Project

General

Profile

Wiki » History » Version 50

Luca, 10/20/2017 12:44 PM

1 2 Alex
h1. SnoopSnitch
2 2 Alex
3 20 Alex
SnoopSnitch is an Android app that collects and analyzes mobile radio data to make you aware of your mobile network security and to warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates. With SnoopSnitch you can use the data collected in the GSM Security Map at gsmmap.org and contribute your own data to GSM Map.
4 2 Alex
5 3 Alex
!{width: 10%;}sc_dashboard.png!  !{width: 10%;}sc_map_overview.png! !{width: 10%;}sc_catcher_hour.png! !{width: 10%;}sc_map_details.png!
6 3 Alex
7 19 Alex
This application currently only works on Android phones with a Qualcomm chipset and a stock Android ROM (or a suitable custom ROM with Qualcomm DIAG driver). It requires root priviliges to capture mobile network data.
8 2 Alex
9 34 Alex
h3. Documentation
10 34 Alex
11 34 Alex
For details on SnoopSnitch please refer to the [[FAQ]].
12 39 Karsten
Learn about SnoopSnitch's [[IMSI Catcher Score| IMSI catcher metric]].
13 46 Karsten
See which [[Android application permissions]] are required to run SnoopSnitch.
14 34 Alex
15 2 Alex
h3. Requirements:
16 2 Alex
17 19 Alex
* Qualcomm-based Android phone (see [[DeviceList|device list]])
18 8 Alex
* *Stock* Android ROM, version 4.1 or later
19 19 Alex
Note: Custom Android ROMs like CyanogenMod may or may not work, depending on the availability of a Qualcomm DIAG kernel driver (DIAG_CHAR).
20 3 Alex
* *Root privileges* on phone
21 2 Alex
22 1 Alex
h3. Incompatible Devices:
23 8 Alex
24 8 Alex
The following devices have been found to be incompatible and can *not* be used with SnoopSnitch:
25 8 Alex
26 19 Alex
* *Unsupported.* Devices with custom ROM such as CyanogenMod which lacks the Qualcomm DIAG kernel driver (DIAG_CHAR)
27 16 Karsten
* *Unsupported.* Every device without Qualcomm chipset
28 16 Karsten
* *Unsupported.* Samsung Galaxy S2 & S3
29 19 Alex
* *Unsupported.* Nexus 5 with stock Android
30 16 Karsten
* *Unsupported.* Huawei Ascend Y300
31 2 Alex
32 2 Alex
h3. Download:
33 2 Alex
34 49 Luca
* "Pre-compiled .apk":https://opensource.srlabs.de/attachments/download/136/SnoopSnitch-1.0.3.apk (SHA1: 221444eb1c63498bf045b5504d729023def51396)
35 2 Alex
* "Pre-compiled .apk from Google Play Store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch
36 22 Alex
* "Pre-compiled .apk from F-Droid":https://f-droid.org/repository/browse/?fdid=de.srlabs.snoopsnitch
37 23 Alex
* Source Code: <pre>git clone --recursive https://opensource.srlabs.de/git/snoopsnitch.git</pre>
38 2 Alex
39 12 Alex
SnoopSnitch is released under the GPL v3 license (cf. source:COPYING). The app is known to built under Linux and OS X, see source:README for build instructions.
40 12 Alex
41 2 Alex
h3. Disclaimer
42 2 Alex
43 2 Alex
The tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
44 2 Alex
45 17 Alex
Second, your phone will send SMS short messages to an invalid number. In some cases, we saw operators charging for these kind of transactions transactions. Hence, please have an eye on your phone bill when performing active tests using SnoopSnitch. To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
46 2 Alex
47 24 Alex
Furthermore, our call server will call your phone and send test SMS during the active test. To avoid unnecessary costs on our side, *DO NOT PICK UP OR REJECT AUTOMATIC CALLS FROM OUR SERVER*. If you pick up a call or have a mailbox or auto-answer feature configured that picks up the call automatically you may get blacklisted and cannot use our service anymore. Please see our [[Banned]] wiki page for details.
