Penurious Penguin writes
"Last year a Slashdot story mentioned the case of Daniel David Rigmaiden, or 'the Hacker.' With the help of an IMSI-catcher device, law enforcement had been able to locate and arrest the elusive 'Hacker,' leading to U.S. v. Rigmaiden. But far more elusive than the 'Hacker,' is the IMSI-catcher device itself — particularly the legalities governing its use. The secrecy and unconstitutionality of these Man In The Middle devices, i.e. 'stingrays,' has caught some attention. The EFF and ACLU have submitted an amicus brief in the Rigmaiden case; and EPIC, after filing an FOIA request in February and receiving a grossly redacted 67 out of 25,000 (6,000 classified) pages on the "stingray" devices, has now requested a district judge expedite disclosure of all documents. Some Judges also seem wary of the 'stingray,' having expressed concerns that their use violates the Fourth Amendment; and additionally, that information explaining how the technology is used remains too obscure. Perhaps the most controversial aspect of ISMI-catchers is their several-kilometer range. When a "stingray" is used to spoof a cellphone tower, thousands of innocent users may be collaterally involved. And while the government claims to delete all gathered data unrelated to the target, it also means no one else can know what that data really was. The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary."
(More, below.)
Penurious Penguin continues, "The use of a pen-register (outgoing) and trap & trace (incoming) device, requires little more than a mewl of penal curiosity before a court, and no warrant or follow-up on the case is needed. The pen/trap seems unwieldy enough,
as the EFF explains:
"Most worrisome, we've heard some reports of the government using pen/trap taps to intercept content that should require a wiretap order: specifically, the content of SMS text messages, as well as "post-cut-through dialed digits" (digits you dial after your call is connected, like your banking PIN number, your prescription refill numbers, or your vote for American Idol).
intercept information about your Internet communications as well."
Precisely what data these "stingrays" collect will hopefully be soon revealed through such efforts as those of EPIC. It should be noted that the Stingray is one of multiple devices with the same application. The Stingray and several others are trademarks of the Harris Corporation. Some are quite pricey ($75,000), and others are, as mentioned last year by a Slashdot reader, peculiarly affordable — and available. For a more comprehensive overview of the subject, see this Wall Street Journal article."
Slashdot Mirror
What the fuck is going on here? The Slashdot summary says "Harrison Corporation" near the end, but looking at the links show "Harris" as the company behind these particular devices. I mean, it says the name right in the logo in the pictures of the device, and on the document! The logo basically is the name, for Pete's sake!
I'm going to go on the assumption that the linked-to content is right, and that Harris Corporation is the correct name to be used in this case.
Penurious Penguin , you need to get your shit together and use the right company name. Maybe it was an honest mistake, but it really makes me think less of what you're saying when you can't even express such basic facts correctly. Do you see where I'm coming from? Do you?
And the Slashdot editors should have caught that right away. It is absolute rubbish that such an obvious mistake could be made. Absolute rubbish, I tell you!
yup, turnkey police state
Penurious Penguin
Too late for that one...
Secret Stingray
That'll do!
systemd is Roko's Basilisk.
The government is evil.
The only point these "redacted" things have, is to hide criminal activity.
A government has no right to keep privacy from its citizens. Just like it has no right to take privacy from them.
If they redact it, it must count as treason and result in jail until the full info is released.
If 'stingray' is the IMSI catcher MITM device, you can watch these from a defcon demonstration: http://www.youtube.com/watch?v=wjYAAmHvt-g
In short, you pretend to be the cell network and pass communication through. The handsets generally don't care or warn the user, you can issue all kinds of instructions to the handsets, it doesn't take a whole lot of gear, and you're now the network before the network.
Problem solved ( for at least one side of the call.. )
---- Booth was a patriot ----
Nokia Lumia 900 phones easily warn the user by randomly launching Bing or Microsoft Tellme without the search or home button being pressed. This can happen 2 to nearly 13 times in a row when it does occur. Users think this is a bug. Neither Nokia nor Microsoft is quick to fix it. Phone monitoring is the obvious reason why.
Summed up as
"A government by the people and for the people should not be allowed to keep secrets from the people!" -- Me for the last 8 years.
The problem is that if it is deemed of National Security, they get to redact it. There is no punishment in place that could be applied if they remove it for national security reasons and it is later found to have been for criminal reasons. Example: the fact that a us company paid in tax payer dollars provided young boys for sexual use by Afghan Cops.
http://blogs.houstonpress.com/hairballs/2010/12/wikileaks_texas_company_helped.php
Which was classified and thanks to WikiLeaks is now known.
you're now the network before the network.
add a beowulf cluster of smartphones and you'd have the network before the network before the network.
I could care less if the FBI hears me telling my wife I want fuck her brains out tonight while they are investigating a drug trafficker in my neighborhood. The sooner they get him, the less they'll hear me dirty talking with my wife.
