Chilling and annoying news in the Daily Express and Daily Mail today; http://www.dailymail.co.uk/pages/live/articles/news/worldnews.html?in_article_id=476959&in_page_id=1811

DAILY MAIL 22 AUG 07 Page 15

Taliban fanatics are tapping the mobile phones of British soldiers and calling their families to tell them their loved ones are dead.
They may also be using the calls home to pinpoint the positions of camps in Afghanistan's wartorn Helmand province.
Forces in Afghanistan have now been banned from using mobile phones to stop the infiltration.
It follows a similar ban in Iraq last year when numbers were also used to make threats.
The wife of an RAF officer received one of the calls and was told: "You'll never see your husband alive - we have just killed him."
When she rang the RAF she was told her husband was safe and well.
A senior Army source said: "Troops using their mobiles are presenting a huge security problem.
"The Taliban now have access to hi-tech security equipment which enables them to listen into conversations and track our movements.
"As in Iraq they can download numbers troops use with their phones.
"Any numbers going to England can then be called, or used to get addresses and to send poison-pen letters to relatives."
When a similar tactic was used in Iraq about 20 nuisance calls were made to relatives of British troops serving in Basra or Al-Amarah.
Intelligence analyst have tracked the taunting calls to numbers in Pakistan, a hotbed for Islamic extremism and the Taliban's main recruiting ground.
It is thought the calls are being intercepted by Pakistan's ISI spy agency, a known supporter of the Taliban, which may also be getting information from Iran.
Mobile phone security has only recently become an issue in Helmand as communications coverage has only recently been upgraded.
Mobiles now work at the main base, Camp Baston, in what has become known as Afghanistan's Desert of Death.
An Army spokesman said: "Mobiles have been withdrawn from personnel in Afghanistan for reasons of operational security.
"This has been well received by the troops who understand the reasons."
Nearly 6,000 British troops are based in Helmand.


I'm not nor ever have been in either current sandpit but is banning the use of mobile TFs the best option? What a morale booster that must be. How about briefing wives and families on this new interference and teach them some choice Muslim/Arabic insults? Perhaps something like "your mother was a hamster and your father smelt of elderberries!" Something basic that would really hurt barstewards.

Does this give the impression that the terrs have infiltrated the telephone networks or is my understanding of the technology flawed?

It is strangely difficult to listen to modern digital cellphone calls (it used to be very easy to listen to analog types). There's always at least two frequencies involved and it can hop around, both as it feels the need, and as you move between cell sites. Since the coordinating information for this is embedded in a moderately complicated digital bitstream, following it is a bind. This digital bitstream is subject to what might be called casual encryption (it's hardly military grade, but it's far from plaintext) and you must perform a cryptographic attack on the data you receive to extract telemetry and voice.

The technology to do it, in realtime, does exist. I would expect GCHQ to have it, but we couldn't get it to prove the point for a TV documentary I was involved with. It would suggest the Bad Guys had a level of signals intelligence capability which is not typical of what we've all been led to believe exists, so the Pakistan connection might follow.

I would first look at people physical security issues on people's handsets.

Phil

Would signal even have to be eavesdropped?
How top-notch is security at offices of Lashkar Gar TelCom Inc., or whatever they're called?
Is it just possible that someone who doesn't like us knows someone who works there?

It is true that digital phones are harder to 'eavesdrop' than the older analogue types. However, I can remember a brief when a GCHQ employee informed us that once the call reaches a telephone exchange, it doesn't matter what format the original call originated in.

So, as scribbler has already suggested, it may be down to the security at the local phone companies, rather than the Taliban having some very advanced espionage eqpt.

I heard yesterday that a friend in Iraq, taking to his wife in UK, had a call interrupted last week with just such a threat.

He was told to :mad: as certain measures such as :mad: are in place to prevent :mad: but it can be very unnerving.

Chalk up another rip-roaring success for contracting out :ugh:

GSM phones normally encrypt the radio part of the call, however the handset is instructed to do this by the base station. In India all GSM calls to/from the base station are un-encrypted, as that is the law. Once the call passes from the base station onto the fixed network it will not be encrypted, as the GCHQ man says.

One technique used by the spooks is to insert a dummy base station. This then instructs the handset to turn off encryption until further notice. So long as the spook remains within range they can listen to both legs of the call. This kit is impossible to buy unless you are approved by HMG or the US Govt.

This kit is impossible to buy unless you are approved by HMG or the US Govt.


$$$$$$$$$$$$$$$$$$

This kit is impossible to buy unless you are approved by HMG or the US Govt.http://www.alexanderpringwilson.org/images/emoticons/lmao.gif Sort of like End user certificates, right? :hmm:

Comstrac: (http://www.comstrac.com/) "Representative offices/dealers in: ....Lebanon, Libya....Pakistan.... Saudi Arabia... Syria.....

No point in spending huge $$ on kit, when as rightly pointed out, you can lift the info of the network.

Next thing is...Who do you think the Telcos are recruiting as engineers to maintain the network. Westerners, or locals. Work it out.

These engineers also have access to tools used to optimise the radio network, and this includes subscriber location algorithms. Lat/Longs for the call origin. Potential there for incoming following the call home?

So it seems that there has been no change since Kosovo in '99, when we were ordered not to use mobile phones because the transition from mobile network to landline was in Serbia!
The bad guys do not have to worry about the encryption because all they need to get from the base station is the number in the UK or Germany that Tommy Atkins dialled and then they can call Mrs Atkins at their leisure.
It sucks having to rely on the very limited Paradigm calls home but mobiles are not secure.

maybe there could be a single UK number forces members could call, and only when the call completes enter an "extension number" which redirects to a number they nominated pre deployment. Therefore if all the bad guys could manage is a billing list, it wouldn't tell them quite as much.

