Intercept everyone's calls
Insecurity expert Chris Paget built a cheap mobile cell and proceeded to have every AT&T phone in the area patched through his system.
Using only several thousand dollars worth of gear, Paget was able to intercept mobile-phone data on the GSM networks used by AT&T and T-Mobile. He built a home-made system he calls an IMSI (International Mobile Subscriber Identity) catcher. Within minutes of activating his IMSI catcher in test mode, Paget had 30 phones connected to the system. Then, with a few keystrokes, he quickly configured the device to spoof an AT&T mobile phone tower.
As far as the phones were concerned they were talking to an AT&T mobile tower and automatically connected to it. Such phone interception is illegal in the US. He got around the legal problems involved by setting his device to operate in the 900MHz band
used by Ham radio devices. But not all GSM devices will connect to Paget's IMSI catcher, however.
Quad band phones will connect, but US phones that do not support this 900MHz band will not. However it would be a doddle to change the frequency. Even as it is, he can't stop iPhones connecting to his bogus tower. He said Jobs' Mobs' phones connect too easily and he can't “keep the damned iPhones away."
Paget didn't record or play back any calls, but he said he could have. His IMSI catcher can get around mobile phone encryption by simply telling the connecting phones to drop encryption.