The article mentions you need to brute-force 29 bits using an oracle. It doesn't mention this is an active oracle. That is, it requires interaction with the UE (target phone).
This makes the brute-force attack quite a bit harder, as you need to be in contact with the target phone for the duration of the attack (you don't need to do the attack in one go though).
This makes the brute-force attack quite a bit harder, as you need to be in contact with the target phone for the duration of the attack (you don't need to do the attack in one go though).