If you’re a professional in a business that requires protecting valuable assets, or high-profile clients, or have a very attractive personal profile yourself, you should invest generously in private mobile communications. In addition to this, mobile communications of entrepreneurs providing private guard services for high-profile clients, are very valuable targets for hackers, and sociopaths. Due to advancements in digital technology, financially privileged sociopaths are leveraging mobile surveillance technology, to secretly harass and manipulate people using mainstream mobile network services. This article is about mobile communications in general. It doesn’t matter if you’re using traditional two-way radios or modern mobile devices like smart phones or tablets.
Mobile communications of private security services with high-profile clients, are very valuable targets for sociopaths
If you’re in a business dealing with sensitive data, or protecting high-profile individuals, it’s almost a guarantee that your mobile communications are compromised or being illegally targeted. Neglecting to secure the privacy of your business makes it accessible to sociopaths, and others seeking to manipulate your business activities. Mysterious incidents experienced by many people are the result of financially privileged sociopaths, manipulating the lives of individuals they’re infatuated with. These incidents are usually the result of compromised mobile communications being used to track GPS, monitor voice calls, e-mails, and text messages. Armed with continuous access to this data, a wealthy sociopath can gain significant control over a persons life. This data is used to probe into the lives of friends and family, in order to find out how to best control or influence them. All of these things are done primarily through watching and listening to several mobile communication devices. People that don’t realize when these things are actually happening to them, are usually living under the control of these sociopaths. Whatever your situation is please consider the importance of your privacy.
Most if not all services that claim to protect your mobile communications privacy are filled with back-doors
There’s no simple way of securing your mobile communications. Most if not all services that claim to protect your privacy are filled with back-doors, that enable third-parties to access data from your device. The alternative is to not use mainstream corporate solutions, but have an independent contractor setup a real solution, that’s simple enough to understand and meet your needs.
What strategies are employed will depend on your situation. If your in the business of protecting high-profile individuals, or extremely valuable assets, a greater level of security is required. For mobile communication you should consider your own secure resilient mobile communications network. Reliance on third-party corporate networks isn’t a good idea, although most people use them to avoid the complexities of managing their own. These third-party services have proven to be unreliable, and at the center of mysterious events. You should seriously consider using your own mobile communications network for high-risk operations, especially if you’re a private security contractor.
You should seriously consider using your own mobile communications network if you’re a private security contractor.
I build mobile networks for private communications. My solutions depend on the need as explained above. Unlike mainstream corporations, I’m able to work in an agile manner, seeking innovative ways to meet the needs of my clients. Traditional methods used for mobile communications are costly. Hand held two-way radios with weaker security, easily cost $1,000.00+ for the most basic setup. In addition to this, purchasing sufficient security is more expensive and complicated. I prefer leveraging less expensive COTS (commercial off-the-shelf) mobile technology and open-source alternatives when possible. Today there’s no simple solution to privacy violation related to mobile communications. Most of the complexity comes from centralized management of companies claiming to provide communications privacy. Usually these businesses provide networks with a central point of operation that can’t be properly protected.
Unlike mainstream corporations, I’m able to work in an agile manner, seeking innovative ways to meet the needs of my clients.
Mobile networks are more reliable and resilient when a decentralized architecture is employed. Designed in such a way that each node has equal functional responsibility; there’s no central point at which failure can occur. This mean that no node is considered an access point, router, or other specific functional member. Each node’s role is undetermined and changes according to the network’s state. This arrangement is depicted in the diagram 1.0 below. Deviating from centralized architectures minimizes risk of compromise, but also puts more responsibility on users.
[1.0 Example of decentralized network configuration]
A Mesh STA is a node that has the same functions as a node providing authentication, routing, or other functions on a traditional network. The Mesh Gate allows access to the Internet. Any node can access the Internet by routing packets through other nodes. If any node goes down in the network, any other node can take over the routing. Moreover if several nodes are separated from the mesh network, but in close proximity to each other, those nodes will create their own mesh network until they rejoin the original. New nodes can join the mesh network through any Mesh STA providing they support required functionality. In a situation where teams are working together, this network will increase and decrease in size depending on how many devices are in range of the signal. Using this configuration we established a more resilient mobile network. These types of wireless networks are called mesh networks and are supported by the 802.11 standard for wireless communications. We can now consider authentication and securing the network during its operation.
