Mysterious, Phony Cell Towers Found Throughout US

Trachman writes: Popular Science magazine recently published an article about a network of cell towers owned not by telecommunication companies but by unknown third parties. Many of them are built around U.S. military bases. "Interceptors vary widely in expense and sophistication – but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. ... Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured devices like the VME Dominator, available only to government agencies, can not only capture calls and texts, but even actively control the phone, sending out spoof texts, for example."

They used to be called UHF TV tuners

[50000BTU_barbecue]

We could listen to AMPS cell phone calls by tuning to the high UHF channels and tuning between channels... Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

Re:They used to be called UHF TV tuners

[50000BTU_barbecue]

I discovered it wasn't as much fun as listening to the CB in small towns.

Re:They used to be called UHF TV tuners

[fahrbot-bot]

Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

Worst pick-up line ever.

Re:They used to be called UHF TV tuners

[Frobnicator]

Picking up phone calls over TV tuners is one thing. Buying and installing a product with a name like "VME Dominator".

One of those can happen by innocent mistake. The other sounds ... well, not so innocent.

Re:They used to be called UHF TV tuners

[the+eric+conspiracy]

I still have my JRC NRD-525. Man that thing would pick up anything. Cell phones, baby intercoms, cordless phones, military radio, etc etc.

Too bad so much is encrypted now.

Re:They used to be called UHF TV tuners

[50000BTU_barbecue]

That's what SDR is for!

Re:They used to be called UHF TV tuners

I was told it was illegal. Whether that was just FCC strong-arming or not, I don't know. I was a teenager when I did that and I figured correctly that there was no harm or consequence to be had. Most of the TV sets, even in the 1980s could not do it. We had an old black and white that went up to channel 83 or something like that. Yep, by using the fine-tuning ring you could get one side of some conversations. This was in the Washington DC metro area too, so I had teenage fantasies of hearing about some Russian spy drop or something. Yeah, like they'd be stupid enough to talk about it in obvious terms; but whatever. I was bored. Between that and the fleeting flash of boobies on the poorly scrambled Super TV system, well... this was before we had Internet in the home, and before "geeks" got all the babes. We were nerds and nobody liked us. We had to hack through snow on the TV after we walked through it.

Re:They used to be called UHF TV tuners

[50000BTU_barbecue]

Maybe before we had internet access in the home but surely you were on BBSs??

Re:They used to be called UHF TV tuners

[viperidaenz]

So it would be ok if they renamed it "VME Fluffy Bunny"?

Re: They used to be called UHF TV tuners

[bistromath007]

So there's radio equipment that allows you to listen in to random people's conversations about nothing, and it's called the Jerk Nerd...

Re:They used to be called UHF TV tuners

[SumDog]

My buddy in high school had a police scanner and as we were driving around we could ocasionally pick up cellphone calls, but only one half of them. It really sucked when we got the boring half.

"Yep...uh huh...yea...What time?...I'm free tomorrow...yea....uhuh....what?...gotcha..."

Re:They used to be called UHF TV tuners

[LifesABeach]

If these towers are not registered with the FCC, then what would happen if one possibly fell over?

Re:They used to be called UHF TV tuners

[davester666]

she can press my outer tuning ring and go back and forth on it any time she wants!

Re:They used to be called UHF TV tuners

[GNious]

If they are owned by the Military? lots of "interesting" things could happen.

Re:They used to be called UHF TV tuners

[k6mfw]

If these towers are not registered with the FCC, then what would happen if one possibly fell over?

Nothing. Like a tree falling in a forest with nobody around to hear it. Besides being factious that FCC no longer does enforcement but probably get attention from OSHA or local planning dept that issues permits.

Re:They used to be called UHF TV tuners

[SomeoneFromBelgium]

I still have my JRC NRD-525. Man that thing would pick up anything. Cell phones, baby intercoms, [...].

Too bad so much is encrypted now.

So YOU were the one spying on my kids!
[To the privacy police] Get him! It's a stalker!!

Re:They used to be called UHF TV tuners

[Orp]

I never did that but a long time ago (80s) I did listen to some fascinating conversations broadcast in the clear around 1.7 MHz - just past the AM band - off of a cordless phone somewhere near my neighborhood. I had an old Hallicrafters shortwave radio that weighed nearly as much as I did (even more with the big external speaker). I don't remember the details of the conversations, only that it was mostly stupid stuff as would be expected.

Re:They used to be called UHF TV tuners

[havana9]

Maybe they were actually trying to buy an Honda motorbike.

Re:They used to be called UHF TV tuners

[havana9]

I was told it was illegal. Whether that was just FCC strong-arming or not, I don't know. I was a teenager when I did that and I figured correctly that there was no harm or consequence to be had. Most of the TV sets, even in the 1980s could not do it.

I think because most TV sets to save components and making alignment easier used a so called intercarrier circuit, where if no video signal carries was present, no audio signal could be demodulated. Newer tv sets had also a mute cicuit that engaged when poor TV signal was present.

Re: They used to be called UHF TV tuners

[CaptainDork]

Oh, that ... it morphed into Facebook.

Re:They used to be called UHF TV tuners

[TWX]

Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

Worst pick-up line ever.

Any pickup line that works is an effective pickup line.

Though in hindsight, using, "Gimme a waitress, hold the dressing," successfully at the IHOP should have set off some warning bells...

