Fairly straightforward to use these in other core networks. Not sure if this one implements the signalling for it.
Fun fact though - if a phone is without signal on its home network, it will attempt to join any valid 3GPP network it sees, and the cell broadcast/emergency alert will be triggered on the handset (even without a valid SIM) - no authentication takes place.
I think this vulnerability potentially has the biggest real-world impact. This has been shown in a couple of proof-of-concepts… Merging this into public repos would have zero positive impact, I think.
I'm inclined to agree with you there. Anyone that wanted to do it could figure it out anyway from the standards docs and broadcast the right data in the SIBs, but it is probably better not available as a "click and run" type setup.
Although in saying that, this is unlikely to change any time soon, as the idea of CB/PWS is to provide an emergency message that can be highly time sensitive in some scenarios (earthquake, tsunami, etc.) without delays due to authentication etc. Failing to show the message could be higher risk than showing a false message in a very localised area (based on what someone with an SDR can send.)
Fun fact though - if a phone is without signal on its home network, it will attempt to join any valid 3GPP network it sees, and the cell broadcast/emergency alert will be triggered on the handset (even without a valid SIM) - no authentication takes place.