Penurious Penguin writes
"Last year a Slashdot story mentioned the case of Daniel David Rigmaiden, or 'the Hacker.' With the help of an IMSI-catcher device, law enforcement had been able to locate and arrest the elusive 'Hacker,' leading to U.S. v. Rigmaiden. But far more elusive than the 'Hacker,' is the IMSI-catcher device itself — particularly the legalities governing its use. The secrecy and unconstitutionality of these Man In The Middle devices, i.e. 'stingrays,' has caught some attention. The EFF and ACLU have submitted an amicus brief in the Rigmaiden case; and EPIC, after filing an FOIA request in February and receiving a grossly redacted 67 out of 25,000 (6,000 classified) pages on the "stingray" devices, has now requested a district judge expedite disclosure of all documents. Some Judges also seem wary of the 'stingray,' having expressed concerns that their use violates the Fourth Amendment; and additionally, that information explaining how the technology is used remains too obscure. Perhaps the most controversial aspect of ISMI-catchers is their several-kilometer range. When a "stingray" is used to spoof a cellphone tower, thousands of innocent users may be collaterally involved. And while the government claims to delete all gathered data unrelated to the target, it also means no one else can know what that data really was. The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary."
(More, below.)
Penurious Penguin continues, "The use of a pen-register (outgoing) and trap & trace (incoming) device, requires little more than a mewl of penal curiosity before a court, and no warrant or follow-up on the case is needed. The pen/trap seems unwieldy enough,
as the EFF explains:
"Most worrisome, we've heard some reports of the government using pen/trap taps to intercept content that should require a wiretap order: specifically, the content of SMS text messages, as well as "post-cut-through dialed digits" (digits you dial after your call is connected, like your banking PIN number, your prescription refill numbers, or your vote for American Idol).
intercept information about your Internet communications as well."
Precisely what data these "stingrays" collect will hopefully be soon revealed through such efforts as those of EPIC. It should be noted that the Stingray is one of multiple devices with the same application. The Stingray and several others are trademarks of the Harris Corporation. Some are quite pricey ($75,000), and others are, as mentioned last year by a Slashdot reader, peculiarly affordable — and available. For a more comprehensive overview of the subject, see this Wall Street Journal article."
Slashdot Mirror
What the fuck is going on here? The Slashdot summary says "Harrison Corporation" near the end, but looking at the links show "Harris" as the company behind these particular devices. I mean, it says the name right in the logo in the pictures of the device, and on the document! The logo basically is the name, for Pete's sake!
I'm going to go on the assumption that the linked-to content is right, and that Harris Corporation is the correct name to be used in this case.
Penurious Penguin , you need to get your shit together and use the right company name. Maybe it was an honest mistake, but it really makes me think less of what you're saying when you can't even express such basic facts correctly. Do you see where I'm coming from? Do you?
And the Slashdot editors should have caught that right away. It is absolute rubbish that such an obvious mistake could be made. Absolute rubbish, I tell you!
yup, turnkey police state
Penurious Penguin
Too late for that one...
Secret Stingray
That'll do!
systemd is Roko's Basilisk.
The government is evil.
The only point these "redacted" things have, is to hide criminal activity.
A government has no right to keep privacy from its citizens. Just like it has no right to take privacy from them.
If they redact it, it must count as treason and result in jail until the full info is released.
If 'stingray' is the IMSI catcher MITM device, you can watch these from a defcon demonstration: http://www.youtube.com/watch?v=wjYAAmHvt-g
In short, you pretend to be the cell network and pass communication through. The handsets generally don't care or warn the user, you can issue all kinds of instructions to the handsets, it doesn't take a whole lot of gear, and you're now the network before the network.
Problem solved ( for at least one side of the call.. )
---- Booth was a patriot ----
Summed up as
"A government by the people and for the people should not be allowed to keep secrets from the people!" -- Me for the last 8 years.
