It's a risky game too. In the U.S., federal wiretapping laws make it illegal to intercept phone calls over the licensed frequencies used by mobile phones. In August, it took intense last-minute negotiations between lawyers from the Electronic Frontier Foundation and the U.S. Federal Communications Commission before security researcher Chris Paget could demonstrate a very simple tower spoofing technique at the Defcon hacking conference in Las Vegas.
Two months from now another hacker conference, Vancouver's CanSecWest, will invite hackers to break into mobile phones using a low power transmitter. If their baseband attacks work, they can win cash prices. Conference organizer Dragos Ruiu said that Canada's broadcast laws are "more lenient' for researchers who want to set up low-power towers for research purposes.
Still, it remains a touchy subject. "Last year we were worried about falling afoul of regulations," he said."Now we've figured out a nice safe way to do that so that we don't mess up anybody else's cell phones at the conference."
Ruiu expects some interesting results from the contest, called Pwn2Own. "It sounds like the radio parts of the phones are very shaky indeed and pretty vulnerable," he said.