How secure are digital cell phone conversations?

[Jaqx]

This may be a little off topic here but..... they do use Motorola cell phones.

Anyway. I was in a meeting with an law enforcement agency head the other day and the topic of cell phone security came up. His concern was that his officers were discussing confidential things such as suspect's criminal records and investigative case details over their cell phones. His concern was that these conversations were being monitored. 95% of the officers use digital cell phones. Most use a TDMA carrier less a CDMA carrier and a few GSM (I think, Cingular?) I don't think any officers are using NEXTEL for work purposes.

How secure are these conversations and is there a format that is more secure than the others?

Concerns about monitoring have faded with digital service but the question has been raised again.

Thanks again,
Jaqx

[chad_g69]

most cell companies do not allow encryption

i have a cel phone that supports voice encryption (Nokia 6160i)
when enabled, the phone displays 'voice privacy not active'
according to AT&T wireless, no carrier supports voice encryption/privacy in the USA <b>YET</b>
AT&T will support in in August when they start to support GSM as well as TDMA
when Encryption/Voice Privacy is supported, the feature has to be enabled in BOTH phones...

NOTE: some cellsites have already been upgraded, and will support voice privacy/encryption, as long as the person you are calling has a phone that supports that feature, and has it enabled...


(I used to for for a AT&T authorized dealer)

Chad

[chad_g69]

A thought about nextel ...

they use motorola and motorola only...

so, if NEXTEL's system supported encryption, and you, as the end user, wanted to use encryption on your MOTOROLA phone, you would have to PAY MOTOROLA more money for a module or software/firmware update.

I HIGHLY DOUBT motorola has encryption in a phone that retails from $100 to $350 phone for FREE...

My 2-cents

[alex]

Look for a Motrola VIP phone - you can add a des or facinator box to it - it's what the secret service uses in their trucks.

I got the priviledge of checking out one of their suburbans a couple weeks ago... I bet that type 4 armor stands up well in traffic accidents... at least for the suburban, and a securenet box that was most likly one of the brands of encryption listed above...

-Alex

[jwood]

How secure are these conversations ?

Concerns about monitoring have faded with digital service but the question has been raised again.

Thanks again,
Jaqx

It seems that nobody has answered JAQX question?

I dont belive that a DIGITAL Cell phone can be monitored at this time..
when the new Digital Scanners hit the market Digital cell phones still wont be monitorable, the digital scanners are APCO 16/25 digital mode only,as you stated above cell phones use GSM,TDMA ECT ECT ECT..
I am no expert in the cell phone field by any means, But I belive Digital Cell phones are very secure for the next few yrs!!

[chad_g69]

How secure are these conversations ?

Concerns about monitoring have faded with digital service but the question has been raised again.

Thanks again,
Jaqx

It seems that nobody has answered JAQX question?

I dont belive that a DIGITAL Cell phone can be monitored at this time..
when the new Digital Scanners hit the market Digital cell phones still wont be monitorable, the digital scanners are APCO 16/25 digital mode only,as you stated above cell phones use GSM,TDMA ECT ECT ECT..
I am no expert in the cell phone field by any means, But I belive Digital Cell phones are very secure for the next few yrs!!

There is software that takes the audio in from your sound card (from a scanner) and coverts the CDMA, TDMA, or GSM digital signal to ANALOG, i have seen devices that to the same (for TDMA) that cost about $70 to build it from scratch

of couse - i do not have the above listed options - it would be unlawful..
Chad
PS: of all the services (nextel, cmda, tdma, gsm) nextel is currently the most secure - i have seen a APCO-16 PCI addin card for a computer decode Nextel Digital into analog

[mts2000des2]

This may be a little off topic here but..... they do use Motorola cell phones.

Anyway. I was in a meeting with an law enforcement agency head the other day and the topic of cell phone security came up. His concern was that his officers were discussing confidential things such as suspect's criminal records and investigative case details over their cell phones. His concern was that these conversations were being monitored. 95% of the officers use digital cell phones. Most use a TDMA carrier less a CDMA carrier and a few GSM (I think, Cingular?) I don't think any officers are using NEXTEL for work purposes.

How secure are these conversations and is there a format that is more secure than the others?

Concerns about monitoring have faded with digital service but the question has been raised again.

Thanks again,
Jaqx

Well, digital in any platform is more "secure" than analog, however, depending on the sophistication of the listener and moreover, their budget, will allow them to listen in if they really want to.

In the US, there are two ways digital radio is used in cellular/PCS systems, they are TDMA and CDMA. TDMA is used in iDEN and GSM systems, and also most older 800MHz cellular systems. TDMA allows for multiple users to share the same radio channel by dividing the airtime into "time slots", usually anywhere from 1 to 6 users can occupy the radio channel at one time. To listen in, one would have to select the appropriate time frame of the subscriber they want to listen to, and they must be within the range of whatever cell that user is on. Sounds complicated but with today's computer hardware, it can (and has been) done. While the data packets CAN be encrypted on a TDMA system, this adds much network overhead and carriers don't use it- mainly because there is no demand. After all, carriers in the US told subscribers that AMPS/NAMPS was "secure" until that famous (questionable) intercept of Mr. Gingrich in 1997.

