23 February 2012

Some Comments on Satellite Phones

(There is now a follow-up to this post that digs into some of the details of GMR-1 transmissions. The (in)security implications are stunning.)

With the recent attack on journalists by Syrian troops, there has been a lot of discussion on the security of satellite phones, especially GMR, the technology used by Thuraya. Here are some basic facts on the security of GMR and satellite phones in general:
  • GMR uses geostationary satellites. Downlink signals from this system are visible over large areas of the Earth's surface, especially for someone looking at the sky with a dish antenna.
  • GMR handsets use wide-beam antennas. Uplink signals from the handsets are visible from space, not just at the serving satellite, but over really big regions of space, occupied by lots of other satellites.
  • Uplink signals from satellite phones are also visible on the ground in a vicinity of the handset, probably at ranges of several kilometers for interceptors with directional antennas. These handsets are easy to detect in a radio environment because they transmit distinctive patterns and are relatively rare (much rarer than cellular handsets, for instance). And any transmitter that can be detected can be located, using any of a number of techniques commonly practiced by most intelligence services.
  • The level of air interface security on GMR handsets is probably lower than on cellular handsets. But even if the air interface were absolutely secure, a GMR handset would still be easy to locate by it's distinctive radio signature.
  • GMR handsets include GPS receivers and transmit identity and location information to the network operator. These transmissions are completely in the clear, but even if they were encrypted, the network operator would have access to this information.
  • GMR encryption is not end-to-end, so the network operator normally has access to plaintext user traffic.
  • GMR handsets register with the network periodically, reporting identity and location, even when you are not "using" them.
  • Even if a GMR operator, as an organization, is sincerely dedicated to the security and privacy of its customers, it is difficult to completely protect a large organization from infiltration by criminal organizations or state intelligence services, through technical hacking, social engineering, bribery, blackmail, political/religious recruitment, etc.
  • Everything I just said about GMR is at least mostly true (if not completely true) of any civilian satellite telecom product and even a lot of military satcom systems.
  • Satellite phone users tend to be more interesting than the general population. Because satellite phones are relatively expensive and mostly used by international travelers, the conversations they carry tend to have interesting content, things that the users thought were important enough to spend real money talking about. So, for an intelligence service, eavesdropping on satellite phones is a more effective use of resources than eavesdropping on most other kinds of networks. They get less "mom and pop crap" and a lot more useful information.
  • In any given country, the users of satellite phones are mostly foreigners, who are often subject to a lower legal standard for eavesdropping, especially for international telephone calls.
Just some things to think about the next time you use your GMR phone, BGAN terminal, Iridium 2-way pager, etc., especially in a war zone. Regardless of encryption, authentication, etc., the mere existence of one of these radio signals sends a message to an observing military force: There's someone over there with fancy comms and it's not us. That can be a very dangerous message.

(David Burgess is a lead developer in the OpenBTS project and one of the founders of Range Networks.)

12 February 2012

The Man Burns in 202 Days

For those who have not heard, the Burning Man ticket situation for 2012 is a real mess. This mess might affect our plans for the BRC test network this year. We'll just have to see what happens over the next three months.