Project

General

Profile

Wiki » History » Version 58

Jonas, 03/19/2019 09:18 AM

1 2 Alex
h1. SnoopSnitch
2 2 Alex
3 51 Patrick
SnoopSnitch is an open source Android app that offers users the opportunity to test the security of their mobile devices as well as of the mobile networks to which their devices connect. 
4 2 Alex
5 51 Patrick
!{width: 10%;}SnSn2_menu_yesroot.png!   !{width: 10%;}SnSn2_menu_yesroot03.png! !{width: 10%;}SnSn2_patch_results03.png! !{width: 10%;}SnSn2_patch_results01.png!
6 3 Alex
7 51 Patrick
SnoopSnitch offers two core security testing features:
8 1 Alex
9 51 Patrick
h3. SnoopSnitch - Android patch level analysis
10 1 Alex
11 51 Patrick
SnoopSnitch's latest feature are tests to analyze whether a device’s build of the Android mobile operating system is missing security patches. The goal of this test is to identify if any patches are missing that should be included relative to the device’s current security patch level date. 
12 51 Patrick
13 51 Patrick
This feature was introduced as part of the major 2.0 version update for SnoopSnitch. 
14 51 Patrick
For more information on our Android patch level analysis, you can review our presentation from Hack-in-the-box 2018 where we debuted and discussed the 2.0 version of SnoopSnitch [1]
15 51 Patrick
16 51 Patrick
h3. SnoopSnitch - Mobile network security tests
17 51 Patrick
18 51 Patrick
SnoopSnitch's original security tests focus on identifying potential attacks or surveillance against an individual device from the mobile network. SnoopSnitch collects and analyzes mobile radio data to make you aware of the overall security of the mobile network to which your device is connected and to warn you about threats like fake base stations (IMSI catchers), user tracking, and over-the-air updates. With SnoopSnitch you can use the data collected in the GSM Security Map at gsmmap.org and contribute your own data to GSM Map.
19 51 Patrick
20 51 Patrick
For more information about the mobile network security tests, you can review our presentation from 31c3 2014 where we debuted and discussed the initial 0.9 version of SnoopSnitch [2] 
21 51 Patrick
22 51 Patrick
[1] https://conference.hitb.org/hitbsecconf2018ams/sessions/mind-the-gap-uncovering-the-android-patch-gap-through-binary-only-patch-level-analysis/
23 51 Patrick
[2] https://www.youtube.com/watch?v=qpW9o4SP3K8&feature=youtu.be
24 51 Patrick
25 51 Patrick
26 51 Patrick
h2. Documentation
27 51 Patrick
28 51 Patrick
For additional details on SnoopSnitch please refer to our *[[FAQ]]*.
29 51 Patrick
30 51 Patrick
You can also review our [[Privacy_Policy]]
31 51 Patrick
32 1 Alex
See which [[Android application permissions]] are required to run SnoopSnitch.
33 1 Alex
34 51 Patrick
Learn about SnoopSnitch's [[IMSI Catcher Score| IMSI catcher metric]].
35 1 Alex
36 51 Patrick
37 51 Patrick
h2. Requirements:
38 51 Patrick
39 51 Patrick
SnoopSnitch is an app designed for use on *Android devices only*. SnoopSnitch will not work on Apple products. 
40 51 Patrick
41 51 Patrick
SnoopSnitch can be installed on devices with Android OS version 4.1.2 or higher. 
42 51 Patrick
43 51 Patrick
The *Android patch level analysis* tests are compatible with all devices.
44 51 Patrick
45 51 Patrick
The *mobile network security tests* are NOT compatible with all devices. 
46 51 Patrick
47 51 Patrick
If a device is not compatible for the mobile network security tests, the app will grey this area out and display a "network test and attack detection require root" notice. 
48 51 Patrick
49 51 Patrick
!{width: 10%;}SnSn2_menu_noroot.png! 
50 51 Patrick
51 51 Patrick
h3. Requirements for mobile network security tests
52 51 Patrick
53 51 Patrick