The later format, CDMA, or Code Division Multiple Access, operates by using spread spectrum on a single radio channel (1.25MHz wide) over the entire network. A signle call is added to this stream and is assigned a code which is sent out in the pack of many other calls. The code identifies the particular call and where to route it. CDMA offers a slight advantage in the area of security, though it too, has been intercepted.

Most carriers (excpet Nextel) are in the stages of moving to 3G networks, all of which will utilize a variant of CDMA called wCDMA (wide CDMA) which will allow for high speed data to be blended on the same spectrum as voice traffic.

Keep in mind that casual listeners with an analog scanner cannot decode any digital signals, but the determined listener with the right gear can intercept.

Bottom line: no RF medium is totally secure.

[OX]

Using both Nextel and Verizon CDMA, I have been able to hear other calls in progress by other parties. This was completely by accident as it appeared to happen when I switched from one tower to another. I was in digital mode carrying on a phone conversation when all of a sudden I could hear someone else plain as day. I'm not sure if tey could hear me but I assume so.

So in addition to the previous responses, your digital conversations could be intercepted by persons unknown to you without them intending to intercept.

[Jim202]

Generaly when the rare occurance of being able to hear another conversation on a digital system, the bug lies in a fault within the cellular switch. There is a card in the switch that is called an audio bridge card. This card is used to be able to do the hand off between cell sites.

In order to have a seamless call between cell sites, the switch has to connect the 2 cell sites together for the call not to have a loss of audio. The audio is bridged together on both cell sites for a short period of time. The "BRIDGE" card sometimes goes bad and doesn't release from the old cell site you just came from. When a second call is told to use the bridge card, the old connection to the last cell site is still made. This is when you hear the second conversation.

Normally this gets caught fairly quickly by the system. Once in a while the bad audio bridge card falls through the crack of not being replaced right away. Then this double call audio problem will drift through the system. Somewhere along in time, the switch maintenance people will find it and replace the bad card.

Jim

[KitN1MCC]

when i used to work for Verizon as a service tech in there stores (i hated that damn Job) we tired to decode CDMA with all types of stuff and was unable too

if you want to Listen to CDMA u need some real High end stuff

we even tried to use another phone and no such luck

Plus with CDMA there is no True RF carrier

TDMA u still need an FM carrier

[RFdude]

Hmm... interesting posts.

If CDMA has EVER been intercepted in real conditions, we would certainly like to know about it!

To my knowledge there is no piece of equipment out there that intercepts and decodes a CDMA voice call. Just looking into and confirmed it for some elected folks. High end Analyzers, PN scanners, etc, etc costing 10's of thousands can give you many details of the channel, how many Walsh codes in use, and can decode and display the paging channel.... or the text messages. But not a voice call. When you look at the technology (it's a mathematicians worst nightmare), the receive has to align itself with the Long Code, must know the phones ESN, and all sorts of other things. To top it all off, since everyone shares the same channel, power is controlled 700 times/second to within 1 db of what is required to go the distance. Lastly, your call is carried simultaneously on multiple sites as determined by the neighbour list. One covert receiver wouldn't have that luxury because of the precise power control.

Can't speak for the NSA... but the technical experts seem to suggest that even if money was no object, a CDMA intercept would be difficult. Besides, NSA and agencies like that can intercept calls at the switch through Surveillance modules or completely off site via the SS7 network.

Because of the inherent security in CDMA, there isn't a business case for offering voice encryption in the forseable future. There wouldn't be enough demand.

Another poster suggested what sounded like cross-talk... CDMA calls can get handed down to analog for a variety of triggers... edge of CDMA coverage, poor quality, round trip delay, etc. Then the call is certainly open for intercept and cross talk). Cross talk could happen also because there is a distant site with the same colour code (like PL). If the hand down isn't designed properly, you could go into never-never land.

I had heard once (newspaper) that the Israeli Army used TDMA phone intercepts to kill a suspected bomber with explosives in his own cell phone. The intercept was required to ensure that it was him. However, newspaper reporters are notorious for technical inaccuracies, so I don't think this is credible. We dropped TDMA years ago... gave up on it and stayed Analog until CDMA came along.

Make sure your phone is in digital mode, and you should be OK.