Re:They used to be called UHF TV tuners

[emaname]

Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

Yup. I do. I'm sorry to say.

Re:They used to be called UHF TV tuners

[blue9steel]

VME Freedom Protector would have better marketing spin.

Re:They used to be called UHF TV tuners

[k6mfw]

I was told it was illegal. Whether that was just FCC strong-arming or not, I don't know.

back in 1990s (I heard various versions, too lazy to spend time trying figure out the real story, but here goes) when easily modified scanners can pick up cellphone calls, someone picked up a conversation of Newt Gingrich and someone else. He recorded the conversation and sent tape to a reporter. Shortly after a congressman introduced legislation that would make receiving any freq except broadcast illegal. Obviously that law was not implemented (I think result is scanners had to be designed so they could not easily be modified). Usenet forums were screaming at the time about this, one was "it's that liberal from Los Angeles who wrote this stupid law" which someone pointed out that LA suffix behind name is for Louisiana and congressman is a republican.

Re:They used to be called UHF TV tuners

[bughunter]

a product with a name like "VME Dominator"

Sounds like something you'd find at the Adult Factory Outlet in West Hollywood...

Re:They used to be called UHF TV tuners

[ulatekh]

Though in hindsight, using, "Gimme a waitress, hold the dressing," successfully at the IHOP should have set off some warning bells...

Or my personal favorite..."Can I have a side of you with nothing on it?"

Re:They used to be called UHF TV tuners

[ulatekh]

As a woman

Suuuure you are. <rolls eyes>

I usually reply with "right, and what ever happened to 'if I tell you you have a beautiful body would you hold it against me' ".

It's been done to death, that's what happened to it.

Where did the linked to article go?

Um, where did the article go?

Google shows that the article did exist, but no longer

https://www.google.com/search?q=%22Interceptors+vary+widely+in+expense+and+sophistication+%E2%80%93+but+in+a+nutshell%2C+they+are+radio-equipped+computers%22&oq=%22Interceptors+vary+widely+in+expense+and+sophistication+%E2%80%93+but+in+a+nutshell%2C+they+are+radio-equipped+computers%22

Re:Where did the linked to article go?

[avgjoe62]

The link above works fine for me. It links to a PopSci article. Here is the url I get to.

Re:Where did the linked to article go?

[PPH]

You're not trying to open this link on a phone near a military base, are you?

Re:Where did the linked to article go?

Actually, the problem is an unconditional redirect for Australian readers of popsci.com popsci.com.au and the article does not exist on popsci.com.au.

Re:Where did the linked to article go?

[LynnwoodRooster]

That's how we know it's a conspiracy man, the article now never existed...

Re:Where did the linked to article go?

[Ol+Olsoc]

That's how we know it's a conspiracy man, the article now never existed...

These will be the Chemtrails of this decade.

sensationalism, ahoy

You know, cellular networks use radio, folks. When you're transmitting electromagnetic radiation using the fabric of spacetime as your communications medium, it becomes rather quite difficult to prevent interception. Learn to use encryption and quit your whining.

Re:sensationalism, ahoy

[ShanghaiBill]

Learn to use encryption and quit your whining.

What if you have to talk to a normal person, and they don't have a clue about encryption? Encryption requires technical knowledge at both ends of the phone call. Even if you use encryption, "they" can still see who you are calling and how long you talk.

Re:sensationalism, ahoy

[Concerned+Onlooker]

"using the fabric of spacetime as your communications medium, it becomes rather quite difficult to prevent interception"

I've heard that if you use plaid for your space-time fabric that interception is much more difficult.

Re:sensationalism, ahoy

[Imrik]

As long as they don't feel the need to respond that is. Unless that sort of approach becomes common it's almost trivial to figure out who's talking to whom.

Re:sensationalism, ahoy

[Geoffrey.landis]

Learn to use encryption and quit your whining.

If you read the article, the interceptors hack into the baseband processor (that's not the phone OS-- it's the system that controls the radio system in the phone), and switch the connection "from 4G down to 2G, a much older protocol that is easier to de-crypt in real-time. But the standard smart phones didn’t even show they’d experienced the same attack."

So you may think you're using encryption, and stop whining. But although your phone says you are encrypted, you have been switched to a breakable encryption, which is to say, no encryption at all.

Re:sensationalism, ahoy

[Richy_T]

Ideally you would be using encryption on top of this to which only you and the party at the other end had the keys. This would mean not using the phone features of the phone.

I'm not sure it's possible but ideally you could also block any non-encrypted and targetted connections from the phone also to prevent leakage of private data. This would pretty much disable it as a general internet access device though.

Re:sensationalism, ahoy

[justaguy516]

Its unlikely that it is able to "hack into" the base band processor. What it probably does is to pose as a genuine tower and offer to carry the cell phone signals. This then causes the baseband processor to start negotiating with it and bingo, all kinds of stuff is revealed about the phone! That kind of thing would be nearly impossible to keep hidden from the operator; operators routinely do drive by tests using handheld testers and they would know for sure. Given that the operator hasn't done anything about it is fishy.

Re:sensationalism, ahoy

[kilfarsnar]

You know, cellular networks use radio, folks. When you're transmitting electromagnetic radiation using the fabric of spacetime as your communications medium, it becomes rather quite difficult to prevent interception. Learn to use encryption and quit your whining.

