Results 1 to 5 of 5
  1. #1
    Pete Stephenson
    Guest
    Greetings all,

    I'm a recent convert from (Verizon|Cingular|T-Mobile|Nextel|Back To
    T-Mobile) to SprintPCS.

    I'm mildly concerned about the possibility of eavesdropping of calls
    over the air. I seem to recall (when I was using Verizon, about three or
    four years ago) that there was some sort of in-call encryption option
    that could encrypt one's conversations to reduce eavesdropping. I don't
    seem to recall that Verizon ever supported it in my area, but it was an
    option on the phone.

    Does Sprint offer any sort of privacy-enhancing service such as this, or
    is one limited to the frequency-hopping benefits of CDMA?

    I have no reason to suspect that anyone would be monitoring my calls,
    but in today's society it is wise to be prudent.

    Cheers!

    --
    Pete Stephenson
    HeyPete.com



    See More: SprintPCS security?




  2. #2
    carcarx
    Guest

    Re: SprintPCS security?

    Since your phone emissions look like broadband noise it's difficult for
    anyone
    to tell which, among the different phone conversations occuring to the
    cell sector,
    is your conversation. It's just a bunch of broadband noise all jumbled
    up together.

    It'd be much more feasible for someone to put a tiny "bug" on your
    phone,
    or to bribe someone who has access to the landline side of the SPCS
    infrastructure
    to tap your call.




  3. #3
    Central
    Guest

    Re: SprintPCS security?

    On Sun, 05 Dec 2004 23:44:53 -0800, Pete Stephenson wrote:

    > Greetings all,
    >
    > I'm a recent convert from (Verizon|Cingular|T-Mobile|Nextel|Back To
    > T-Mobile) to SprintPCS.
    >
    > I'm mildly concerned about the possibility of eavesdropping of calls
    > over the air. I seem to recall (when I was using Verizon, about three or
    > four years ago) that there was some sort of in-call encryption option
    > that could encrypt one's conversations to reduce eavesdropping. I don't
    > seem to recall that Verizon ever supported it in my area, but it was an
    > option on the phone.
    >
    > Does Sprint offer any sort of privacy-enhancing service such as this, or
    > is one limited to the frequency-hopping benefits of CDMA?
    >
    > I have no reason to suspect that anyone would be monitoring my calls,
    > but in today's society it is wise to be prudent.
    >
    > Cheers!


    Calls in cdma are not encrypted but the design of cdma makes it near
    impossible to eavesdrop on. The voice channels between the tower and the
    phone are keyed with three things which are a code, your esn, and the
    current time. For someone to recreate the call they would have to sniff
    all cdma traffic on the paging channel to figure out the code given to
    your phone and then maybe figure out the difference, exactly, between the
    phone's internal clock and the tower's clock which initializes the phone's
    clock at power on, following this then figure out what the phone's esn is
    which never gets sent out over the air. To do all this requires some very
    expensive/flexible radio equipment and then requires you to brute
    force a 11digit number. There are some possibilities of attacks on the
    cdma protocol, or ways to switch the phone to analog mode remotely
    but such options require you to transmit with enough power to override the
    tower and again very complex radio equipment.

    So if someone wants to eavesdrop on your call and the data is so valuable
    or incriminating for them to try. Then it would be quicker(and cheaper) to
    physically break into the tower/repeating station or directly tap the
    lines at your cdma provider.



  4. #4
    Central
    Guest

    Re: SprintPCS security?

    On Sun, 05 Dec 2004 23:44:53 -0800, Pete Stephenson wrote:

    > Greetings all,
    >
    > I'm a recent convert from (Verizon|Cingular|T-Mobile|Nextel|Back To
    > T-Mobile) to SprintPCS.
    >
    > I'm mildly concerned about the possibility of eavesdropping of calls
    > over the air. I seem to recall (when I was using Verizon, about three or
    > four years ago) that there was some sort of in-call encryption option
    > that could encrypt one's conversations to reduce eavesdropping. I don't
    > seem to recall that Verizon ever supported it in my area, but it was an
    > option on the phone.
    >
    > Does Sprint offer any sort of privacy-enhancing service such as this, or
    > is one limited to the frequency-hopping benefits of CDMA?
    >
    > I have no reason to suspect that anyone would be monitoring my calls,
    > but in today's society it is wise to be prudent.
    >
    > Cheers!


    Calls in cdma are not encrypted but the design of cdma makes it near
    impossible to eavesdrop on. The voice channels between the tower and the
    phone are keyed with three things which are a code, your esn, and the
    current time. For someone to recreate the call they would have to sniff
    all cdma traffic on the paging channel to figure out the code given to
    your phone and then maybe figure out the difference, exactly, between the
    phone's internal clock and the tower's clock which initializes the phone's
    clock at power on, following this then figure out what the phone's esn is
    which never gets sent out over the air. To do all this requires some very
    expensive/flexible radio equipment and then requires you to brute
    force a 11digit number. There are some possibilities of attacks on the
    cdma protocol, or ways to switch the phone to analog mode remotely
    but such options require you to transmit with enough power to override the
    tower and again very complex radio equipment.

    So if someone wants to eavesdrop on your call and the data is so valuable
    or incriminating for them to try. Then it would be quicker(and cheaper) to
    physically break into the tower/repeating station or directly tap the
    lines at your cdma provider.



  5. #5
    Pete Stephenson
    Guest

    Re: SprintPCS security?

    In article <Pp%[email protected]>,
    Isaiah Beard <[email protected]> wrote:

    > And all of that is BEFORE any overt encryption is added to the mix.
    > Needless to say, Sprint has yet to find a reason to justify the use
    > of any additional encryption layers.


    Ah, excellent. Muchos thanks.

    It's been quite some time since I've been on a CDMA network and I was a
    bit rusty. I did recall that my old Verizon Nokia had that option, but
    it was never possible to actually enable it.

    I was wondering (possibly hoping) that such a feature were enabled by
    default now. Indeed, it would seem to be unnecessary.

    > To again paraphrase Steve: If there is someone out there with the
    > desire and means to successfully eavesdrop on your CDMA calls over
    > the air, then you have way more important things to worry about than
    > just this.


    Quite so. That would be a good time to start running, no?

    --
    Pete Stephenson
    HeyPete.com



  • Similar Threads