Slashdot Mirror
Australian Police Use Telcos For Cell "Tower Dump" of All Connected Users' Data
AHuxley (892839) writes The Sydney Morning Herald is reporting that Australian federal and state police are using a no warrant cell phone tower metadata access technique called a "tower dump".
A "tower dump" provides the identity, activity and location of all cell phones that connect a cellphone tower(s) over time (an hour or two). The metadata from thousands of phones and numbers connected are then sorted. Australian law-enforcement agencies made 330,000 requests for metadata in 2012-13.
AHuxley links to some U.S. views on the same kind of massive data grab: The Wall Street Journal says they caputure innocent users' data; the Chicago Police Department is being sued for information on its purchases of equipment associated with this kind of slurping; and the EFF asks whether warrant protection for users' data will be extended by voice-comm companies as it has been for ISPs. I wonder what people would think of an occasional "postal zone dump" employing the same kind of dragnet but for communications on paper.
Once the toothpaste is out of the tube, it's hard to get it back in.
It's too easy for governments now.
Thus far, all that's come of the wave of revalations from Snowden et al is government's growing willingness to gather our private data in plain sight. With apparent impunity.
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Apparently those involved in organised crime are using the cheapest possible pre-payphones and sim cards swapping from one to another throughout the day. So police are looking for the odd phone out, coming from locations where tracked suspect persons are. So tracking all calls and eliminating the non-suspect ones to leave the ones they are looking for. So tracking the criminal activity associated with pre-pay phones and sim cards is a little more tricky than the movies make out.
Chaos - everything, everywhere, everywhen
Only an idiot would think the distance makes the news irrelevant. Oh wait, did I call you an idiot. Yes, I did. I guess my threshold for bullshit is getting shorter these days.
If you think having a supranational "Five Eyes" is healthy for your society, you are not just a mere idiot (look for the etymology of the word), you are fucking retarded.
Because I should be able to choose to carry a powered radio around that the government is not allowed to randomly spy on for whatever today's made up scary threat is. It's called freedom, and we need a lot more restrictions on law enforcement and a lot fewer on actual regular people.
They actually already do "postal zone dumps" in the United States, in that the front of every single piece of mail sent through the Post Office is imaged and put in a database for law enforcement. They've been doing it for some time.
I wonder what people would think of an occasional "postal zone dump" employing the same kind of dragnet but for communications on paper.
You don't have to wonder about this, because this is how it is now. The headers of all snailmail (the wrapper of the packet) are machine-logged. Those of us who are technically savvy always suspected this, since we found out that scanning is used for routing. Some of us, like myself, even mentioned the possibility to our postmasters and were told that they were simply throwing this data away after collecting it. But anyone who knows anything about anything knew that this was massively unlikely.
So, given that this is already happening for literally every piece of mail being sent, just like it happens to literally every piece of email which traverses a long-haul link, why do you wonder? That's how it is right now.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
All Connected Users' Data
You need an apostrophe after the final s in Users to show that it is the data of more than one user.
This is fourth grade English. Come on. Proofread before posting.
- Zav - Imagine a Beowulf cluster of insensitive clods...
In 2012, the U.S. District Court for the Northern District of Illinois ruled that an F.B.I. agent could not testify about the location of a defendant’s cell phone because the analyses did not rise to the level of trusted, replicable science.
she had a tumultuous, sometimes violent relationship with the victim, Jerri Williams. Cell records showed that at 10:27 on the morning of the murder, Roberts’s phone connected to a tower within 3.4 miles of Kelley Point Park, where Williams’s body was discovered. Her attorney felt that was enough to convict her.
But she was making that call while driving a red pickup truck more than eight miles away, as confirmed by a witness. The system had simply routed her call through the tower near the park. It also emerged that new DNA evidence placed another suspect, a man, at the crime scene. And another piece of evidence helped: moments earlier, Roberts had received another call that came through a different site. The two towers were 1.3 miles apart. She could not have traveled that distance in the forty seconds between the calls. And so her cell records, in a sense, helped to save her. Source: http://www.newyorker.com/onlin...
"I have downloaded hundreds and hundreds of records, why would I care if somebody downloads ours?" Robin Pecknold
It's not trivial. If you know how to do it, please patent it, form a company quickly and do it - you'll be a multi-millionaire in a couple of months. There are legions of math PhDs trying to come up with a solution.
Triangulation as you suggest only if you have constant measurements being made on your neighbours cells. They are not constantly being made, I assure you of this.
You are very wrong.
Coarse-grained "GPS" done to 1000-meter accuracy using 3 cell phone towers is a process known as "trilateration". It is extremely common. Some Sprint phones, in fact used it even though they were built on chipsets containing true (satellite) GPS, because the GPS chips pulled too much power. GPS could not be switched on on those phones even by custom apps. Only the 911 call mechanism could use it.
