OpenCellID was bought up by an Indian Startup

[gaga9999]

I switched off AIMCD because I dont trust them yet. Whats your oppinion on this? Should we build our own Database, does anyone have a copy of the old opencellid database? Maybe thats the reason i didnt get any cell data in the app for the last weeks.

see: https://opencellid.org/

[He3556]

Hello gaga9999,
we need to use our own (local) database. We are discussing our next steps in this thread https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector/issues/926 thanks for testing

[gopi-ar]

@gaga9999 my company Unwired, is the new maintainer of OCID. My team's working overtime to get all the endpoints up and running while ensuring nothing breaks for existing users.

We weren't aware of the auto-registrations in the old code-base and are looking into enabling them once we figure it out.

[He3556]

thank's for the information. The auto-registration was a workaround because we had no developer key we could use (anymore). We are also working on a new version of AIMSICD... so no need to hurry.

[jfariasf]

I forked the project to see if I could help or test some features with my double sim phone, and I saw the opencellid API isn't working anymore nor is offered by the buyer company. With a local database, how would you know if your phone isn't already compromised (I assume you'll be adding all found towers to the local database, including malicious ones)? How would you assume "new" detected towers in the area are safe or not?

[He3556]

Hello @jfariasf thank's for your support

There are different types of detection.

• One can be to monitor the traffic (protocol layer) and search for the typical "behavior" of IMSI-Catcher.
• Another is to monitor the signal strength of the BTS(s). With this data + your own position, you can calculate (for example triangulate with min. 3 locations) the location of the BTS. This method is used by OCID and also Unwired (as far as i know) for locating real BTS. Maybe it sounds easy but it's absolutely not.

So if you start with some kind of a "type2" detection without a cell database, you had to assume there is no catcher, to be able to detect it when it is there at a later time.

As far as i know, OCID was always quite restrictive with new Cells/Data. But if the fake BTS is masqueraded it will have quite the same identification (CID/LAC) like a real one but not the same signal strength in this location. I would not call it compromised - maybe poisoned for a while, until the system has fresh data from the real BTS.

[CrimsonFork]

May this be the reason that the app closes itself when trying to download new data? Or should I rather open a new issue for that?

[Nordlenning]

854