Unless they hear you talking about why you hate the government (or a particular FBI officer), of course. Your life could instantly become hell.
I don't know what all mobile platforms there is APIs / permission for this but I do know theres enough information provided from the RIL to be able to detect and track tower data.
Reckon an app could be developed in to keep track of towers in the area and alert users if there are any changes.
It could also crowdsource and mine data to uncover patterns useful in catching anyone using such devices.
Hey Mitt,
Your wife likes it better when I talk dirty to her.
"There are many more laws than can possibly be enforced by, or even known to, our ever-growing army of cops, judges, lawyers, and lowly citizens. This isn't an accident of the system run amok, it's the way the government WANTS it. There are at least two reasons for this:
One, the more laws there are to be broken (and the more obscure, the better ) the greater the stream of revenue from fines and violations and the more government jobs there are (cops, health inspectors, banking commissioners, etc.) in enforcing these laws and processing both the violators and the revenues.
Secondly, the fact that since there are probably 1,000 times more laws on the books than are known to the citizenry all but ensures that everyone's guilty of something. And in the government's eyes, it's good that virtually everyone is a criminal of one type or another. Here's why: Because if you ever challenge any part of the government; the Housing Department, the Board of Education, the Bureau of Licensing and Regulation, the Election Board, the DNR, the DMV, the BLM, or whatever, it'll be able to find something, maybe many things, you're guilty of.
And that, my friends, is its insurance policy against you. If you raise a stink about anything, no matter how legitimate, the full force and power of the government could be channeled into crawling up your wazoo with a microscope to find out everything you've ever done wrong and then using those transgressions to either discredit you or to bully you into staying mum about whatever gripe you've got or scandal you could expose. It's nothing but a racket. Blackmail. A seedy bastardization of the "checks and balances" system your nation's founders envisioned and engineered to protect you from governmental abuses".
http://whiskeyandgunpowder.com/everyones-a-criminal-there-ought-not-to-be-a-law/
"Kill 'em all and let Root sort 'em out"
Is it possible to use an encrypted tunnel phone app to blast across the Tor network? Please don't mention Skype.
You're just guessing, right? I mean, you aren't totally sure it's the Stinger or AT&T. But, it seems like a logical guess that someone or something seems to ben randomly pinging phones because mine will do it too. Right in the middle of web browsing or playing a game, bzzz, then Bing or else tones then Microsoft TellMe pops up. I'll see your 13 times and raise you to 14 times I pressed the Back button and Microsoft TellMe popped right back up. Very annoying. Another time, I pressed the Back button and Bing popped right back up for a total of 8 times. Equally annoying. A user on one of the Nokia support forums guessed it was the speaker, but it happens with earphones too.
SOMETHING IS WRONG WITH THOSE PHONES! Nokia, Microsoft, and AT&T owe someone an honest explanation as to what is going on. Otherwise, I too will suspect some sort of random phone monitoring going on. That's because it doesn't happen with any sort of regular pattern. The phone will go an hour without doing that and then it happens. Then it will go several hours or even an entire day without it happening again. I'm not buying the Lumia 920 because of what happens with the 900, and if it is phone monitoring then I will file a lawsuit.
VOIP will protect the data if the content is properly encrypted, but headers and locations are still exposed. The phone can still be identified and located, which is already great information for the police. The IP addresses can be tracked in the header and voila, pen-register services without a warrant. And if VOIP is not encrypted, or if the encryption is weak, even the content can be accessed.
It is easy to listen in on a VOIP call:
http://www.google.com/search?q=voip+spy
It is sad that we need encrypted tunneling just so our government won't listen in on our private conversations.
"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." - Benjamin Franklin, 1775
http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution
"The Supreme Court also held that individuals in automobiles have a reduced expectation of privacy, because vehicles generally do not serve as residences or repositories of personal effects."
Who expects their phone conversations to be private? And more importantly, what is this privacy thing anyway? (with apologies to Doug Adams)
Some things need to be kept secret. For example, the identity of undercover cops infiltrating gangs. But of course, secrecy can also be abused to cover up wrong-doing.
The only way to determine whether or not something should be secret, is to look at it. So we need a third party trusted by both sides to do the looking. They need to be trusted by the government not to reveal something that really ought to be secret, and they need to be trusted by the people not to cover-up something that should be exposed. Sadly, I doubt such a party could ever exist. There will always be some fascists in the government trying to corrupt it, and there would always be some tin-foil paranoids insisting it's all a big conspiracy.
TOR is the next step of escalation. The cyberwar arms race has been going on for a long time, and it's it's not just governments.
Horse (& cow) traders in the Midwest caused a surge of demand for cell phone encryption in the early 90's when news of how easily one could tap FM cell calls got out. The FCC's stand was that they were secure because listening in was illegal, even if the needed equipment was sold at Radio Shack.
