There's a lot of amazing stuff which is incredibly accessible for such a low amount of money (spectrum analyzers with amazing VBW for 1/20th the price you'd pay 10 years ago, hell, the whole SDR scene), but there's really no Tor you can hide behind. Our civil servants might not be the brightest of the bunch, but they can triangulate a transceiver I'd imagine. If you choose to do this, broadcast in the ISM band around 912, and you should be safe..ish if you keep your broadcast under a watt. I love playing with gear but there are safer ways to get your jollies. As someone who did his share of foolhardy things in my youth, I could see myself as a precocious teenager doing something dumb like this - if you're that 15 year old reading this - don't. There are tons of fun things to do out there with a way, way lower risk factor. (If you really want to play with things you shouldn't, the modern power grid is filled with a mesh network, broadcasting your power consumption to the peers in your network. It's on RF, and as such they have to legally disclose the nature of the broadcasts to the government, and those databases are public. Have fun ;))
Think it was this one
Radio spectrum is a finite resource. If you look at a chart  of US Frequency allocations, amateur radio operators have been given the right to transmit on a relatively massive fraction of the physically available spectrum. It would easily be worth billions if it were commercial. Instead, due to the quirks of history, the public has been given wondrous access to the airwaves. It's a public resource, like a park, and it's the Grand Canyon, it's Yellowstone, it's Yosemite. As hackers we have to respect it, and we have to protect it by using it responsibly. We need to get licensed, and we need to educate others so we can avoid a tragedy of the commons. Illegal transmissions are like litter. If we don't follow the rules and treat the amateur spectrum well, the FCC could plausibly decide to auction it off. It's not like there isn't pressure to do so. Demonstrating a DIY BTS is very cool, but at least have the decency to test it in a faraday cage. Don't litter in my park.
Amateur radio is fun, and it's one of the original electronics hacker activities. Get licensed, assemble a few simple electronic components, and talk to someone else (often like you), potentially thousands of miles away. All without reliance on any extant communications infrastructure. How cool is that? It's a tremendous way to learn about physics and electronics, and there are many exciting things happening with digital transmissions. It's a magical thing when you hear a foreign voice coming from your speaker, carried from a transmitter a continent away. Learn, build, and have (responsible) fun in the park!
Nonetheless, I'd be up for discussing escrowed, authenticated encryption or key retention with random civil audits. That would be better than nothing. They could have an auditor that's nog a cop get the keys to certain transmissions to check them. Only forwarded to authorities if criminal activity is found. This would let us retain privacy quite a bit while mitigating issue you mentioned.
That's freaking wild. I remember my brief forays into the subject also had me fascinated with the idea of meteor burst communication where I was bouncing stuff off exploding meteors. Haha. With further digging, the source of my first link was surprising:
The second wasn't as DTIC is one of the most badass, if little-known, resources for technical information. Obscure, but great, insights buried in that organizations records.
If his name seems familiar, it's because it's the same Joe Taylor who was awarded the 1993 Nobel Prize in Physics (for his radioastronomy work on pulsars):
My understanding is that many countries that wanted GSM systems (and ham communications) think encryption is tantamount to devil worship.
Convicted felon never looks good on a job app
Although those corporations have been a bit cheeky - collusive - with some of those auctions.
A cell tower is elevated, outdoors, transmits +10 W, and runs 24/7.
Your BladeRF is likely to be indoors at ground level, has an output power of about 10 mW. You aren't going to get very far with that. You'll likely have problems detecting the signal over 100 meters, much less connecting and using it.
It may be illegal, but if you aren't causing interference you'll have a hard time getting caught. That being said, yes. Check your local laws. If you do cause a problem and it's tracked down to you, expect to have some serious legal issues.
That would be bad.
However, there are a few sub-cases (most of which will still in part fall under the first one)
a) Educational - you can learn a lot about how telecom networks actually work by playing around with your own BTS. However, it would be advisable to do so in a place where your emissions don't interfere with other, legit operators - say, in a mine or something. (I am not being flippant here).
b) Nefarious, non-state: it is trivial to trick any compatible cell phone into connecting to your rogue BTS instead of one belonging to the victim's carrier. This could be done transparently to the victim - ie. you forward his call data to the network at large, MitM-ing him and monitoring his conversations.
c) Nefarious, state actor: Much the same purpose as b), though presumably a (legit) state actor would be able to just serve the telco with a warrant to get at the same data - the exception being, of course, if you were operating on someone else's turf - say, you are some intelligence service operating abroad, eavesdropping on another state's principal actors, for instance.
d) Fun (closely related to a) above) - say, in particular if you operated in an area with no effective RF licencing regime (failed states and offshore springing to mind), you could effectively become your own cell phone carrier, for instance while hosting a conference on a vessel in international waters, allowing participants to use their handsets to get in touch with each other. This option could be utilized either with or without a gateway to the global phone network.
But as it develops, it could be useful for building networks in developing countries, or for deploying emergency networks as it will be far lower cost than commercial equipment.
(This is because it's an archiving machine designed for people; it will x-forwarded-for your IP address to the target site as if it were a proxy)
Also, did anyone else notice that the title-text for paragraphs (specifically, each <span> element) is in Portuguese? i.e. If you hover over a sentence in the article, the title-text displays its Portuguese translation.
This is also what the police stingray devices take advantage of.
In NMT networks, for instance, ghost handsets were a major issue - you could register onto the network and place calls and the operator would have nowhere to send the bill.
Not such a good idea for ordering pizza, but great for lengthy international calls.
Here in Norway I seem to recall that our national telco simply blocked calls from the NMT cellular network to a number of countries on the assumption that any call placed would be fraudulent, anyway.
To have "proper" user authentication, you could just buy blank SIM cards which you can provision with keys and identification as you see fit.