If you had bothered to RTFA, you'd know that these systems turn off encryption, unbeknownst to the user.

Re:sensationalism, ahoy

[amicusNYCL]

Learn to use encryption and quit your whining.

That was the more interesting part of the article for me, I wasn't exactly shocked that there are government cell towers out there. With the phone mentioned in the article where they talk about endpoint-to-endpoint encryption, is that for any connection? It sounds like that type of communication would only work when the person on the other end supports and also uses the same encryption, that's true right? If I call my parents' land line, or some random iPhone, that call wouldn't be encrypted unless they had a phone that supports the key exchange and encryption, correct? If so, does that mean that encryption is only useful if basically everyone you're communicating with supports it?

Re:sensationalism, ahoy

[almitydave]

"using the fabric of spacetime as your communications medium, it becomes rather quite difficult to prevent interception"

I've heard that if you use plaid for your space-time fabric that interception is much more difficult.

It's ludicrously more difficult.

Re:sensationalism, ahoy

[plover]

Because the baseband systems are generally invisible to the phone OS, and because the phone OS is usually the place people are interested in hacking, they have not received much attention. Still, there are quite a few researchers who have begun hacking the baseband stack, and in general they've found them to be very poorly coded, and riddled with security vulnerabilities. They have discovered serious flaws that allow malformed packets from the wireless network to hack the phones. While it may be "unlikely", it could certainly be possible.

Also, take a look at CANDYGRAM.

Re:sensationalism, ahoy

[plover]

Normal cell conversation encryption isn't end-to-end. GSM encryption only protects the conversation from your phone to the tower you're talking to. You're right in that both parties each need one of the high security phones to support true end to end encryption. I've heard it said that at Facetime and iMessage used to be secure, but the tinfoil hat crowd has claimed Apple has since had to provide "lawful intercept capability".

Around or on top of millitary bases?

[m00sh]

The article says ...

What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.

The summary says ...

Many of them are built around U.S. military bases.

Way to slant the summary to make it look like Chinese towers rather than our towers.

Re:Around or on top of millitary bases?

[msauve]

I'd give the US military more credit than that. They wouldn't place their own interceptors directly on their bases, but nearby. Else, how would you have plausible deniability?

Re:Around or on top of millitary bases?

[SpzToid]

This is a good article, as before I had no idea such sophisticated rogue towers were such a threat all over the US.

So when Goldsmith and his team drove by the government facility in July, he also took a standard Samsung Galaxy S4 and an iPhone to serve as a control group for his own device.

”As we drove by, the iPhone showed no difference whatsoever. The Samsung Galaxy S4, the call went from 4G to 3G and back to 4G. The CryptoPhone lit up like a Christmas tree.”

Though the standard Apple and Android phones showed nothing wrong, the baseband firewall on the Cryptophone set off alerts showing that the phone’s encryption had been turned off, and that the cell tower had no name – a telltale sign of a rogue base station. Standard towers, run by say, Verizon or T-Mobile, will have a name, whereas interceptors often do not.

Re: Around or on top of millitary bases?

[dimethylxanthine]

Why Chinese, right away? They could be Russian for all you know. They're still no different from the commission we know and plenty of ruthless crooks there too. *cough* Putin *cough*

Re:Around or on top of millitary bases?

[wvmarle]

If they indeed are Chinese (or otherwise foreign) spy towers, and so easily detected (the authors of the article didn't seem to have a hard time finding such towers), there's something terribly, terribly wrong with your homeland security.

Re:Around or on top of millitary bases?

[Charliemopps]

The article says ...

What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.

The summary says ...

Many of them are built around U.S. military bases.

Way to slant the summary to make it look like Chinese towers rather than our towers.

I do not think those statements mean different things. They could, but from what I know of cell towers all they could really know is that the tower is near the base, not if it was right on it or not. It's not like they were triangulating the signal or anything.

Re:Around or on top of millitary bases?

[ShanghaiBill]

I'd give the US military more credit than that. They wouldn't place their own interceptors directly on their bases, but nearby. Else, how would you have plausible deniability?

It is likely that the military doesn't need deniability. Many FCC rules don't apply to the military. It is quite likely that they they can legal operate their own cell towers. Similar exceptions are made for prisons, which can operate their own cell towers to keep inmates from making calls from smuggled cell phones.

Re:Around or on top of millitary bases?

[ShanghaiBill]

This is a good article, as before I had no idea such sophisticated rogue towers were such a threat all over the US.

It is common. Where I live, in San Jose, California, our police department was caught illegally monitoring phone calls by operating a Stingray, which mimics a cell phone tower. Of course no one was punished or disciplined, and certainly no one lost their badge, because, hey, they are cops, and boys will be boys.

Re:Around or on top of millitary bases?

[Culture20]

"right on top of" is an American English colloquialism meaning "really close by", usually in terms of a pursuit, but sometimes with stationary objects.

Re:Around or on top of millitary bases?

[Imrik]

Not necessarily, they could have been allowed to make it easy to feed them false information.

Re:Around or on top of millitary bases?

[k6mfw]

It is likely that the military doesn't need deniability. Many FCC rules don't apply to the military.

military, like other federal agencies are "licensed" and freq coordinated by the NTIA and there databases are not publicly available like FCC general menu reports. http://fjallfoss.fcc.gov/Gener...

Re:Around or on top of millitary bases?

