What does HackerNews think of Android-IMSI-Catcher-Dete?

Looks like any app can be installed silently behind your back with GTalkService that is running on your Android phone

https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...

https://jon.oberheide.org/blog/2010/06/28/a-peek-inside-the-...

---------------------

Google Play Services spyware discussion

https://forum.xda-developers.com/t/guide-insanely-better-bat...

https://forum.xda-developers.com/t/app-disable-service-guide...

---------------------

"...the cellular carrier can send blobs of FORTH code right to the radio. The radio firmware also seems to have an IP stack (with TCP) so it can do its own interesting things (both bad and good)..." https://boston.conman.org/2013/01/22.2

"...easily spotted loads and loads of bugs, scattered all over the place, each and every one of which could lead to exploits – crashing the device, and even allowing the attacker to remotely execute code. Remember: all over the air. One of the exploits he found required nothing more but a 73 byte message to get remote code execution. Over the air..."

"... It’s kind of a sobering thought that mobile communications, the cornerstone of the modern world in both developed and developing regions, pivots around software that is of dubious quality, poorly understood, entirely proprietary, and wholly insecure by design." https://www.osnews.com/story/27416/the-second-operating-syst... (archive: https://archive.is/FOR5V)

https://news.ycombinator.com/item?id=6722539

https://news.ycombinator.com/item?id=6722732

https://news.ycombinator.com/item?id=6722648

https://news.ycombinator.com/item?id=6738066

https://news.ycombinator.com/item?id=6724034 <-- Seems to be higher risk with Qualcomm basebands where everything is integrated

-------------------

SIM card reader chips have their own operating system https://en.wikipedia.org/wiki/SIM_card#Design

Rooting SIM cards https://archive.is/3ZohQ

https://news.ycombinator.com/item?id=6722896

https://news.ycombinator.com/item?id=6724215

https://news.ycombinator.com/item?id=6723236

-------------------

No, that was most likely spam. You cant even see service updates(OTA), just like silent sms(type0) they are invisible to the user.

https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...

There is an Android app called IMSI-Catcher Detector[0] that is supposed to help you detect when you're connected to a stingray-type device. I ran it for around a year and it never once picked up on anything. I'm not involved on the project and can't personally say if it will catch anything or not, but it is open source[1].

[0] https://cellularprivacy.github.io/Android-IMSI-Catcher-Detec...

[1] https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...

No, there are stealth SMS messages and your baseband processor is receiving/answering them even when phone is off but battery is inside.

https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...

There's an app for that: https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...