RFDude

[KitN1MCC]

I have alaays liked verizon (Bell Atlantic Mobile thats when i worked there) the voice quality is awsome and the coverage is the best except for a few spots in the woods and back area

i also have a nextel and i use it as a toy to BS with the Fellas and stuff i still am keeping my verizon phone for long conversations and stuff

i like the Qualcomm (kyrocera ) phones my self i think they work better than the other brands

audio vox is ok but too many problems
motorola nice but they are to fussy

when i worked there we has very little QCP come in for repair

[KitN1MCC]

I have alaays liked verizon (Bell Atlantic Mobile thats when i worked there) the voice quality is awsome and the coverage is the best except for a few spots in the woods and back area

i also have a nextel and i use it as a toy to BS with the Fellas and stuff i still am keeping my verizon phone for long conversations and stuff

i like the Qualcomm (kyrocera ) phones my self i think they work better than the other brands

audio vox is ok but too many problems
motorola nice but they are to fussy

when i worked there we has very little QCP come in for repair

[Josh]

Nextel absolutely sucks.

How can they be considered so secure? As an SMR, their frequencies are most susceptable to eavesdropping. SMR is not standard cellular, so the frequencies are not blocked out in scanners as upper 800 cellular is. Nexthell is also not illegal to listen to in most cases as indirect connect is no different than basic trunked radio, although Digital spread spectrum and.

How can a company whose frequencies intermingle with public safety, are not blocked out by scanners, and aren't the basic definition of cellular be considered secure?

Plus, with the degraded audio clarity of TDMA as compared to CDMA, this further makes Nextel look like a crappy company to 'buy time' from.

I wouldn't fall for their scams. iDEN is iDUM!
-Josh

[mts2000des2]

No doubt, Nextel sucks.

One interesting side note, one of the biggest reasons Nextel is trying to shove their white paper down eeveryone's throat (and wants us to pay for it too) is so that they can acquire blocks of contiguous spectrum so they can go to a muc more secure and advanced platform, such as wCDMA.

Nextel evolved as the (questionable) nationwide acquisitions of spectrum from SMR operators. The interference to public safety issue was their own fault, and they want private industry (such as other 800 non-Nextel users) to foot the bill for their proposed "realignment" of the 800MHz band. Supposedly this is to appease their ongoing interference to public safety radio systems, but the real reason is to (again) benefit Nextel.

The truth will emerge. Nextel's flight or fall depends on the FCC acceptance of their, in my opinion, comical white paper wanting to move all public safety uses to the lower part of the 850 band and Nextel gets contiguous spectrum in the NPSPAC area. All others users go eleswhere, at your own expense. Oh yes, and we at Nextel, for being such "good neighboors" are asking for first dibs at 2.1GHz.

Only in America.

Last I heard, Nextel's stock was down to around 5 bucks a share, and their spinoff Nextel International was on the verge of bankruptcy after defaulting on a 8 million dollar loan.

Can anyone say Enron?

[wavetar]

I've been out of the cellular side of things for many years, so I know very little about the digital side of things. But, there were many phones back in the day which could be put into test modes
& used to monitor analog audio much like a scanner. Does anyone know if today's digital phones can do the same?

Todd

[Astro_Saber]

GSM is the securest cellphone out their cant be easedeopped on unless maybe the NSA is doing it but then again they do it all the time

[mts2000des2]

GSM is the securest cellphone out their cant be easedeopped on unless maybe the NSA is doing it but then again they do it all the time

GSM= outdated TDMA based platform, been cracked years ago.

[Twisted_Pear]

I work for a carrier, as a field tech, which uses CDMA and that's as secure as you're going to get with today's modern PCS technology. I know about the hacking schemes that go on and you simply can't take one of our phones and use it to listen in or clone. Most illegal use is done by a process outside of modifying the phone and is not related to grabbing info off the air (Like AMPS allows) or whatever.

Nextel, out of them all, is the least secure. Even with the service monitors we have, we can't listen in to any CDMA transmissions. Nextel, on the other hand, is as easy as pulling up ASTRO on a service monitor. The best we can do (in the field; at the switch it's diferent) is monitor the paging and sync channels to know who you're calling or what your phone is doing.

I don't know the legal issues surrounding government agencies listening in but when an agency wants to track someone's phone calls it's done through the normal legal channels and there is no possible way the end-user would know. You can kill the paranoia as I know for a fact phone calls from our switch, and probably every other one in our network, are not monitored by anyone who has not specifically been granted for it. And when they are, it's a specific person, not everu call.

New technology is cracked all the time but a majority of the time it can't be done on a regular basis. Cracking high-level DES is an example. GSM has really gone the way AMPS had gone with regard to hacking. And I won't even get into the NSA subject as it's way too 'black helicopter' and UFOs to me.

[Astro_Saber]

GSM= outdated TDMA based platform, been cracked years ago.

and thats why the president uses GSM.

wrong again

[mts2000des2]

GSM= outdated TDMA based platform, been cracked years ago.

and thats why the president uses GSM.

wrong again

You are on crack buddy. GSM uses TDMA and was cracked years ago in 1994 by a hacker in sweden. If GSM is so "secure" and great, why is the EU planning their next generation systems on a CDMA platform?? To educate yourself, go to http://www.qualcomm.com and read through their many pages on CDMA vs. other digital platforms.

Oh, BTW, the POTUS uses a variety of secure and non-secure comms- but GSM is considered NON SECURE by NSA standards. try again.