FP2 and SnoopSnitch

OK, got my fairphone2 now and tried to install SnoopSnitch (https://opensource.srlabs.de/projects/snoopsnitch).

Unfortunately, the installation fails with:
In German: "Ihr Gerät ist inkompatibel. Grund: Ihr Gerät ist nicht gerootet (kein su binary gefunden)
Which mean: The device is incompatible. Reason: Device not rooted (no su binary found).

Well, I though the FP2 is already rooted (but I have no clue about what this means in detail, because this is my first smartphone…).
So, can somebody help to explain what the problem is or give a hint what to do?

Thanks and best

FP2 is not rooted by default. They said they would release instructions on how to root it soon.
If you can’t wait you can use KingRoot at your own risk.

1 Like

Is there an explanation for what root access means here in this forum? I tried to find one using the search function but wasn’t successful. Possibly it might be a good idea to add a wiki entry or such for this kind of things. :slight_smile:

Here’s an explanation used by @Stefan before:

1 Like

Here you go:

Root - Fairphone Forum Dictionary


Works on Open OS.

No snoops or IMSI catchers at Fairphone office :slight_smile:

1 Like

I had it running also for some time, with two events, which most probably were those “harmless” events while roaming…
But it’s a real battery hog, which is why I only start it very occasionally

Yeah, I only keep it running when I’m at my desk and the Fairphone 2 is plugged into a charger.

SnoopSnitch and similar programs like AIMSICD (Android IMSI Catcher Detector) are for sure interesting programs - I have tried them both, but we have to be aware that IMSI catchers are already a pretty outdated concept of mobile communication interception and much more stealthy methods do exist:

  • Smartphones can be manipulated by the network provider via OTA (Over The Air) updates.
  • Some GSM communication on G2 networks can be intercepted with a cheap USB TV-dongle based on the RTL chipset. This attack is completely passive and cannot be detected. Decryption is sometimes possible by the means of rainbow tables (lookup tables of pre calculated hashes for decryption).
  • One of the biggest vulnerabilities is not the radio link, but the SS7 (Signalling System 7) system that allows the different network operators to communicate with each other - for example for roaming purposes. These attacks happen over the internet and even although SnoopSnitch displays SS7 attacks it is important to acknowledge that only uncovered attacks are listed - there is a lot we do not know about!
    Rather than draining my battery by trying to detect a possible threat I would suggest to be aware of these problems and invest in more secure communication:
  • This might sound paranoid, but just keep in mind that your phone might not be as secure as it looks like. Avoid to talk about confidential data (passwords, credit card data, etc.) on the voice channel.
  • End to end encryption: OTR apps like “chat secure” use this. WhatsApp does it as well, but WhatsApp is closed source and they possibly store a lot of metadata (who talks to whom).

I tried both SnoopSnitch and AIMSICD on Open OS. SnoopSnitch works fine, but AIMSICD crashed my phone regularly. My guess is it’s an AIMSICD bug because otherwise the phone is running stable :slight_smile:

True that.

Here are two links for people who want to dive deeper into two things you talk about;

SS7: Locate. Track. Manipulate. You have a tracking device in your pocket
Companies are now selling the ability to track your phone number where ever you go. With a precision of up to 50 meters, detailed movement profiles can be compiled by somebody from the other side of the world without you ever knowing about it. But that is just the tip of the iceberg
60 m. Watch here.


Baseband Exploitation in 2013. Hexagon challenges
Exploitation of baseband vulnerabilities has become significantly harder on average. With Qualcomm having grabbed 97% of the market share of shipped LTE chipsets in 1Q2013, you see their chipset in every single top-of-the-line smartphone, whether it is an Android, an iPhone, a Windows Phone or a Blackberry.
Watch here


Thanks for sharing this. Here is the link to the main website about RTL-SDR dongles (not only GSM related): http://www.rtl-sdr.com