48 2 Alex
49 2 Alex
h3. Instructions
50 2 Alex
51 2 Alex
# Make sure you have rooted the phone
52 2 Alex
# Install application from "Google Play app store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch or below
53 2 Alex
# Run the app, execute active tests, upload security events and suspicious activity
54 2 Alex
55 2 Alex
h3. Mailing list
56 2 Alex
57 2 Alex
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
58 31 Linus
For specific questions to the snoopsnitch-team that do not require or permit public discussion, please contact us directly at *snoopsnitch [you know what to put here] srlabs.de*
59 2 Alex
60 1 Alex
h3. Version history
61 28 Alex
62 50 Luca
Version 1.0.3
63 50 Luca
64 50 Luca
* Improved error handling
65 50 Luca
66 48 Luca
Version 1.0.2
67 48 Luca
68 48 Luca
* Improved compatibility with newer Android versions and devices
69 48 Luca
* Configurable notifications
70 48 Luca
71 44 Jakob
Version 1.0.1
72 44 Jakob
73 44 Jakob
* Android 5 and 6 support
74 44 Jakob
* Improved reliability of active test
75 44 Jakob
* Better support for LG phones
76 44 Jakob
77 40 Jakob
Version 1.0.0
78 40 Jakob
79 40 Jakob
* Wireshark/pcap export
80 40 Jakob
* Improved IMSI catcher metric
81 40 Jakob
* Lower battery impact
82 40 Jakob
* Autonomous upload option
83 40 Jakob
* Daily measurement option
84 40 Jakob
85 35 Jakob
Version 0.9.8
86 35 Jakob
87 35 Jakob
* Improved catcher detection
88 35 Jakob
* Reduced memory consumption
89 35 Jakob
* 4G data collection and basic analysis
90 35 Jakob
* Various enhancements and bug fixes 
91 35 Jakob
92 32 Jakob
Version 0.9.7
93 35 Jakob
94 32 Jakob
* Improve detection of type 1 catchers and silent calls
95 32 Jakob
* Reduce false positive rate
96 32 Jakob
* Upload anonymized metadata additionally to radio traces
97 32 Jakob
* Various enhancements and bug fixes
98 32 Jakob
99 28 Alex
Version 0.9.5
100 28 Alex
101 28 Alex
* Make detection run automatically on boot
102 28 Alex
* Support LTE active tests
103 28 Alex
* Improve detection of 2G/3G catchers
104 28 Alex
* Detect empty WAP pushes
105 26 Alex
106 26 Alex
Version 0.9.4
107 26 Alex
108 26 Alex
* Improve type 1 catcher and silent SMS detection
109 26 Alex
* Implement network info screen
110 26 Alex
* Detect malfunctioning baseband interface
111 26 Alex
* Various enhancements and bug fixes
112 25 Alex
113 25 Alex
Version 0.9.3
114 25 Alex
115 25 Alex
* Support Android 5
116 25 Alex
* Fix initialization issue on newer devices
117 25 Alex
* Translation to German and Dutch
118 1 Alex
119 21 Alex
Version 0.9.2
120 21 Alex
121 21 Alex
* Fixed app lock-up issues
122 21 Alex
* Improved device compatibility check
123 21 Alex
* Handled unsupported LTE gracefully
124 21 Alex
125 13 Alex
Version 0.9.1
126 13 Alex
127 13 Alex
* Fix problem where SnoopSnitch would leave the phone muted after a test
128 13 Alex
* Remove issue with disappearing (Skype) dialing dialogs
129 13 Alex
* Resolved performance issue in analysis
130 2 Alex
131 1 Alex
Version 0.9.0
132 21 Alex
133 2 Alex
* Initial public release
134 42 Linus
135 42 Linus
h1. Training Material
136 42 Linus
137 43 Linus
As a primer to the snoopsnitch detection approach, we have prepared a set of hands-on "training material":https://opensource.srlabs.de/attachments/download/114/snoopsnitch_training_material.zip.
138 42 Linus
It contains network traces of IMSI catcher attacks and silent SMS and an analysis guide.