pyatigorsk,
Mineral water
8. Novosibirsk
CCC 900
(250 05)
9. Omsk
Mobile communication systems
(250 05)
10. Surgut
Ermak RMS
(250 17)
Langepas,
Nizhnevartovsk,
Megion,
Khanty-Mansiysk,
Neftyugansk
11. Khabarovsk
Far Eastern cellular
systems-900
10
(250 12)
12. Kaliningrad
EXTEL
(250 28)
International roaming
Country Operators
1. Austria 1. MobilKom
2. max mobile. Telecom Service
3. CONNECT
2. Australia 4. Telstra
3. Azerbaijan (CIS) 5. Azercell
4. Andorra 6. STA
5. Bahrain 7. Batelco
6. Belgium 8. Belgacom Mobile
9 Mobistar S.A.
7. Ivory Coast 10. SIM
8. Bulgaria 11. MobilTel AD
9. UK 12. Vodafone Ltd.
13. Cellnet
14. Orange GSM-1800
10. Hungary 15. Westel 900 GSM Mobile
16. Pannon GSM
11. Germany 17. DeTeMobile (D-1)
18. Mannesmann Mobilfunk (D-2)
12. Greece 19. Panafon S.A.
20. STET Hellas
13. Georgia (CIS) 21. Geocell
22 Magticom Ltd
14. Hong Kong 23. Hong Kong Telecom CSL
24. Hutchison Telephone Comp.
25.SmarTone Mobile Communications
15. Gibraltar 26. Gibtel
16. Denmark 27. Sonofon
28 TeleDanmark Mobil A/S
17. o. Jersey 29. Jersey Telecoms
18. Italy 30. TIM
31. Omnitel Pronto Italia S.p.A.
19. Iceland 32. Lands siminn
33.TAL
20. Spain 34. Airtel Movil, S.A.
35. Telefonica Moviles
21. Indonesia 36. Satelindo
37. PT Excelcomindo Pratama
38. Telkomsel
22. Ireland 39. Aircell
40. Esat Digifone
23. Cyprus 41. CYTA
24. China 42. China Telecom
25. Latvia 43. LMT
44. Baltcom GSM
26. Lithuania 45. Bite GSM
46. Omnitel
27. Lebanon 47. LibanCell
48. FTML S.A.L.
28. Luxembourg 49. P&T Luxembourg
50. Tango
29. o. Maine 51. Manx Telecom Ltd.
30. Macau 52. CTM
31. Macedonia 53. GSM MobiMak
11
32. Mauritius 54. Cellplus
33. Malaysia 55. Celcom
34. Malta 56. Telecell Limited
57 Vodafone Malta
35. Moldova 58. Voxtel
36. Norway 59. Telenor Mobil AS
60. NetCom GSM as
37. New Zealand 61. BellSouth New Zealand
38. Netherlands 62. Libertel B.V.
63. KPN Telecom
64. Telfort
39. UAE 65. Etisalat
40. Portugal 66. Telecel
67.TMN
41. Poland 68. Polska Telefonia Cyfrowa (ERA)
69. Polkomtel S.A.
70. Centertel GSM-1800
42. Romania 71. MobilFon SA
72. Mobil Rom
43. USA 73. Omnipoint
44. Singapore 74. SingTel Mobile (GSM 900/1800)
75.Mobile One
45. Slovakia 76. Globtel
77. EuroTel Bratislava
46. Slovenia 78. Mobitel
47. Thailand 79. Advanced info service (AIS)
48. Taiwan 80. Chunghwa Telecom LDM
81.GSM PCC
82. FarEasTone
83Mobitai Communications Corp.
49. Turkey 84. Telsim
85. Turkcell
50. Uzbekistan 86. Coscom
51. Ukraine 87. UMC
88. Kyivstar
89.URS
52. Finland 90. Oy Radiolinja Ab
91. Sonera
53. France 92. SFR
93 France Telecom
54. Croatia 94. HPT
55. Czech Republic 95. EuroTel Praha
96.RadioMobil
56. Sweden 97. Europolitan AB
98 Comviq GSM AB
99 Telia Mobile AB
57. Switzerland 100. Swiss Telecom PTT
58. Sri Lanka 101. MTN
59. Estonia 102. EMT
103. Radiolinja Eesti
104. AS Ritabell
60. Yugoslavia 105. Mobtel *Srbija* BK-PTT
106. ProMonte (Montenegro)
61. South Africa 107. MTN
108. Vodacom (Pty) Ltd

It can be ordered!
Draw your own conclusions.

Computer tips for novice users