[AmiMoJo]

They are US towers designed to track people who visit military sites. If some potential terrorist visits a few different military sites to do reconnaissance with their phone they can be flagged up in a database somewhere. As a bonus whoever owns those towers gets to monitor all the calls, texts and data going through them. They probably like to keep an eye on military personnel too, in case any of them are traitors.

Re:Around or on top of millitary bases?

According to this ArsTechnica article, police departments are looking to upgrade their 2G stingers before they become obsolete.

http://arstechnica.com/tech-policy/2014/09/cities-scramble-to-upgrade-stingray-tracking-as-end-of-2g-network-looms/

Re:Around or on top of millitary bases?

[sociocapitalist]

"right on top of" is an American English colloquialism meaning "really close by", usually in terms of a pursuit, but sometimes with stationary objects.

Yep but it could also mean, you know, like "actually on top of".

Re:Around or on top of millitary bases?

[msauve]

"Similar exceptions are made for prisons, "

Try harder. Governmental bodies also need licenses, and that article doesn't in any way claim otherwise. In fact, it refers to jammers being illegal. What's happening is that the prison contractor is working with the local cell companies, who have the licenses.

Re:Around or on top of millitary bases?

[Ol+Olsoc]

If they indeed are Chinese (or otherwise foreign) spy towers, and so easily detected (the authors of the article didn't seem to have a hard time finding such towers), there's something terribly, terribly wrong with your homeland security.

It's just the "Ancient Aliens" neurosis. It's like Chemtrails, or even.........teh evile raynboze! https://www.youtube.com/watch?...

Too many stupid people have access to technology. Too many people think that because a tower has a conical cross section that it is a cell phone tower.

But hey, just because they looked up in the sky and saw a condensation trail, or a rainbow, or a tower, doesn't mean that contrails or rainbows or towers around military bases haven't existed for a long long long time.

It only means the veil of self absorption momentarily lifted from some dimbulb's brain, they saw something they never paid attention to in the past, and in true dimbulb fashion, came up with a dumb explanation for it.

Re:Around or on top of millitary bases?

[jeffmeden]

The article says ...

What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.

The summary says ...

Many of them are built around U.S. military bases.

Way to slant the summary to make it look like Chinese towers rather than our towers.

Considering that data exfiltration via 4G networks can be fast and run from nearly anywhere, it's not surprising at all that military installations (probably ones with secrets to keep) use these towers as a way to know exactly what's going in/out of their territory. It sure beats something as on-the-nose as simply using RF interference to block all calls/texts/data. They can catch would-be espionage spies in the act and probably even ID who sent them.

Re:Around or on top of millitary bases?

[jeffmeden]

(the authors of the article, who make about $3500 a pop selling reflashed phones to paranoid rich guys who do business in Asia, didn't seem to have a hard time finding such towers and making the hasty connection to China),

FTFY. And yes, these are US DoD towers used to prevent leaks of classified info and do other counterespionage monitoring.

Re:Around or on top of millitary bases?

[Culture20]

And you thought Culture 19 was brutal!

Re:Around or on top of millitary bases?

[Rich0]

Well, they are FCC regulated within the US, but you're basically talking about the government regulating itself. Mostly the FCC's concern is going to be interference - not even the Air Force wants to spend a billion dollars on some fancy radar system only to find out that the Navy spent a billion dollars building a fancy communications system that uses the same frequencies/etc. Obviously spread spectrum mitigates many of these issues, but not entirely so.

I can't imagine the FCC is going to tell DHS that they can't use some anti-terror toy.

Re:Around or on top of millitary bases?

[Rich0]

Of course no one was punished or disciplined, and certainly no one lost their badge, because, hey, they are cops, and boys will be boys.

Why, that is an outrageous accusation. I'm sure somebody was given an extra paid vacation, err, put on temporary suspension, when this hit the press.

Re:Around or on top of millitary bases?

[Rich0]

If they indeed are Chinese (or otherwise foreign) spy towers, and so easily detected (the authors of the article didn't seem to have a hard time finding such towers), there's something terribly, terribly wrong with your homeland security.

The problem is that when any little police department is allowed to deploy this sort of thing and it ends up being ubiquitous, how do you even detect when somebody is using one to spy on you.

I mean, if the Chinese (or whoever your favorite boogeyman is) drove a tank up I-95 towards Washington DC, you can bet that somebody would notice and put a stop to it before it could do anything serious. On the other hand, if every police department routinely patrolled the highways with tanks just in case they ran into an armored car running drugs, then the Chinese could probably slip a whole battalion of them into DC without anybody noticing.

Re:Around or on top of millitary bases?

[wvmarle]

True, if totally disregarding the part where the Chinese would have to ship those tanks unnoticed halfway across the world.

The part where they look at American tanks to copy the design and to make their own look exactly alike is the easy part, of course.

Re:Around or on top of millitary bases?

[Andrewkov]

The Mexican drug cartels have been building their own cellular network, maybe it's spread into the US? http://www.wired.com/2012/11/zeta-radio/

Sponsored post

[ourlovecanlastforeve]

It's a thinly veiled ad for a supposedly "secure" cell phone.

Re:Sponsored post

[AmiMoJo]

It seems like someone could create an app that detects these towers for any Android phone. There are public databases of known towers, or ones could easily be created. Then the phone simply downloads the database and periodically checks if the tower it is connected to is in there. If it isn't you know it is either very new or a fake one.

Re:Sponsored post

[drolli]

Yes i would have hoped that the most plausible theories (IMHO) for the cell towers would have been examined closer, but then it turned into a diffuse "china is so bad" speech.

IMHO there are several reasons why such towers could be close to military bases:

a) Some enemy to the US tries to spy on the solidiers phones (trying to uncover their identities etc) - unlikely

b) These cell towers serve to protect the identity of all (or some) phones (by filtering the network protocols, hiding location information) on the base, and are operated by the military.

c) Some US intelligence organization tries to spy on the soldiers to figure out who is spying, or whistleblowing, or something else of interest to them.

d) The primary fundtion is not to intercept phones of other providers, but to have a private 3G network

Clearly these towers were designed to find and

[jpellino]

intercept non-approved communications about kjhfgdt kans hwwpfu alowk nh ar akhde.

Re:Clearly these towers were designed to find and

[operagost]

That's exactly why I still use an analog modem with strong encryption for all my communications. Old-school, and rock soNO CARRIER

Article full text

[gargleblast]

Source.

Mysterious Phony Cell Towers Could Be Intercepting Your Calls

Wed, 08/27/2014 - 11:00

Unencrypted Connection Les Goldsmith Like many of the ultra-secure phones that have come to market in the wake of Edward Snowden's leaks, the CryptoPhone 500, which is marketed in the U.S. by ESD America and built on top of an unassuming Samsung Galaxy SIII body, features high-powered encryption. Les Goldsmith, the CEO of ESD America, says the phone also runs a customized or "hardened" version of Android that removes 468 vulnerabilities that his engineering team team found in the stock installation of the OS.

His mobile security team also found that the version of the Android OS that comes standard on the Samsung Galaxy SIII leaks data to parts unknown 80-90 times every hour. That doesn't necessarily mean that the phone has been hacked, Goldmsith says, but the user can't know whether the data is beaming out from a particular app, the OS, or an illicit piece of spyware. His clients want real security and control over their device, and have the money to pay for it.

To show what the CryptoPhone can do that less expensive competitors cannot, he points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone. Interceptors look to a typical phone like an ordinary tower. Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device.

“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says. “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip. We even found one at South Point Casino in Las Vegas.”

Who is running these interceptors and what are they doing with the calls? Goldsmith says we can’t be sure, but he has his suspicions.

“What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases. So we begin to wonder – are some of them U.S. government interceptors? Or are some of them Chinese interceptors?” says Goldsmith. “Whose interceptor is it? Who are they, that's listening to calls around military bases? Is it just the U.S. military, or are they foreign governments doing it? The point is: we don't really know whose they are.”

Ciphering Disabled Les Goldsmith

Interceptors vary widely in expense and sophistication – but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. Whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor. The baseband processor functions as a communications middleman between the phone’s main O.S. and the cell towers. And because chip manufacturers jealously guard details about the baseband O.S., it has been too challenging a target for garden-variety hackers.

“The baseband processor is one of the more difficult things to get into or even communicate with,” says Mathew Rowley, a senior security consultant at Matasano Security. “[That’s] because my computer doesn't speak 4G or GSM, and also all those protocols are encrypted. You have to buy special hardware to get in the air and pull down the waves and try to figure out what they mean. It's just pretty unrealistic for the general community.”

But for governments or other entities able to afford a price tag of “less than $100,000,” says Goldsmith, high-quality interceptors are quite realistic. Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured

Re:Article full text

[Richy_T]

Interesting. The immediate question in my mind is can our regular phones be made to detect these interceptor towers and how is he doing so? How does he know that these are not micro-cells that have been added to increase capacity (not that it might be possible to tell the difference).

Re:Article full text

[Rich0]

The problem is that the typical smartphone is designed to protect the baseband OS from the front-end OS, and not the other way around. If that baseband OS has full access to memory/IO and it is subverted, then you're talking about a rootkit detection problem from inside the rootkitted OS, and that is always tricky to do. The major vendors don't even try.

The solution security vendors like Blackphone and such pursue is to contain the baseband OS. For FCC reasons they probably still have to protect it from the front-end OS, but there is no reason that the firewall can't go both ways. Instead of giving the baseband CPU full access to memory/IO, they just partition up the phone so that it is like two computers in one box with a tightly-controlled interface between them.

This does not bother me

[eclectro]

The fact that these towers are found next to military bases speaks volumes.

The military needs to there own version of everything to make sure things work in times of national crisis, emergency, or security. They need to have their own infrastructure to insure communications. They need to control their communications around bases and know who is saying or doing what. They need to be able to anticipate attacks. Nobody should have any expectation of privacy on or next to a military base.

Quite frankly, I'm glad to see this.

Re:This does not bother me

and also test that their own systems can't be compromised by relatively off-the-shelf interception rogue cell phone towers

Re:This does not bother me

[flayzernax]

Uh, yeah, but the military can damn well make sure their hardware only interfaces with other military hardware, not your cell phone, and not prioritize your civilian traffic over their 'emergency, auxilary, or military channels'.

This is just more and more slippery goose shit for the sauce.

Re:This does not bother me

[flayzernax]

I'de like to also point out that these towers seem to be unsecure as more than the military agencies have accessed them. So you can't even be sure the military is to blame for them. It could very well be an illegal underground operation footed by the very very rich and powerful telecoms who know this technology oooh so well for many many nefarious reasons.

