Project

General

Profile

Wiki » History » Version 45

Jakob, 12/22/2015 05:10 PM
SnoopSnitch 1.0.1

1 2 Alex
h1. SnoopSnitch
2 2 Alex
3 20 Alex
SnoopSnitch is an Android app that collects and analyzes mobile radio data to make you aware of your mobile network security and to warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates. With SnoopSnitch you can use the data collected in the GSM Security Map at gsmmap.org and contribute your own data to GSM Map.
4 2 Alex
5 3 Alex
!{width: 10%;}sc_dashboard.png!  !{width: 10%;}sc_map_overview.png! !{width: 10%;}sc_catcher_hour.png! !{width: 10%;}sc_map_details.png!
6 3 Alex
7 19 Alex
This application currently only works on Android phones with a Qualcomm chipset and a stock Android ROM (or a suitable custom ROM with Qualcomm DIAG driver). It requires root priviliges to capture mobile network data.
8 2 Alex
9 34 Alex
h3. Documentation
10 34 Alex
11 34 Alex
For details on SnoopSnitch please refer to the [[FAQ]].
12 39 Karsten
Learn about SnoopSnitch's [[IMSI Catcher Score| IMSI catcher metric]].
13 34 Alex
14 2 Alex
h3. Requirements:
15 2 Alex
16 19 Alex
* Qualcomm-based Android phone (see [[DeviceList|device list]])
17 8 Alex
* *Stock* Android ROM, version 4.1 or later
18 19 Alex
Note: Custom Android ROMs like CyanogenMod may or may not work, depending on the availability of a Qualcomm DIAG kernel driver (DIAG_CHAR).
19 3 Alex
* *Root privileges* on phone
20 2 Alex
21 1 Alex
h3. Incompatible Devices:
22 8 Alex
23 8 Alex
The following devices have been found to be incompatible and can *not* be used with SnoopSnitch:
24 8 Alex
25 19 Alex
* *Unsupported.* Devices with custom ROM such as CyanogenMod which lacks the Qualcomm DIAG kernel driver (DIAG_CHAR)
26 16 Karsten
* *Unsupported.* Every device without Qualcomm chipset
27 16 Karsten
* *Unsupported.* Samsung Galaxy S2 & S3
28 19 Alex
* *Unsupported.* Nexus 5 with stock Android
29 16 Karsten
* *Unsupported.* Huawei Ascend Y300
30 2 Alex
31 2 Alex
h3. Download:
32 2 Alex
33 45 Jakob
* "Pre-compiled .apk":https://opensource.srlabs.de/attachments/download/115/SnoopSnitch-1.0.1.apk (SHA1: 44d95ef01c1bbe821408f733207215f5b73839bb)
34 2 Alex
* "Pre-compiled .apk from Google Play Store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch
35 22 Alex
* "Pre-compiled .apk from F-Droid":https://f-droid.org/repository/browse/?fdid=de.srlabs.snoopsnitch
36 23 Alex
* Source Code: <pre>git clone --recursive https://opensource.srlabs.de/git/snoopsnitch.git</pre>
37 2 Alex
38 12 Alex
SnoopSnitch is released under the GPL v3 license (cf. source:COPYING). The app is known to built under Linux and OS X, see source:README for build instructions.
39 12 Alex
40 2 Alex
h3. Disclaimer
41 2 Alex
42 2 Alex
The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
43 2 Alex
44 17 Alex
Second, your phone will send SMS short messages to an invalid number. In some cases, we saw operators charging for these kind of transactions transactions. Hence, please have an eye on your phone bill when performing active tests using SnoopSnitch. To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
45 2 Alex
46 24 Alex
Furthermore, our call server will call your phone and send test SMS during the active test. To avoid unnecessary costs on our side, *DO NOT PICK UP OR REJECT AUTOMATIC CALLS FROM OUR SERVER*. If you pick up a call or have a mailbox or auto-answer feature configured that picks up the call automatically you may get blacklisted and cannot use our service anymore. Please see our [[Banned]] wiki page for details.