During the operation of any decentralized mobile network, nodes will continuously connect, and disconnect. These networks are used in situations where nodes may need to move outside of range without notice. In cases like this rejoining the network must require some type of automatic authentication. Establishing a connection to the network can’t be too complicated, but it must use a secure robust method. There are several options that depend on client’s scenarios. A review of client’s application scenarios is required in order to determine the best method for authentication. There are scenarios that require enhanced security protocols to be built on top of existing techniques.
If several nodes are separated from the mesh network, but in close proximity to each other, those nodes will create their own mesh network
An example of an authentication technique to secure mobile network communications, is to require each node to have a set of 256-bit AES (Advanced Encryption Standard) keys for signing, encryption, and decryption. Using public-key cryptography techniques, each device on the mesh can validate the authenticity of the node attempting to connect. This protocol requires each node on the network to have a copy of all public credentials of devices that are capable of successfully authenticating themselves. Nodes that aren’t recognized by digital signature validation methods are rejected. Even if the node doing authentication is compromised, the other nodes will still reject the authentication. This is a secure protocol because no private credentials are exposed, only public authentication data is copied to other nodes. A hacker eavesdropping on the communications could not intercept without being noticed or acquire any valuable information.
Using public-key cryptography techniques, each device on the mesh can validate the authenticity of the node attempting to connect.
After the authentication process is complete, all communications with the authenticated node must be secured. Well established digital encryption technology is used for this purpose. A protocol used to obtain an encryption key for encrypting communication between two or more nodes is Diffie-Hellman. Protocols designed to protect against man-in-the-middle attacks used against Diffie-Hellman have been developed. Given the public credentials copied to each node in the mesh, as explained above, it would not be possible for an intruder using a man-in-the-middle attack to send modified credentials and deceive the network. Combined with the copied credentials, the Diffie-Hellman protocol can be employed without care for this threat model. Below is the traditional Diffie-Hellman protocol depicted in a diagram. An attacker could use a man-in-the-middle attack to compromise the public-key exchange done at the ‘Exchange Public Keys’ block in the diagram. We avoid this attack by placing a copy of the public-keys and other credentials on each node in the network.
[1.1 Diagram of Diffie-Hellman protocol]
A modified version of the above diagram is shown below. The ‘Exchange Public Keys’ block shown in the above diagram is removed. Without this step there’s no way to use a man-in-the-middle attack against the network because there’s no exchange of information. We still calculate the public-key and the shared secret (encryption key), but skip the public-key exchange. New nodes that were not added to the original list of valid devices, can still have their public credentials distributed over the already established secure network. This can be done through a node that’s already authenticated on the network. Once the node’s public credentials are known by the network, which would include its digital signature, the device can be authenticated. In a situation where a device wasn’t initially built to participate in the mesh network, an interface for a public-key exchange could be made available. This would allow any device to download a software application and be authenticated. In addition to this various access limitations might be applied to devices using a public-key exchange that’s considered to be vulnerable.
[1.2 Diffie-Hellman diagram without public-key exchnage ]
Implementing security for mobile communications networks, requires a lot more work than explained here. A good understand of what happens at a higher level is shown in the diagrams. Average users of mobile networks won’t need to know the details explained in this article. Anyone concerned about their own safety, should consider gaining an understanding of what methods their mobile communication services are using for security. Professionals dealing in a high-risk business, that requires them to communicate over mobile networks, should consider what may happen if their communications are compromised, and that there’s no way of knowing if they’re compromised while using mainstream mobile solutions.
Any feedback would be appreciated. This article was not intended to extensively cover mobile network security implementation. Its purpose is to make readers aware of the importance of private mobile communications. Also businesses that require privacy during their daily operations, should have an idea of how security might be implemented on their networks. You can reach me at this e-mail address, Jimmy@SysConsultant.org
Jim Smith Freelance Software Developer 