As someone who doesn't follow the cellular scene as much as I probably should, the immediate question I ask is: what is the impact of this development work from the security standpoint of (potentially stealth) voice/data interception on ordinary telco-provisioned cellular devices?<p>I realize GSM implements horribly broken authentication schemes, that almost all cellular devices out there implement GSM (and GSM fallback) in order to be implementationally complete, and that it's subsequently trivially possible to (near-transparently) take over arbitrary devices using reasonably inexpensive hardware and a bunch of open software if you can jam the 2.5G, 3G and 4G bands.<p>I'm just curious what the hurdles are to do this for 3G (and beyond), from an academic security standpoint. There are obviously whole swaths of layered encryption and so forth that would need to be dealt with, I expect that; and I admit my total ignorance - and curiosity! - as to what that is.<p>I vaguely recall obtuse rumors that suggest the existence of privately-owned 3G implementation(s) out there that do what I'm describing. I'm curious if this open-source work is lowering the barrier to the accessibility for this sort of thing.<p>This is an important question - I recall reading at least one story (I think from here) about the questionable legality of unsolicited cellular wiretapping operations (done via GSM) that have been noted by the news media.<p>(As an aside, I think that open-source GSM implementations exist is kind of neat - if you're ever in the middle of nowhere (or an equivalent setting) and you can setup base stations, old GSM phones are hundreds of times cheaper than CB radios.)