47 2 Alex
48 2 Alex
h3. Instructions
49 2 Alex
50 2 Alex
# Make sure you have rooted the phone
51 2 Alex
# Install application from "Google Play app store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch or below
52 2 Alex
# Run the app, execute active tests, upload security events and suspicious activity
53 2 Alex
54 2 Alex
h3. Mailing list
55 2 Alex
56 2 Alex
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
57 31 Linus
For specific questions to the snoopsnitch-team that do not require or permit public discussion, please contact us directly at *snoopsnitch [you know what to put here] srlabs.de*
58 2 Alex
59 1 Alex
h3. Version history
60 28 Alex
61 44 Jakob
Version 1.0.1
62 44 Jakob
63 44 Jakob
* Android 5 and 6 support
64 44 Jakob
* Improved reliability of active test
65 44 Jakob
* Better support for LG phones
66 44 Jakob
67 40 Jakob
Version 1.0.0
68 40 Jakob
69 40 Jakob
* Wireshark/pcap export
70 40 Jakob
* Improved IMSI catcher metric
71 40 Jakob
* Lower battery impact
72 40 Jakob
* Autonomous upload option
73 40 Jakob
* Daily measurement option
74 40 Jakob
75 35 Jakob
Version 0.9.8
76 35 Jakob
77 35 Jakob
* Improved catcher detection
78 35 Jakob
* Reduced memory consumption
79 35 Jakob
* 4G data collection and basic analysis
80 35 Jakob
* Various enhancements and bug fixes 
81 35 Jakob
82 32 Jakob
Version 0.9.7
83 35 Jakob
84 32 Jakob
* Improve detection of type 1 catchers and silent calls
85 32 Jakob
* Reduce false positive rate
86 32 Jakob
* Upload anonymized metadata additionally to radio traces
87 32 Jakob
* Various enhancements and bug fixes
88 32 Jakob
89 28 Alex
Version 0.9.5
90 28 Alex
91 28 Alex
* Make detection run automatically on boot
92 28 Alex
* Support LTE active tests
93 28 Alex
* Improve detection of 2G/3G catchers
94 28 Alex
* Detect empty WAP pushes
95 26 Alex
96 26 Alex
Version 0.9.4
97 26 Alex
98 26 Alex
* Improve type 1 catcher and silent SMS detection
99 26 Alex
* Implement network info screen
100 26 Alex
* Detect malfunctioning baseband interface
101 26 Alex
* Various enhancements and bug fixes
102 25 Alex
103 25 Alex
Version 0.9.3
104 25 Alex
105 25 Alex
* Support Android 5
106 25 Alex
* Fix initialization issue on newer devices
107 25 Alex
* Translation to German and Dutch
108 1 Alex
109 21 Alex
Version 0.9.2
110 21 Alex
111 21 Alex
* Fixed app lock-up issues
112 21 Alex
* Improved device compatibility check
113 21 Alex
* Handled unsupported LTE gracefully
114 21 Alex
115 13 Alex
Version 0.9.1
116 13 Alex
117 13 Alex
* Fix problem where SnoopSnitch would leave the phone muted after a test
118 13 Alex
* Remove issue with disappearing (Skype) dialing dialogs
119 13 Alex
* Resolved performance issue in analysis
120 2 Alex
121 1 Alex
Version 0.9.0
122 21 Alex
123 2 Alex
* Initial public release
124 42 Linus
125 42 Linus
h1. Training Material
126 42 Linus
127 43 Linus
As a primer to the snoopsnitch detection approach, we have prepared a set of hands-on "training material":https://opensource.srlabs.de/attachments/download/114/snoopsnitch_training_material.zip.
128 42 Linus
It contains network traces of IMSI catcher attacks and silent SMS and an analysis guide.