The problem is that if it is deemed of National Security, they get to redact it. There is no punishment in place that could be applied if they remove it for national security reasons and it is later found to have been for criminal reasons. Example: the fact that a us company paid in tax payer dollars provided young boys for sexual use by Afghan Cops.
http://blogs.houstonpress.com/hairballs/2010/12/wikileaks_texas_company_helped.php
Which was classified and thanks to WikiLeaks is now known.
I could care less if the FBI hears me telling my wife I want fuck her brains out tonight while they are investigating a drug trafficker in my neighborhood. The sooner they get him, the less they'll hear me dirty talking with my wife.
Unless they hear you talking about why you hate the government (or a particular FBI officer), of course. Your life could instantly become hell.
I don't know what all mobile platforms there is APIs / permission for this but I do know theres enough information provided from the RIL to be able to detect and track tower data.
Reckon an app could be developed in to keep track of towers in the area and alert users if there are any changes.
It could also crowdsource and mine data to uncover patterns useful in catching anyone using such devices.
"There are many more laws than can possibly be enforced by, or even known to, our ever-growing army of cops, judges, lawyers, and lowly citizens. This isn't an accident of the system run amok, it's the way the government WANTS it. There are at least two reasons for this:
One, the more laws there are to be broken (and the more obscure, the better ) the greater the stream of revenue from fines and violations and the more government jobs there are (cops, health inspectors, banking commissioners, etc.) in enforcing these laws and processing both the violators and the revenues.
Secondly, the fact that since there are probably 1,000 times more laws on the books than are known to the citizenry all but ensures that everyone's guilty of something. And in the government's eyes, it's good that virtually everyone is a criminal of one type or another. Here's why: Because if you ever challenge any part of the government; the Housing Department, the Board of Education, the Bureau of Licensing and Regulation, the Election Board, the DNR, the DMV, the BLM, or whatever, it'll be able to find something, maybe many things, you're guilty of.
And that, my friends, is its insurance policy against you. If you raise a stink about anything, no matter how legitimate, the full force and power of the government could be channeled into crawling up your wazoo with a microscope to find out everything you've ever done wrong and then using those transgressions to either discredit you or to bully you into staying mum about whatever gripe you've got or scandal you could expose. It's nothing but a racket. Blackmail. A seedy bastardization of the "checks and balances" system your nation's founders envisioned and engineered to protect you from governmental abuses".
http://whiskeyandgunpowder.com/everyones-a-criminal-there-ought-not-to-be-a-law/
"Kill 'em all and let Root sort 'em out"
VOIP will protect the data if the content is properly encrypted, but headers and locations are still exposed. The phone can still be identified and located, which is already great information for the police. The IP addresses can be tracked in the header and voila, pen-register services without a warrant. And if VOIP is not encrypted, or if the encryption is weak, even the content can be accessed.
...what is this privacy thing anyway?
It's something to keep your friends from listening in on what you're saying to them.
“He’s not deformed, he’s just drunk!”
Some things need to be kept secret. For example, the identity of undercover cops infiltrating gangs. But of course, secrecy can also be abused to cover up wrong-doing.
The only way to determine whether or not something should be secret, is to look at it. So we need a third party trusted by both sides to do the looking. They need to be trusted by the government not to reveal something that really ought to be secret, and they need to be trusted by the people not to cover-up something that should be exposed. Sadly, I doubt such a party could ever exist. There will always be some fascists in the government trying to corrupt it, and there would always be some tin-foil paranoids insisting it's all a big conspiracy.
TOR is the next step of escalation. The cyberwar arms race has been going on for a long time, and it's it's not just governments.
Horse (& cow) traders in the Midwest caused a surge of demand for cell phone encryption in the early 90's when news of how easily one could tap FM cell calls got out. The FCC's stand was that they were secure because listening in was illegal, even if the needed equipment was sold at Radio Shack.
Can't find a link, but 15-20 years ago, Ontario courts ruled that banging your girlfriend in the backseat of a car wasn't public indecency (or whatever else they would charge with for doing it in public, say in the middle of a downtown park), if you were parked somewhere secluded. The ruling went that you had reasonable expectation of privacy by parking somewhere secluded, therefore you weren't accountable if you happened to get busted anyway.