Re:This does not bother me

Nobody should have any expectation of privacy on or next to a military base.

The civilians living next to the military base expect the military to defend their freedom to expect privacy. Otherwise the military is not doing the job that the civilians are paying for. That is how civilized society functions, the military answers to civilian authority.

You are welcome to relocate to a military dictatorship if you want. There are plenty to choose from. Do not bother coming back.

Re:This does not bother me

[AHuxley]

Good for tracking protesters in any city :)

Re:This does not bother me

Suck authoritarian cock much?

Re:This does not bother me

[Charliemopps]

The fact that these towers are found next to military bases speaks volumes.

The military needs to there own version of everything to make sure things work in times of national crisis, emergency, or security. They need to have their own infrastructure to insure communications. They need to control their communications around bases and know who is saying or doing what. They need to be able to anticipate attacks. Nobody should have any expectation of privacy on or next to a military base.

Quite frankly, I'm glad to see this.

Last time I checked, my constitutional rights didn't get suspended inside a casino in Las Vegas... did you miss that part? Many were on bases, but not all or even most. If the military wants to control their own communications they are welcome to start their own cellular network, they could even use these towers and then have their staff roam to other networks when they weren't near a base.

The only reason they are doing this is to intercept the calls of us citizens which is both illegal and unconstitutional. Your imaginary safety is not worth my constitutional rights. This sort of surveillance is exactly what the constitution was created to protect us from. It's not some weird esoteric thing the founders could never have anticipated like Machine guns or Abortions. This is the government listening in to the private correspondence of citizens for the sole purpose of security. That's expressly and unarguably forbidden legally, constitutionally and every other way you can think of.

Re:This does not bother me

[DutchUncle]

Maybe there are different things going on, like maybe the military bases have their own separately-powered communications that are sort of legitimate, and the interception near the casino is more on the shady side (with a supposedly good reason like "make sure nobody is using cellphones or video to cheat the casino").

I think you're overreacting to the threat from the government. I'm not worried about military surveillance around military bases, because I don't have to go driving near military bases (and besides, it's a clearly signed MILITARY BASE, of course they've got security); I'm more worried about PRIVATE surveillance from anybody who can afford one of these systems.

Re:This does not bother me

> Nobody should have any expectation of privacy on or next to a military base.

Sadly, your Executive & judicial branches define "next to" to be "within 100 miles" where rights exclusion zones are concerned.

http://rt.com/usa/court-upholds-laptop-border-searches-041/

Re:This does not bother me

[American+Patent+Guy]

There is no U.S. constitutional right to privacy. This is particularly true where your communications are broadcast in the clear for the world to receive. (You do know that's what your cell phone does, right?)

In the U.S. your right to privacy, to the extent you have one, is granted by statute. Your constitutional right to be secure in your person keeps the government from reaching into your pocket, not from listening to your public ramblings.

If a policeman wants to stand on the corner listening to public conversations, he gets to. If you don't want the government listening to your conversations, the solution is for you to make them secure by means of having them in private rooms and/or with encryption (from both a legal and a technical standpoint). The government doesn't have to implement your fantasies...

Re:This does not bother me

[Feces's+Edge]

There is no U.S. constitutional right to privacy.

The government can only do what the constitution says it can. The constitution is not a list of rights that citizens have, but a list of powers that the government has. Therefore, there is a constitutional right to privacy unless explicitly stated otherwise.

This is particularly true where your communications are broadcast in the clear for the world to receive.

Oh, fuck off. I damn well expect the government to not listen to my communications. And say, "Well, it would be pretty easy to listen to your conversation!" doesn't mean that it's moral to do so. My conversation is between me and the person I'm talking to. It's not public just because it's transmitted in the clear, and people like you with a such a privacy-hostile mentality are the cause of things such as the TSA, the NSA's mass surveillance, and warrantless wiretapping in general.

If a policeman wants to stand on the corner listening to public conversations, he gets to.

Not if We The People say that that is not okay and punish the government if it does such things. We can place any limitation upon the government that we want.

Re:This does not bother me

There is no U.S. constitutional right to privacy.

Yes there is. It is contained in implications of and the relationships between the 4th, 9th and 14th amendments. See Griswold v. Connecticut for more details.

Re:This does not bother me

[American+Patent+Guy]

The government can only do what the constitution says it can. The constitution is not a list of rights that citizens have, but a list of powers that the government has. Therefore, there is a constitutional right to privacy unless explicitly stated otherwise.

And by the same logic the government can't stop you from driving your car on the public roads or from selling narcotics on the corner.

This is particularly true where your communications are broadcast in the clear for the world to receive.

Oh, fuck off. I damn well expect the government to not listen to my communications. And say, "Well, it would be pretty easy to listen to your conversation!" doesn't mean that it's moral to do so. My conversation is between me and the person I'm talking to. It's not public just because it's transmitted in the clear, and people like you with a such a privacy-hostile mentality are the cause of things such as the TSA, the NSA's mass surveillance, and warrantless wiretapping in general.

I will choose to "fuck off" behind closed doors. You apparently want to fuck off in the street and expect everyone else to turn away or go to jail. If you want to post your conversations in public places, then you can't reasonably expect them to be private, even under the color of your warped sense of morality. (Let me help you to notice the obvious: there is no wire to wiretap where a cell phone is used.) I'm not hostile to privacy at all: I am hostile to idiots like you who won't take it upon yourself to understand the law and protect yourself under it.