Due to the nature of the actions required to perform the mobile network security tests, these features are only compatible on devices with:
54 51 Patrick
55 51 Patrick
* *Root privileges* enabled
56 51 Patrick
* Qualcomm-based chipset (see [[DeviceList|device list]])
57 51 Patrick
* *Stock* Android ROM, version 4.1.2 or higher
58 1 Alex
Note: Custom Android ROMs like CyanogenMod may or may not work, depending on the availability of a Qualcomm DIAG kernel driver (DIAG_CHAR).
59 2 Alex
60 51 Patrick
For additional information specific to utilizing SnoopSnitch's mobile network security tests, please refer to our *[[FAQ]]*.
61 1 Alex
62 51 Patrick
*Incompatible Devices* for mobile network security tests:
63 1 Alex
64 51 Patrick
The following devices have been found to be incompatible and can *not* be used with SnoopSnitch's mobile network tests:
65 51 Patrick
66 51 Patrick
* *Unsupported.* Every device *without* Qualcomm chipset
67 22 Alex
* *Unsupported.* Devices with custom ROM such as CyanogenMod which lacks the Qualcomm DIAG kernel driver (DIAG_CHAR)
68 23 Alex
* *Unsupported.* Samsung Galaxy S2 & S3
69 2 Alex
* *Unsupported.* Nexus 5 with stock Android
70 12 Alex
* *Unsupported.* Huawei Ascend Y300
71 12 Alex
72 51 Patrick
*Disclaimer regarding mobile network security tests*
73 2 Alex
74 51 Patrick
The mobile network security tests include an active part. First, your phone will place outgoing calls to a dedicated number. This number will always be busy and never answer in order to rule out voice charges as best as we can.
75 2 Alex
76 17 Alex
Second, your phone will send SMS short messages to an invalid number. In some cases, we saw operators charging for these kind of transactions transactions. Hence, please have an eye on your phone bill when performing active tests using SnoopSnitch. To control for involuntary charges, we strongly advise the use of a dedicated pre-paid SIM card for these tests.
77 2 Alex
78 24 Alex
Furthermore, our call server will call your phone and send test SMS during the active test. To avoid unnecessary costs on our side, *DO NOT PICK UP OR REJECT AUTOMATIC CALLS FROM OUR SERVER*. If you pick up a call or have a mailbox or auto-answer feature configured that picks up the call automatically you may get blacklisted and cannot use our service anymore. Please see our [[Banned]] wiki page for details.
79 2 Alex
80 51 Patrick
For additional information specific to utilizing SnoopSnitch's mobile network security tests, please refer to our *[[FAQ]]*.
81 2 Alex
82 51 Patrick
h2. Download:
83 2 Alex
84 51 Patrick
* "Pre-compiled .apk from Google Play Store":https://play.google.com/store/apps/details?id=de.srlabs.snoopsnitch
85 51 Patrick
* "Pre-compiled .apk from F-Droid":https://f-droid.org/repository/browse/?fdid=de.srlabs.snoopsnitch
86 57 Jonas
* "Pre-compiled .apk":https://opensource.srlabs.de/attachments/download/163/SnoopSnitch-2.0.8.apk (SHA256: 9eeee42783cab9f113e049f872b44d59b73e978601e959cbd8bde0f548163e97)
87 51 Patrick
* Source Code: <pre>git clone --recursive https://opensource.srlabs.de/git/snoopsnitch.git</pre>
88 2 Alex
89 51 Patrick
SnoopSnitch is released under the GPL v3 license (cf. source:COPYING). The app is known to built under Linux and OS X, see source:README for build instructions.
90 51 Patrick
91 51 Patrick
h2. Mailing list
92 51 Patrick
93 50 Luca
A public mailing list for discussions is "here":https://lists.srlabs.de/cgi-bin/mailman/listinfo/gsmmap
94 50 Luca
For specific questions to the snoopsnitch-team that do not require or permit public discussion, please contact us directly at *snoopsnitch [you know what to put here] srlabs.de*
95 50 Luca
96 1 Alex
h2. Version history
97 52 Patrick
98 58 Jonas
Version 2.0.9:
99 58 Jonas
100 58 Jonas
* Fixed autostarting mobile network security test on boot 
101 58 Jonas
* Fixed notifications on Android OS versions >= 8.0
102 58 Jonas
* Minor bugfix
103 58 Jonas
104 56 Jonas
Version 2.0.8:
105 56 Jonas
106 56 Jonas
* Support for new patch analysis test type
107 56 Jonas
* Performance improvements of patch analysis
108 56 Jonas
* Bugfixes
109 56 Jonas
* Additional status messages when performing patch analysis tests
110 56 Jonas
111 56 Jonas
Version 2.0.7:
112 56 Jonas
113 56 Jonas
* improved network technology detection
114 56 Jonas
* small UI fixes
115 56 Jonas
116 55 Lukas
Version 2.0.1 - 2.0.6:
117 52 Patrick
118 52 Patrick
* bugfixes and stability improvements
119 52 Patrick
* additional UI/UX improvements
120 52 Patrick
121 52 Patrick
Version 2.0:
122 52 Patrick
123 52 Patrick
* introduction of Android patch analysis feature (+ restructuring and improving UI )
124 52 Patrick
* reduced battery consumption 
125 48 Luca
126 48 Luca
Version 1.0.3
127 48 Luca
128 48 Luca
* Improved error handling
129 48 Luca
130 44 Jakob
Version 1.0.2
131 44 Jakob
132 44 Jakob
* Improved compatibility with newer Android versions and devices
133 44 Jakob
* Configurable notifications
134 44 Jakob
135 44 Jakob
Version 1.0.1
136 40 Jakob
137 40 Jakob
* Android 5 and 6 support
138 40 Jakob
* Improved reliability of active test
139 40 Jakob
* Better support for LG phones
140 40 Jakob
141 40 Jakob
Version 1.0.0
142 40 Jakob
143 40 Jakob
* Wireshark/pcap export
144 35 Jakob
* Improved IMSI catcher metric
145 35 Jakob
* Lower battery impact
146 35 Jakob
* Autonomous upload option
147 35 Jakob
* Daily measurement option
148 35 Jakob
149 35 Jakob
Version 0.9.8
150 35 Jakob
151 32 Jakob
* Improved catcher detection
152 35 Jakob
* Reduced memory consumption
153 32 Jakob
* 4G data collection and basic analysis
154 32 Jakob
* Various enhancements and bug fixes 
155 32 Jakob
156 32 Jakob
Version 0.9.7
157 32 Jakob
158 28 Alex
* Improve detection of type 1 catchers and silent calls
159 28 Alex
* Reduce false positive rate
160 28 Alex
* Upload anonymized metadata additionally to radio traces
161 28 Alex
* Various enhancements and bug fixes
162 28 Alex
163 28 Alex
Version 0.9.5
164 26 Alex
165 26 Alex
* Make detection run automatically on boot
166 26 Alex
* Support LTE active tests
167 26 Alex
* Improve detection of 2G/3G catchers
168 26 Alex
* Detect empty WAP pushes
169 26 Alex
170 26 Alex
Version 0.9.4
171 25 Alex
172 25 Alex
* Improve type 1 catcher and silent SMS detection
173 25 Alex
* Implement network info screen
174 25 Alex
* Detect malfunctioning baseband interface
175 25 Alex
* Various enhancements and bug fixes
176 25 Alex
177 1 Alex
Version 0.9.3
178 21 Alex
179 21 Alex
* Support Android 5
180 21 Alex
* Fix initialization issue on newer devices
181 21 Alex
* Translation to German and Dutch
182 21 Alex
183 21 Alex
Version 0.9.2
184 13 Alex
185 13 Alex
* Fixed app lock-up issues
186 13 Alex
* Improved device compatibility check
187 13 Alex
* Handled unsupported LTE gracefully
188 13 Alex
189 2 Alex
Version 0.9.1
190 1 Alex
191 21 Alex
* Fix problem where SnoopSnitch would leave the phone muted after a test
192 2 Alex
* Remove issue with disappearing (Skype) dialing dialogs
193 42 Linus
* Resolved performance issue in analysis
194 42 Linus
195 42 Linus
Version 0.9.0
196 43 Linus
197 42 Linus
* Initial public release
198 1 Alex
199 1 Alex
h1. Training Material
200 1 Alex
201 1 Alex
As a primer to the snoopsnitch detection approach, we have prepared a set of hands-on "training material":https://opensource.srlabs.de/attachments/download/114/snoopsnitch_training_material.zip.
202 1 Alex
It contains network traces of IMSI catcher attacks and silent SMS and an analysis guide.