Mentioning this to contrast with SCOTUS ruling people in cars have less expectation of privacy. Likewise, whether I'm whispering in low tones into my cellphone in a crowded room or whether I'm talking normally on my phone with no one visible around me, I expect my conversations to be private and not intercepted in anyway without a warrant.
When all of your wishes have been granted, many of your dreams will be destroyed - Marilyn Manson
Sure, location could be gathered but that doesn't always tell you much ' he was in a Starbucks making a call ', its who you call when that is a bigger deal.
Also, i was thinking wifi, and turning off the cell radio. Harder to track that way. Plus this is all done on a throaway ( used or other cash market ) cellphone so it isnt traced back to you personally.
Assumption is that proper encryption is being used, of course if its not then all bets are off.
---- Booth was a patriot ----
THIS.
Why is it that all you idiots still parrot the "well, if you're not doing anything wrong ...". There may come a time that the government is your enemy, and I DAMNED SURE would not want to be listened in on at that point in time, so just don't ever let it happen.
So sayeth the person who posted AC.
Another /.'er posted a quote a while back that I've, umm, appropriated in other conversations on this topic: "Everybody poops, but it takes a very special person to do so in public." Suppose it wasn't your wife you were talking dirty to, but your mistress--or secret gay lover. Have you ever used marijuana, or taken medicines prescribed to someone else, or driven over the speed limit, or overestimated your charitable contributions come tax time, or many other laws, or indiscretions? Certainly you've kept track of the tens of thousands of laws on the books religiously and ensured you've never violated any of them right? And you've never done anything which while not illegal; may not be something with with you'd want to share with your spouse, boss, preacher, mother, etc?
The FBI may one day pay you a visit while you're mowing the lawn or at work and say, "Hey, we understand that you really don't like those folks pushing drugs in your neighborhood; how about you give us a hand?
You: "How so, exactly?"
FBI: "Well, you're obviously aware of the traffickers, why don't you point out the places you've seen them, identify them in a police lineup, and testify against them in court?"
You: "But wouldn't that put me in the cross hairs of the gang(s) running drugs in my neighborhood?"
FBI: "Possibly, but we'll review the case in 3-6 months and we may enroll you in the federal witness protection program if you help us secure some convictions."
You, "But I'll have to move, find a new job, and probably leave behind my friends if I did, and what if there wasn't a conviction? I'm not sure this is such a good idea."
FBI: "I thought you wanted these drug traffickers off your street, are you now trying to obstruct justice? Perhaps we should detain you, or how about we tell your wife about your liaisons with Tiffani."
Javascript, cookies, flash, and ActiveX must be enabled in order to view this sig.
"The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary." Just the fact that I called a specific number at a specific time is private information, regardless of the content. How is it a search warrant isn't necessary?
If you're not a fucking criminal then you have nothing to worry about.
I am also glad that law enforcement is made up of robots who can be trusted to never abuse private information which, while not illegal, could certainly be used to unduly influence or harm those to whom it pertains.
FBI agents have never engaged in practices using information about private, legal events to coerce or damage private individuals, or to enrich themselves at the expense of others. I am so glad it's not possible that could ever happen, either.
I dunno, Bush III may get another 4 years before Bush IV gets his chance. It's a toss-up.
Wasn't 'squirrel' macho enough for the brute force and ignorance crowd?
How the feds target the innocents:
http://threefelonies.com/Youtoo/tabid/86/Default.aspx
New Economic Perspectives
First they assassinate Steve Irwin; now they spy on our cellphones? When is the government finally going to declare war?
If 'stingray' is the IMSI catcher MITM device, you can watch these from a defcon demonstration: http://www.youtube.com/watch?v=wjYAAmHvt-g
In short, you pretend to be the cell network and pass communication through. The handsets generally don't care or warn the user, you can issue all kinds of instructions to the handsets, it doesn't take a whole lot of gear, and you're now the network before the network.
===============
All that is going to happen is that communications will be encrypted on the device before being transmitted. With this mode, stingray operations will intercept encrypted data.
Leslie Satenstein Montreal Quebec Canada