Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI's Smartphone Surveillance Tool Explained In Court Battle

Posted by Soulskill on from the spying-made-simple dept.

concealment writes with news that a court battle has brought to light details on how the FBI's "stingray" surveillance tool works, and how they used it with Verizon's help to collect evidence about an alleged identity thief. Quoting: "Air cards are devices that plug into a computer and use the wireless cellular networks of phone providers to connect the computer to the internet. The devices are not phones and therefore don’t have the ability to receive incoming calls, but in this case Rigmaiden asserts that Verizon reconfigured his air card to respond to surreptitious voice calls from a landline controlled by the FBI. The FBI calls, which contacted the air card silently in the background, operated as pings to force the air card into revealing its location. In order to do this, Verizon reprogrammed the device so that when an incoming voice call arrived, the card would disconnect from any legitimate cell tower to which it was already connected, and send real-time cell-site location data to Verizon, which forwarded the data to the FBI. This allowed the FBI to position its stingray in the neighborhood where Rigmaiden resided. The stingray then "broadcast a very strong signal" to force the air card into connecting to it, instead of reconnecting to a legitimate cell tower, so that agents could then triangulate signals coming from the air card and zoom-in on Rigmaiden’s location. To make sure the air card connected to the FBI’s simulator, Rigmaiden says that Verizon altered his air card’s Preferred Roaming List so that it would accept the FBI’s stingray as a legitimate cell site and not a rogue site, and also changed a data table on the air card designating the priority of cell sites so that the FBI’s fake site was at the top of the list."

9 of 168 comments (clear)

  1. Ok..So verizon has shown they cant be trusted.. by wierd_w · · Score: 4, Insightful

    Issuing a custom radio firmware for a data only device, so that it responds to a telephone network signal demonstrates that verizon is willing to place nonstandard firmware on devices on their network, for the express purposes of aiding investigations that lack proper warrants.

    This is a very bad thing Verizon. A Very Bad Thing.

    Don't underestimate the impact that losing public confidence can have on your business. Being so self-conceited as to feel that you don't have to worry because you have cornered the market would only add fuel to the fire.

    Plan you PR damage control messages carefully. Smile, you're on candid camera.

    1. Re:Ok..So verizon has shown they cant be trusted.. by jchawk · · Score: 3, Insightful

      While I really agree with what you are saying... The market has not demonstrated that it cares about this type of behavior. Joe Six Pack continues to pile on more and more devices onto the Verizon network without a second thought to privacy. If you think I'm wrong look at the 6-strike rule in their Internet business... This hasn't hurt them one bit.

      The average person simply doesn't understand the behinds the scenes technology well enough to care.

    2. Re:Ok..So verizon has shown they cant be trusted.. by semi-extrinsic · · Score: 5, Insightful

      I saw a good quote on this topic yesterday here on /. :
      "The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all."
      H. L. Mencken

      --
      for i in `facebook friends "=bday" 2>/dev/null | cut -d " " -f 3-`; do facebook wallpost $i "Happy birthday!"; done
    3. Re:Ok..So verizon has shown they cant be trusted.. by Anonymous Coward · · Score: 1, Insightful

      Which is a wonderful quote in response to government overstepping its boundaries. But getting a warrant first is kind of the opposite of overstepping their boundaries.

      Now if you'd like to argue that a warrant should never have been issued...

      (I am aware of the other posters that have pointed out that no warrant was actually issued. However, since you made no mention of that, one must read your post as you arguing against the actions of the FBI despite them having a warrant.)

    4. Re:Ok..So verizon has shown they cant be trusted.. by SpectreBlofeld · · Score: 3, Insightful

      But the perp in question was an identity thief who had activated the device in the victim's name. In this case, the victim technically 'owns' the service/device, right? How can you claim that the FBI/Verizon violated the thief's 'private property' when it was fraudulently bought/activated in the victim's name?

      If the victim gives permission for the FBI/VZW to track the device that's in his/her name, that's good enough for me. If someone stole my identity to activate service, I'd be begging for them to track the fucker down. After all, I'm the legal account holder, whether I like it or not.

      You say that 'Verizon does not own the aircard' but neither does the identity thief, dammit! The victim does!

  2. technology vs law by houbou · · Score: 2, Insightful

    Clearly our technological advances are ahead of the law and it's time for those 2 to sync up in a realistic way.

    Ok, so this is a guy who does identity fraud.
    I'm not crying for him
    He's lucky to even have access to due process as far as I'm concerned However, that your very own devices can be used against you in such ways, which means that the trust you have in your provider is broken, seems unethical.
    If the FBI and/or other agencies require such abilities, perhaps then, companies such as Verizon should place this in their contracts something like "authorities can use your devices to track you and/or use your data for any of their investigations as they see fit".
    Transparency would be nice.
    All I know is that, I've got nothing to hide, so I don't care, but, for those who do, they may have to switch to another provider....

    1. Re:technology vs law by Anonymous Coward · · Score: 2, Insightful

      He's lucky to even have access to due process as far as I'm concerned ... All I know is that, I've got nothing to hide, so I don't care

      Then you, sir, deserve to be dragged off in the night and charged without due process.

      Everybody deserves due process, or you cease to be a free society. And the "you have nothing to fear if you have nothing to hide" is the lament of cowards and fascists.

      Fuck you you worthless sack of shit. You're part of the problem of tacitly accepting it as okay when your government breaks the laws.

  3. Re:Supply Chain Attack by Anonymous Coward · · Score: 3, Insightful

    So you're saying we should all run FSF approved operating systems?

    Even then, unless you intend to audit several billion lines of code of a variety of packages, and understand it well enough to discover flaws that give a 3rd party control over you or your information, you're still trusting someone else that it's safe.

  4. Re:Holy crap ... by EmperorArthur · · Score: 4, Insightful

    It's a little more complicated than that.

    It seems Verizon pushed an update to his specific wireless card. This update allowed it to receive phone calls, thus allowing them to "ping" him in particular. It also set the preferred tower list so that the stingray would always be connected to first.

    The fun thing is that by modifying his wireless card, the FBI has "planted" a tracker on him. That requires a warrant. If this guy was such a big deal, then it shouldn't have been hard to get the warrant. The problem is the FBI didn't want anyone, even the judges, to know what cards they held. So even when they got there court order, it wasn't a warrant, and they misled the judge who issued the order. That's a big no no.

    --
    So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera