cellular-infrastructure
/
imsi-pseudo
mirror of https://gerrit.osmocom.org/imsi-pseudo
9
0
Fork 0
Code Issues Releases Wiki Activity

spec: Not all countries require proof of ID when buying SIMs

This commit is contained in:
Harald Welte 2020-04-11 10:18:57 +02:00
parent 9d63d6fd72
commit 4dc664dd5f
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/imsi-pseudo-spec.adoc
View File

@ -6,12 +6,11 @@
A long-standing issue in the 3GPP specifications is, that mobile phones and
other mobile equipment (ME) have to send the International Mobile Subscriber
Identity (IMSI) unencrypted over the air. Each IMSI is uniquely identifying the
person who bought the associated Subscriber Identity Module (SIM) used in the
ME. Therefore most people can be uniquely identified by recording the IMSI that
their ME is sending. Efforts are made in the 2G and above specifications to
send the IMSI less often, by using the Temporary Mobile Subscriber Identity
(TMSI) where possible.
Identity (IMSI) unencrypted over the air. Each IMSI is a unique identifier for
the subscriber Therefore most people can be uniquely identified by recording the
IMSI that their ME is sending. The 3GPP specifications provide means for
implementations to send the IMSI less often by using the Temporary Mobile
Subscriber Identity (TMSI) where possible.
But this is not enough. So-called IMSI catchers were invented and are used to
not only record IMSIs when they have to be sent. But also to force ME to send