Is it possible to sniff or record and process GSM 3G signals (from some reciever) given that there is no other signals interrupting etc (the most comfortable conditions)
Update (with some supporting material ) http://events.ccc.de/congress/2010/Fahrplan/events/4208.en.html
Sniffing and recording the signal is certainly doable, since that's what both cell phones and base stations do all day long.
Now the tricky point is that communications are encrypted, and decrypting the data from the outside can prove tricky. "3G" is a wide term, but (normally) 3G communications use the block cipher KASUMI. The best known cryptanalytic attack on KASUMI is a related-key attack which is something quite important for academics (especially since the attack can be demonstrated with two hours of computation on a PC), but by essence not applicable to the way KASUMI is used in 3G computation (it might be applicable if someone wanted to use KASUMI as a building block in a hash function, but that's really another subject).
So we can say that right now (early 2012), there is no known way to effectively break KASUMI encryption, provided that the block cipher is used properly.
The GSM protocols are complex beasts and it is possible that some weaknesses lurk in there, which might allow for security breaches without having to fight KASUMI upfront. I am not aware of any serious weakness of that nature (but absence of proof is not proof of absence). Also, be aware that all this crypto is only between the phone and the base station. The base station will then communicate the data to the provider network using whatever crypto, or lack thereof, that it wishes. If I wanted to tap on GSM 3G signals, I would do a bit of roof climbing and plug myself directly on the base station.
Yes, but you need a transmitter too, basically, you build a base station and MITM the connection by getting phones to connect through it (usually by lying and saying you are some major network), you then have to actually handle call routing and stuff as the base stations do.