If a policeman wants to stand on the corner listening to public conversations, he gets to.

Not if We The People say that that is not okay and punish the government if it does such things. We can place any limitation upon the government that we want.

Well, "we the people" have not said that in the Constitution or anywhere else that I know of. You're living in a fantasy. If you care about your privacy, then take the responsibility upon yourself to protect it and stop pointing the finger and an institution that is apparently acting legally.

Re:This does not bother me

[wvmarle]

If so, why would those towers be only at their bases? If using regular mobile phone frequencies (or frequencies close to those), they won't be able to create a complete network out of them, simply because the reach of those towers is limited to some 50 km, or the nearest mountain or tall building. Get off the base, and lose your communication - doesn't sound like a very useful system in case of emergency or war.

Re:This does not bother me

[Feces's+Edge]

And by the same logic the government can't stop you from driving your car on the public roads or from selling narcotics on the corner.

Unless you can find some part of the constitution that says they can, they can't. If you don't like it, amend the constitution. Or just use the commerce clause in ways it was never intended to be used again, if you happen to be an asshole.

You apparently want to fuck off in the street and expect everyone else to turn away or go to jail.

Nope. I expect that people not spy on our communications. Being right next to someone and speaking or spotting someone in a public place is 100% different from the government using surveillance technology to spy on your communications, whether encrypted or not. Only authoritarian scumbags would suggest otherwise. I seriously have no idea why anyone would think it's a good idea to let the government spy on your communications. I mean, I realize some people are mentally retarded, but not to that extent... right?

I am hostile to idiots like you who won't take it upon yourself to understand the law and protect yourself under it.

I understand the law, and I understand that the government often breaks it, while the courts just let them do as they please.

Well, "we the people" have not said that in the Constitution or anywhere else that I know of.

Ignorant fool. Did you not see the word "if"? Even assuming (and I don't believe this) what they're doing is legal now, that could be changed if we wanted it to change.

If you care about your privacy, then take the responsibility upon yourself to protect it and stop pointing the finger and an institution that is apparently acting legally.

"apparently acting legally"? Only in the eyes of authoritarian scumbags. But of course, the government has the capability to easily break into my house and install surveillance equipment everywhere. Therefore, it's okay, and it's all my fault for not making my house impenetrable. But, wait! The courts have arbitrarily decided that this case is different, so it's absolutely different!

Re:This does not bother me

[American+Patent+Guy]

There is no U.S. constitutional right to privacy.

Yes there is. It is contained in implications of and the relationships between the 4th, 9th and 14th amendments. See Griswold v. Connecticut for more details.

No, there isn't. The case law you refer to defines aspects of privacy in the "penumbra" of other rights. Now, I can define any term I want to any way I want to and, if it appears in a Supreme Court case, it instantly becomes "the law" to those who want it to be. The "right to privacy" that Griswold discusses is the right individuals have to control aspects of their lives (such as the use of contraception). Griswold does not grant any right to keep the government from peering in your open windows, following you around town or reading your postcards you put in the mail.

Perhaps the most supportive case you have is Mapp v. Ohio: http://www.law.cornell.edu/sup... ... and that says that the government can't invade your SECURED residence to collect evidence. If you leave the information or the evidence in the open (as you're doing when you broadcast your cell phone conversations), you aren't protected by that decision. If you walk out to the street and shout a message to the world, there is no "right to privacy" granted by the Constitution you can use to keep anyone from hearing and recording it.

May I suggest to you that the flaw in your lack of "privacy" lies in the technology, and not in the law as it presently stands? Do you want privacy? Then demand it from your communications carrier, or see that you implement any necessary encryption yourself.

Re:This does not bother me

[sociocapitalist]

The fact that these towers are found next to military bases speaks volumes.

The military needs to there own version of everything to make sure things work in times of national crisis, emergency, or security. They need to have their own infrastructure to insure communications. They need to control their communications around bases and know who is saying or doing what. They need to be able to anticipate attacks. Nobody should have any expectation of privacy on or next to a military base.

Quite frankly, I'm glad to see this.

RTFA and it says the towers were found ON not NEAR the bases.

I also have enough confidence in the military that they have entire books of regulations covering things like radio towers being anywhere near a base.

Re:This does not bother me

The military is not going to go through the expense of creating a completely seperate cell phone network for unclassified communications. More than likely, most of these are just military towers to ensure that people on the base have consistent access with their government-issued cells phones. Some of them may be used for local security, but it's difficult to imagine they're doing much productive spying with them in rural Nevada.

Re:This does not bother me

[bytesex]

They experiment with setting up their own cellular networks.

Re:This does not bother me

[usuallylost]

Whether you have to drive around a military base depends upon where you are. Here there are several large military installations in and around a densely populated metro area. One of the main roads goes by not one but two of them. There simply isn’t a realistic way to avoid them here. I’d have to drive 50 miles or more out of my way every day to avoid them. Even then half the metro area would be off limits to me. So whatever they are doing I am pretty much going to have to accept it because I am probably driving into and out of their area 10 times a day. So I am really hoping it is just for base security.

Re:This does not bother me

[Charliemopps]

These are not "public" conversations and this is not the police.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

This is the military opening our mail, literally. That's unconstitutional and illegal. Period.

