<div dir="ltr"><div dir="ltr">I'm not finished reading this paper, but there's a subtle
observation in it about passive IMSI-catching attacks I found
interesting/haven't seen mentioned elsewhere: "However, the passive
approach is slow since an attacker has to wait for a mobile device to
transmit its IMSI spontaneously, which is an uncommon event in most
locations <b>(exceptions are, e.g., airports)</b>" ... because as soon
as people's planes land they turn on their phones. Since so many foreign
mobile phone users pass through them, airports must have an interesting
variety of cell network traffic! (Also, makes me vaguely curious what
the presence of IMSI-catchers around the Vegas airport is like the week
of Blackhat/Defcon/etc.)<br></div><div dir="ltr"><br></div><div>I really hope
the authors submit to RWC (maybe I should email them and suggest this).
There was only one talk related to IMSI-catching last year, and it was
on how you can setup an IMSI-catcher without needing to write any actual
code.</div></div><br><div class="gmail_quote"><div dir="ltr">On Fri, Sep 14, 2018 at 9:51 AM Joseph Lorenzo Hall <<a href="mailto:joe@cdt.org">joe@cdt.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I'd be interested in that too... I'm curious if the IMSI-catcher resistance will actually survive practicality and deployment.<br></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Sep 13, 2018 at 9:53 PM yomna n <<a href="mailto:yomnanasser@gmail.com" target="_blank">yomnanasser@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Does anyone know if there's a publicly accessible talk that accompanies this paper anywhere? I've done quite a bit of googling and haven't been able to find anything.</div><br><div class="gmail_quote"><div dir="ltr">On Thu, Sep 13, 2018 at 8:04 PM Cooper Quintin <<a href="mailto:cooperq@eff.org" target="_blank">cooperq@eff.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hah nevemind, Seamus sent it months ago, which is probably why I had the<br>
tab open. Carry on! :)<br>
<br>
Cooper Quintin<br>
Senior Staff Technologist | EFF<br>
PGP: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA<br>
Twitter: @cooperq<br>
<br>
On 09/13/2018 05:03 PM, Cooper Quintin wrote:<br>
> I can't remember if it already got sent to the list or not, but this 5G<br>
> security proposal from erricson was pretty interesting.<br>
> <a href="https://www.ericsson.com/research-blog/protecting-5g-imsi-catchers/" rel="noreferrer" target="_blank">https://www.ericsson.com/research-blog/protecting-5g-imsi-catchers/</a><br>
> <br>
> I was going to write to the guys who wrote it and see if any of their<br>
> proposals made it into the final spec.<br>
> <br>
_______________________________________________<br>
CSS-research mailing list<br>
<a href="mailto:CSS-research@lists.eff.org" target="_blank">CSS-research@lists.eff.org</a><br>
<a href="https://lists.eff.org/mailman/listinfo/css-research" rel="noreferrer" target="_blank">https://lists.eff.org/mailman/listinfo/css-research</a><br>
</blockquote></div>
_______________________________________________<br>
CSS-research mailing list<br>
<a href="mailto:CSS-research@lists.eff.org" target="_blank">CSS-research@lists.eff.org</a><br>
<a href="https://lists.eff.org/mailman/listinfo/css-research" rel="noreferrer" target="_blank">https://lists.eff.org/mailman/listinfo/css-research</a><br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="m_8239769222194940gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Joseph Lorenzo Hall<br>Chief Technologist, Center for Democracy & Technology [<a href="https://www.cdt.org" target="_blank">https://www.cdt.org</a>]<br>1401 K ST NW STE 200, Washington DC 20005-3497<br>e: <a href="mailto:joe@cdt.org" target="_blank">joe@cdt.org</a>, p: 202.407.8825, pgp: <a href="https://josephhall.org/gpg-key" target="_blank">https://josephhall.org/gpg-key</a><br>Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871<br><br></div></div></div>
</blockquote></div>