I think it's more a matter of that the phone was in a particular cell than that the call was made.
I would like to see cell-tracking technology whereby a phone never reports its ID when idle and pinging tower. I'd like to see the tower push three bloom filters on ping, one of all predicted to be in the cell, one of all predicted to be in the area (surrounding cells), and one of all in the system.
For a flat assumption of 10^12 phone numbers CC-AAA-RRR-XXXX including country codes, assume nearly 100% of all numbers are being dialed at the exact same time. You can gain a 1% probability of error on if a number is being dialed in about 116GB. In any situation of over 50% saturation, you'd invert: list what numbers aren't being dialed, hence the size of the worldwide packet is 58GB. That's the theoretical bound in an insane situation. (Besides, you can only dial half the phones in the world at once...)
In reality, we don't have 100 country codes, and not all countries have 10 digit phone numbers. In America, there are only really 800 possible area codes, 269 in service in the USA, and 26 in Canada. Not all areas saturate the exchange; most exchanges aren't saturated. The number of phone numbers world-wide isn't 142 times the size of the number of people.
So let's assume 10 billion numbers instead, not all of which are cell phones. You're looking at 580MB for the packet to express near 50% saturation of numbers being dialed *right now* for the whole world. That's much better.
Phones ring for approximately 10 seconds. They're answered or taken to voice mail by then. In addition, most phones aren't being dialed at any given time. If we assume 1 in 7000 cell phones is currently ringing, the worldwide packet is 174kB for a 1% margin of error.
So let's call the regional a 10 million phone coverage area, and the local a 1 million phone coverage area. Assuming 1 in 7000 phones is currently ringing, the packet sizes are 174kB worldwide, 178 bytes regional, and 17.8 bytes local, for a 1% margin of error. That is: you have a 1 in 100 chance of the phone deciding it's probably in the bloom filter when it's not. If we double the sizes here, then the false positive rate is 0.01%, or 1 in 10,000--almost never.
We can further reduce these by scaling them dynamically, and by delaying the ring if you're out of known area. I'll use the double-size numbers for a 0.01% false positive chance.
Let's say somebody calls your phone. The cell system predicts, based on prior data (i.e. you're usually in this city, your home address on file is here, whatever), that you're in the 1 million person coverage area contained by some cells. In Baltimore City, we have 660,000 people; 1 million coverage is bigger than my city. So the system adds you only to the 35.6 byte local dialing filter for a 1 second cycle.
If your phone fails to respond to the tower, the system leaves your number in the 36 byte local dialing filter. It begins including it in the regional dialing area. The regional dialing area excludes any phone dialed for less than 1 second, any phone found in a local dialing area, or any phone included in the local dialing area filter. More than 95% of phones should be excluded: there's better than a 95% chance that you're currently in your local area. The filter is about 89 bytes on average, assuming 1 in 7000 phones in the 5,000,000 phone region is ringing.
The worldwide filter is different. If in 1 more second you don't answer, the cell system adds you to the bloom list for the whole world. Assuming a 95% chance of someone being in the region if not in the local area, that's 95% of 5%, or 0.25%. Assuming 10 billion phones, the worldwide list of numbers currently being dialed is 9 bytes.
For a 1 in 10,000 false positive rate, you'd have to push 134 bytes of dialing filters. If you're outside of your normal region, there's a 2 second delay. We can further step this with a 100 million phone region to net whole countries in the last
Support my political activism on Patreon.
The Wall Street Journal says they caputure innocent users' data
You know, I'm sure the WSJ did not fucking say that, because for all the money they make they at least spend some of it on a decent spell-check or even, gasp, a human editor. I mean holy motherfuck. Here I am combing the streets, looking for work. You're making hundreds, maybe thousands. maybe even tens of thousands of dollars per hour from the traffic on this site. You can't even spell capture? I mean, in google-chrome-stable it shows me even in this box right here when a word supposedly mis-spelled, though often it's just saying that it's not a word in the dictionary, such as motherfuck. Motherfucker, though, that passes.
And don't bother blaming the submitter since this part came after his quotation section. You fucking douche bags. Get it together. I don't care about beta; it's your site. But as a thinking person I'm offended that your hacker mentality has not permeated over into the literate part of your fucking brain: never stop improving, motherfucker. I wouldn't be half as good at writing code now if it weren't for the self-criticism and absolute discipline that my early days as a fiction writer instilled in me.
You fucking turd, seriously. When do we get to start rating the actual posts? Or is this whole feedback thing just a marketing technique for you, totally out of tune with Rob Malda's vision?
This sort of thing is why I seldom carry a cellphone anymore.
I really shouldn't have used someone else's email address for this account.