23 February 2012

Some Comments on Satellite Phones

(There is now a follow-up to this post that digs into some of the details of GMR-1 transmissions. The (in)security implications are stunning.)

With the recent attack on journalists by Syrian troops, there has been a lot of discussion on the security of satellite phones, especially GMR, the technology used by Thuraya. Here are some basic facts on the security of GMR and satellite phones in general:
  • GMR uses geostationary satellites. Downlink signals from this system are visible over large areas of the Earth's surface, especially for someone looking at the sky with a dish antenna.
  • GMR handsets use wide-beam antennas. Uplink signals from the handsets are visible from space, not just at the serving satellite, but over really big regions of space, occupied by lots of other satellites.
  • Uplink signals from satellite phones are also visible on the ground in a vicinity of the handset, probably at ranges of several kilometers for interceptors with directional antennas. These handsets are easy to detect in a radio environment because they transmit distinctive patterns and are relatively rare (much rarer than cellular handsets, for instance). And any transmitter that can be detected can be located, using any of a number of techniques commonly practiced by most intelligence services.
  • The level of air interface security on GMR handsets is probably lower than on cellular handsets. But even if the air interface were absolutely secure, a GMR handset would still be easy to locate by it's distinctive radio signature.
  • GMR handsets include GPS receivers and transmit identity and location information to the network operator. These transmissions are completely in the clear, but even if they were encrypted, the network operator would have access to this information.
  • GMR encryption is not end-to-end, so the network operator normally has access to plaintext user traffic.
  • GMR handsets register with the network periodically, reporting identity and location, even when you are not "using" them.
  • Even if a GMR operator, as an organization, is sincerely dedicated to the security and privacy of its customers, it is difficult to completely protect a large organization from infiltration by criminal organizations or state intelligence services, through technical hacking, social engineering, bribery, blackmail, political/religious recruitment, etc.
  • Everything I just said about GMR is at least mostly true (if not completely true) of any civilian satellite telecom product and even a lot of military satcom systems.
  • Satellite phone users tend to be more interesting than the general population. Because satellite phones are relatively expensive and mostly used by international travelers, the conversations they carry tend to have interesting content, things that the users thought were important enough to spend real money talking about. So, for an intelligence service, eavesdropping on satellite phones is a more effective use of resources than eavesdropping on most other kinds of networks. They get less "mom and pop crap" and a lot more useful information.
  • In any given country, the users of satellite phones are mostly foreigners, who are often subject to a lower legal standard for eavesdropping, especially for international telephone calls.
Just some things to think about the next time you use your GMR phone, BGAN terminal, Iridium 2-way pager, etc., especially in a war zone. Regardless of encryption, authentication, etc., the mere existence of one of these radio signals sends a message to an observing military force: There's someone over there with fancy comms and it's not us. That can be a very dangerous message.

(David Burgess is a lead developer in the OpenBTS project and one of the founders of Range Networks.)




7 comments:

  1. yeppers
    gottit
    so shd ppl on obsolete technology devices be concerned
    even if the location feature has bern turned off?
    it has happened to ppl -- blutooth turned off but still actively contled by smarter ppl

    ReplyDelete
  2. It's not about obsolete technology or the location feature. It's about the fact that you are transmitting a distinctive radio signal.

    ReplyDelete
  3. Also of interest with the security of sat phones crypto:

    Don’t Trust Satellite Phones: A Security Analysis of Two Satphone Standards

    Benedikt Driessen, Ralf Hund, Carsten Willems, Chris­tof Paar, Thorsten Holz - IEEE Symposium on Security & Privacy (Oakland), 2012

    http://gmr.crypto.rub.de/paper/paper-1.pdf

    ReplyDelete
  4. Thanks for your informed comments.

    As in many other areas of IT security, the movement of packets themselves are as telling as their content.
    The phrase "There's someone over there with fancy comms and it's not us" says it all.

    ReplyDelete
  5. It is the same Paul, I talked to him about it just the other day. Great site, I really like it.

    Fta Receiver

    ReplyDelete
  6. Satellite phone are also the best option for the travelers.

    ReplyDelete
  7. Satellites have become a very big part to many aspects of our everyday lives. Our cellphones, most TV networks, GPS, and so many other things all depend on satellites to function the way they need to. We have come a long way with them over the last few decades, and it makes me wonder how this technology will change in the next couple of decades.

    http://www.internationalsatelliteservices.com/isathub

    ReplyDelete