Security enhancement for IMSI catcher and Silent SMS
Hello CalyxOS Team,
after a conversation with Torsten Grote, he mentioned I should make a request
for an improvement from the CalyxOS security features.
Today a huge threat for smartphone users are IMSI Catcher and Silent SMS.
A little info about it.
How SMS is used to track the location of a mobile device
https://www.lufsec.com/silent-sms-how-i-know-where-you-were-yesterday-night/
https://www.eff.org/de/wp/gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell-networks
https://www.eff.org/de/pages/cell-site-simulatorsimsi-catchers
It is possible with an open source Android app to get warnings for this threats
https://f-droid.org/packages/de.srlabs.snoopsnitch/
https://opensource.srlabs.de/projects/snoopsnitch
https://opensource.srlabs.de/projects/snoopsnitch/wiki/IMSI_Catcher_Score
The disadvantage of the app is that it needs root rights and a has a few other requirements
- Root privileges enabled
- Qualcomm based chipset
- Stock Android ROM, version 4.1.2 or higher
- Note. Custom Android ROMs may or may not work depending on the availability
- of a Qualcomm DIAG kernel driver (DIAG_CHAR)
CalyxOS avoids root rights and my request would be, if it is possible to
preinstall SnoopSnitch as a system app?
The version 1. from Snoopsnitch would be sufficient.
The version 2. adds a Android Patch Analysis Feature which is not necessary.
It would be a huge security benefit if you could add a protection against IMS catcher and Silent SMS.
Other opensource project exist as well
Regards F.