Sure, location could be gathered but that doesn't always tell you much ' he was in a Starbucks making a call ', its who you call when that is a bigger deal.
Also, i was thinking wifi, and turning off the cell radio. Harder to track that way. Plus this is all done on a throaway ( used or other cash market ) cellphone so it isnt traced back to you personally.
Assumption is that proper encryption is being used, of course if its not then all bets are off.
---- Booth was a patriot ----
THIS.
Why is it that all you idiots still parrot the "well, if you're not doing anything wrong ...". There may come a time that the government is your enemy, and I DAMNED SURE would not want to be listened in on at that point in time, so just don't ever let it happen.
So sayeth the person who posted AC.
Another /.'er posted a quote a while back that I've, umm, appropriated in other conversations on this topic: "Everybody poops, but it takes a very special person to do so in public." Suppose it wasn't your wife you were talking dirty to, but your mistress--or secret gay lover. Have you ever used marijuana, or taken medicines prescribed to someone else, or driven over the speed limit, or overestimated your charitable contributions come tax time, or many other laws, or indiscretions? Certainly you've kept track of the tens of thousands of laws on the books religiously and ensured you've never violated any of them right? And you've never done anything which while not illegal; may not be something with with you'd want to share with your spouse, boss, preacher, mother, etc?
The FBI may one day pay you a visit while you're mowing the lawn or at work and say, "Hey, we understand that you really don't like those folks pushing drugs in your neighborhood; how about you give us a hand?
You: "How so, exactly?"
FBI: "Well, you're obviously aware of the traffickers, why don't you point out the places you've seen them, identify them in a police lineup, and testify against them in court?"
You: "But wouldn't that put me in the cross hairs of the gang(s) running drugs in my neighborhood?"
FBI: "Possibly, but we'll review the case in 3-6 months and we may enroll you in the federal witness protection program if you help us secure some convictions."
You, "But I'll have to move, find a new job, and probably leave behind my friends if I did, and what if there wasn't a conviction? I'm not sure this is such a good idea."
FBI: "I thought you wanted these drug traffickers off your street, are you now trying to obstruct justice? Perhaps we should detain you, or how about we tell your wife about your liaisons with Tiffani."
Javascript, cookies, flash, and ActiveX must be enabled in order to view this sig.
But But But .....is for you good.
After hearing about all the public delays and expenses of government projects, one has to wonder how much this actually cost the tax payer!
I'd have figured with the ability to remotely activate and tap cell phone mics that a physical MITM approach would be unnecessary. I guess they really needed to get at the content of SMS messages?
Hey Mitt,
Your wife likes it better when I talk dirty to her.
Actually, Mitt's wife prefers the company of women.
Poor Mitt, no wonder he is running for office, he probably doesn't
enjoy being at home.
The FISA court was doing this, in a way, a while ago. Now, of course, the govt just bypasses FISA.
"The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary." Just the fact that I called a specific number at a specific time is private information, regardless of the content. How is it a search warrant isn't necessary?
If you're not a fucking criminal then you have nothing to worry about.
I am also glad that law enforcement is made up of robots who can be trusted to never abuse private information which, while not illegal, could certainly be used to unduly influence or harm those to whom it pertains.
FBI agents have never engaged in practices using information about private, legal events to coerce or damage private individuals, or to enrich themselves at the expense of others. I am so glad it's not possible that could ever happen, either.
Witness protection? Why? He's done nothing wrong, so obviously has nothing to hide. As long as he does right and testifies, nothing bad will happen to him because he did the right thing. Witness protection is hiding, and only people who have done something wrong have anything to hide.
I dunno, Bush III may get another 4 years before Bush IV gets his chance. It's a toss-up.
Wasn't 'squirrel' macho enough for the brute force and ignorance crowd?
Old news. Cops have been using this for at least 2 years. It's the US an its government sanctioned. Why are y'all so fucking surprised. By the way they can X-ray your fucking house and see what you are doing inside. Are you surprised that big brother is watching
How the feds target the innocents:
http://threefelonies.com/Youtoo/tabid/86/Default.aspx
New Economic Perspectives
First they assassinate Steve Irwin; now they spy on our cellphones? When is the government finally going to declare war?
This stuff is real.
I don't have a problem posting AC or with people that do. I don't need a username to post an opinion.
Like I said and in rebuttal to your bullshit. Don't come up with excsuses against law enforcement requirements to keep up with technology.
If 'stingray' is the IMSI catcher MITM device, you can watch these from a defcon demonstration: http://www.youtube.com/watch?v=wjYAAmHvt-g
In short, you pretend to be the cell network and pass communication through. The handsets generally don't care or warn the user, you can issue all kinds of instructions to the handsets, it doesn't take a whole lot of gear, and you're now the network before the network.
===============
All that is going to happen is that communications will be encrypted on the device before being transmitted. With this mode, stingray operations will intercept encrypted data.
Leslie Satenstein Montreal Quebec Canada