An Update on Cell Broadcast fake messages

2025-07-14

Roughly two years ago I wrote about Cell Broadcast and how that system seemed like it could be abused. This is an update on that post [1].

It is time for me to start seriously thinking about my bechelor's thesis. I remembered the Cell Broadcast topic and thought "Oh great, I'll just have some fun with that. Maybe try to prove such an attack to be possible or propose some mitigations". I reached out to a lecturer in hopes that he could supervise me and noted that I would like to write about Cell Broadcast. He replied, asking me to fill out a form with information on the thesis topic like expected scope, intended methodology and crucially the current state of research. I thought maybe things had changed since two years ago and did some looking around.

I came across a conference proceeding from 2024 [2] which cites one from 2019 [3]. The second one does pretty much everything I had thought of doing: Spoofing messages, seing that practically all devices treat them as real ones, and discuss different ways of solving that, including whether we might not want this to be solved at all. I probably missed this two years ago because they mostly use the terms "WEA" (Wireless Emergency Alerts) and "CMAS" (Commercial Mobile Alert System) instead of Cell Broadcast.

So yeah, I am looking for a thesis topic now. Good thing I noticed this before starting for real.

References

Expand to see References

  1. Cell Broadcast - Considering Authenticity, 2023, Andreas Hurka, Andressing.eu Blog, https://andressing.eu/blog/0004-cell-broadcast-considering-authenticity.html
  2. A Literature Review of Notification Systems: Challenges and Opportunities for Fake News Alerts, 2024, Sarah Elizabeth Jacobina De Witt; Hui Na Chua; Muhammed Basheer Jasser; Richard T. K. Wong, 2024 IEEE International Conference on Automatic Control and Intelligent Systems (I2CACIS), https://doi.org/10.1109/I2CACIS61270.2024.10649632
  3. This is Your President Speaking: Spoofing Alerts in 4G LTE Networks, 2019, Gyuhong Lee; Jihoon Lee; Jinsung Lee; Youngbin Im; Max Hollingsworth; Eric Wustrow; Dirk Grunwald; Sangtae Ha, Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys '19), https://doi.org/10.1145/3307334.3326082

An Update on Cell Broadcast fake messages © 2025 by Andreas Hurka is licensed under CC BY 4.0