A handheld signal jammers is a jamming device that can interrupt the connection between a phone and a transmission tower through active transmission - and is highly illegal. For example, they are only used in German prisons to prevent calls from smuggled mobile phones.
Fortunately, anyone battling cell phone users has bad cards: suffering is costly, hard to spot and compelling. Moreover, because of their high transmission power, they can be targeted relatively easily - like the illegal amplifiers, known as burners, used by CB radio operators.
But such efforts are simply not necessary, as IT experts at the Technical University of Berlin just demonstrated at the Usenix conference: In theory, 11 phones and some open-source software are enough for an ultra-small mobile operator to bring down an entire network in a short time. A big city like Berlin. Here is a summary of the meeting.
The software is an open source baseband. Baseband is basically the modem firmware that is installed on every phone and smartphone and is responsible for handling basic communication with the cellular network.
When a call comes in, the network operator starts broadcasting - what's known as a pager: a message is sent out from all the cell towers near the potential recipient, and all registered phones receive it. Message: "I have a phone call" with a clear destination identifier. If this message reaches the correct phone, it will reply "here, here." The call is forwarded to the appropriate cell and reaches the recipient's cell phone.
Trick used by IT staff: The manipulated baseband simply responds to each incoming call with an "I'm here" signal, regardless of the actual receiver - and faster than the actual recipient. This means the call cannot be found. The same goes for SMS messages. In theory, text messages can even be intercepted and read, thanks to the GSM standard's cracked encryption. Particularly dangerous: In this way, criminals can also access mTAN for online banking.
By the way, this attack only works reliably in the GSM standard. The same trick could theoretically work for UMTS and LTE networks, but so far no hardware or software is required for testing.
There is currently no security protection against these attacks. That would require changes to the GSM standard and new encryption technology, but it would cost money. We can only hope that it's not the end customer who pays the ultimate price.