Improve and harden alert triggers
Created by: SecUpwN
Thank you for your feedback! Please add below details so that we can help you a bit faster.
Agreements
Please check these boxes to ensure you've actually read and understood these important rules!
-
I have reviewed and accepted the guidelines for contributing to this project. -
I have searched the open Issues and made sure I am not filing a duplicate. -
I have read the notes on debugging and will properly maintain this Issue.
Overview
Please add a short and easy to understand description of the Issue you've experienced here.
We need to improve the situation mentioned multiple times by @agilob in https://github.com/SecUpwN/Android-IMSI-Catcher-Detector/issues/796#issuecomment-191288690:
AIMSICD should has a kind of fuzzy algorithm which decides what threat level is instead of hardcoding a few statements like "LAC changed so let's rise an alarm". This is really wrong and users proved it in many places before, eg. no internet connection for a few app restarts raises an alert, new cell missing in OCID raises an alert, travelling with high speed raises an alert, not having OCID key and having internet connection while travelling... raises an alert. This is broken behaviour that scares users who report us invalid issues. I responded to at least 4 threads where users were reporting false positives I also sent you an email with suggestions... nvm me, I'll just keep being ignored.
Reproduction
Please tell us the detailed steps on how to reproduce your Issue here.
Basically, it boils down to these things when false alerts are triggered:
- No internet connection for a few app restarts
- New cell missing in OpenCellID database (possibly when not downloaded, we need to add #181)
- Travelling with high speed (cell changes happen fast)
- Not having and OpenCellID key and having internet connection while travelling
@agilob, please be so kind to add more of your thoughts and ideas to fix this Issue. If I have not responded to your suggestions and emails in the past, it is not because I'm ignoring you on purpose, but because I get a huge amount of emails each day, have to manage this repository with way too many Issues and few developers and also have a private life, where people need me. So please do not take it personally when I did not respond in the past, I'll work on myself. Promised.
References
If your Issue is related to any other existing Issues or pull requests, please link them here. #796 (closed), #181
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.