I’ve been fascinated by software defined radio (SDR) for years but investigating the GSM cellular network has always been just a little too challenging and slightly out of reach. All of that changed earlier this year when someone finally posted a workable, step-by-step guide for decoding (but not decrypting) cellular (GSM) radio traffic.
For those not familiar, SDR involves moving much of the functionality of a radio’s circuitry into software rather than hardware. An SDR is a stripped down radio that outputs digital data to a host (usually a computer) where sophisticated programs decode the data into audio. For instance with an SDR and the proper software, you just need to change some code to make the radio play FM instead of AM. In recent years, cheap $20 SDR USB dongles have come onto the market replacing ones that used to cost thousands. (To get started, I suggest checking out http://www.rtl-sdr.com)
An SDR can easily pick up cellular phone transmissions but making sense of the data is complicated. Now you can read the detailed post here and make it happen. If you follow this EXACTLY, it will work!
UPDATE: Since the “2G Sunset” on 1/1/2017, I have been unable to find any local GSM transmissions in the 850 MHz band using “Kalibrate.” I think the solution would be to search in the higher 1900 MHz band, but to do so would require a new more expensive SDR with a wider frequency range.