Notwithstanding what it says in the article mobiles haven't been withdrawn in Iraq. Even with all the warning posters and briefings a considerable number of folks still use their mobile phones. I will not risk my family who worry enough, they understand that land line and email are how we will correspond!!

Smudge

The difficult part to intercept is the radio link between the handset and the cell. However the rest of the connection is over good old copper/fibre/satellite using normal phone techniques and can be easily monitored, including information such as dialled digits.
So rather than have expensive radio monitoring kit I would guess they log onto the exchange and use the engineering commands.

> land line

...won't help you if the problem is at the exchange.

P

No offence gents, but is this really the best place to be discussing how we may or may not use technology to intercept phone calls?

Just write a letter!

There seems to be a taboo on the restirction of creature comforts such as mobile phones because of the effect it will have on morale. Morale should be treated as a more subtle and complicated subject than this. Without going into a diatribe about the factors influencing morale the fact is that you don't need a mobile phone in the field. They present a multitude of problems not least of which is OPSEC. Ban the carriage of mobile phones on operations - the key is to ensure it is actively enforced for everyone - common hardship rarely effects morale.

Well in any case pre-deployment training for the Army at least has been advising of a blanket 'no mobile phones in theatre' policy for some time now. Surely the RAF have been doing the same and if so has the victim been rebriefed? if not why not?

No offence gents, but is this really the best place to be discussing how we may or may not use technology to intercept phone calls?Nothing been written on here that is not all over the web. The techniques used to make/break GSM encryption have been discussed at length on open fora since the launch of GSM.

A much better solution would be to use encrypted VoIP (http://zfoneproject.com/) - much more secure to deploy, and there's no trace in the local telco's records, as their switch does not do any of the routing. The IP packets won't reveal the number being called, if there is one. No numbers on Skype for example, which is also encrypted, though not the the strongest standard. VoIP calls can be made from many PDAs, some mobiles and all PCs of course.

One of the greatest inventions of the 20th century, yet one of the biggest pains in the a*se for traditional social intercourse
I suppose some nerds will be suing the MoD for "traumatic stress withdrawal symptoms" having been separated from their mobile for more than 1 hour!:)
How about claims for arthritic cramp for not being allowed to text for at least 10 times an hour?:) - must be some ambulance chasers out there watching this thread::p
Hopefully this message has now got through to the selfish and thoughtless few who put the lives of others at risk - but I doubt it

John Chapter 8. Para 3:7

Okay vecvec, I will cast the first stone. I have never used my mobile phone whilst on ops. OPSEC is not a dirty word..........Crevice, however.

I came back to offer VoIP.. well done that man! As for discussing how to tap GSM on an open forum. Its right that we discuss it here - we can show our own community how vulnerable we are. Theres a certain nievity in the way we conduct our lives in the electronic age, but nothing has changed. Since Phidippides launched high speed communication we've always tried to intercept the message. Back in time, we would mug the runner, since AGB we put a man in the exchange and undoubtably thats whats happening now - if the police out there are subject to corruption, so are all the other walks of life.

There seems to be a taboo on the restirction of creature comforts such as mobile phones because of the effect it will have on morale. Morale should be treated as a more subtle and complicated subject than this. Without going into a diatribe about the factors influencing morale the fact is that you don't need a mobile phone in the field. They present a multitude of problems not least of which is OPSEC. Ban the carriage of mobile phones on operations - the key is to ensure it is actively enforced for everyone - common hardship rarely effects morale.
What about iPods? Can I still carry my iPod?

Yeah, you can still use your iPod. Just don't cry when the Iranians confiscate it! :{

Assuming - and it's merely an assumption, but I'll see what people who know about such things say - that the Taliban don't have proper GSM interception equipment, then the most effective, cheap and reliable way to monitor and interfere with mobile phone calls is elsewhere on the network, as has been said. Tapping microwave links between base stations is usually the best way, but if you've got a pal in the network operator who'll let you bung some kit inside the switch you can do what you like.
Also see http://en.wikipedia.org/wiki/Greek_telephone_tapping_case_2004-2005
There will be two ways to militate against this. Ban mobile phones, or run your own GSM network and maintain appropriate security -- in other words, see mobiles as part of your tactical communications strategy, and deploy suitably modified commercial off-the-shelf kit to support it. Operators do this anyway - they tow a COW (Cell On Wheels) into a field, pump up the mast, point a dish at a satellite and there's your infrastructure.
Perhaps Blandford Forum could have a word with Nokia.
R

We've had the $$$$$$ scenario for air interception. The MW interception - again not the easiest, but the simple fact remains, the guy in the switch in these countries is paid peanuts. How little cash compared to the first two scenarios could change his life? Thats where your leak is -guaranteed.

Monitoring xxx interface to the BTS/Node B is all it takes. And thats giving no secrets, if you are capable of operating the commercially available equipment, you already know where to plug it in.

The instant you use a transmitter, you've given away some intelligence. In fact, if the enemy is close enough, the instant you use a receiver, you've given away some intelligence. Basic, basic ECCM.

It's not rocket science, and one can develop this theme as much as one likes. It becomes a matter of policy how much low level int one is willing to gift to the enemy versus the inconvenience of taking steps to guard against this.

Electronic silence, anyone?