Re:This does not bother me

[flayzernax]

Makes sense.

Re:This does not bother me

[Rich0]

The military needs to there own version of everything to make sure things work in times of national crisis, emergency, or security.

The military has their own radios for just that reason. They aren't going to depend on cell phones in a national security crisis. They certainly aren't going to try to harden a consumer cell phone and use it as a substitute for whatever the tanks on the battlefield use to communicate.

This came up in Iraq (I think that was Iraq v2, but maybe it happened in v1). The guys in the field had big clunky milspec GPS receivers, and many found consumer GPS units to be more featured and easier to use. The problem the military confronted was that they didn't want to be reliant on those consumer GPS units since they:
1. Couldn't handle spoofing.
2. Wouldn't work in a crisis that required the government to turn selective availability back on.
3. Probably wouldn't handle stuff like EMPs/etc.

Sure, that milspec receiver did 1/10th as much for 10x the cost and 3x the weight, but it handled all the contingencies that consumers don't care about.

Communications is important to the military. They're not going to rely on a consumer cell phone - they already degrade with relatively minor disasters let alone stuff like World War III.

Re:This does not bother me

[American+Patent+Guy]

Let's see:

Is a cell phone transmission part of one's "person"? No.
Is a cell phone transmission part of one's house? No.
Is a cell phone transmission part of one's papers? No.
Is a cell phone transmission part of one's effects? No.
Is a cell phone transmission part of one's mail? No.

How then is monitoring openly broadcasted radio transmissions unconstitutional, exactly?

(The issue of whether or not the military can or is opening the mail is entirely separate: the mail is at least put in a secure enclosure ... otherwise it couldn't be "opened".)

Re:This does not bother me

[operagost]

In case people didn't really buy into that quaint Enlightenment notion of limited government in the future, they added the ninth and tenth amendments to clarify that the federal government has only the rights enumerated and that not enumerating a right for the people (or the states) doesn't mean they don't have it.

Re:This does not bother me

[giltwist]

Perhaps the most supportive case you have is Mapp v. Ohio: http://www.law.cornell.edu/sup... ... and that says that the government can't invade your SECURED residence to collect evidence. If you leave the information or the evidence in the open (as you're doing when you broadcast your cell phone conversations), you aren't protected by that decision.

I'm not sure how the encryption used by cell phones doesn't count as "secured." So, what, the Government's definition of "secured" means mathematically/physically impossible to bypass? A lock pick can bypass a deadbolt in under a minute, but that's not allowed without a warrant. How is breaking (or subpoenaing from companies) an encryption key any different than picking a lock? The problem here is that no part of the cloud is considered my residence, even though I view my dropbox space as the digital equivalent of a drawer in my bedroom. I'd input a password into my phone to make or receive every single call if I had to.

Re:This does not bother me

[Whorhay]

It's bullshit and illegal simply under the 4th and probably under the DMCA. The article specifically mentions that they are using technical means to break the basic encryption of cell calls. When someone uses a cell phone to send a communication and it is encrypted they clearly intend it as a private communication. Deliberately intercepting that communication, breaking the encryption, and then doing who knows what with it is clearly a violation of the 4th. And by breaching the seal of that communication by breaking the encryption they have likely violated the DMCA. The fact that the communication happens via radio signal is of no consequence, when I mail a private letter I put it in my mail box for the carrier to pick up, with the red flag in the raised position. Anyone within a hundred yards can see that I have posting a communication, if they remove that letter, open it, read it, reseal the envelope and put it back they have broken the law.

On top of all of that, we don't need a "right of privacy" as the constitution is a set of laws explicitly listing what the government may do. It is not an explicit listing of citizens rights. Where in the constitution does it spell out that the government, or any entity may establish an automated system to intercept, record, and possibly alter private communications of thousands, possibly millions, of citizens without warrant or notification?

Re:This does not bother me

[American+Patent+Guy]

Oh, I get it. Since the Constitution doesn't enumerate a right for the police to sit in front of my house and conduct surveillance, they're acting unconstitutionally. Good luck with that argument the next time you get a traffic citation...

If these towers are sitting on federal land (such as military bases), then they can't be infringing upon your personal rights. (The federal government can have property rights, too.) If these towers are sitting on state-managed land, then their use is governed either by a constitutionally-enumerated federal right or by state law. (I'm not sure that you noticed this, but your statement of the Bill of Rights refers to the rights of the "federal government". That is because there is a separate state law that exists independently of the federal constitution and Bill of Rights. If you don't see something enumerated in the Constitution, that doesn't mean the law is void on that subject; it means you have to consider other sources of law.)

Re:This does not bother me

[American+Patent+Guy]

If under your cell phone protocol I can put up my own private cell phone tower and fool your phone into using it, then it can't be very secure, now can it?

Cell phones use well-known protocols that are easy to decode if you have the entire communication. You might not be able to decode a single packet in isolation, but if you have them all you can decode the entire conversation. The "encryption key" you refer to (which is really a decryption key) is transferred as one of the first packets of data. It's like shouting to your traveling companion standing across a lobby the combination code on your hotel door lock.

There is a state law that prohibits entry into your hotel room without your permission, regardless of whether or not it is locked. You have a property right in that space when you rent it. The public airwaves are not something you can own: there is no property right there and correspondingly nothing that you can be "secured" in. I think that's the important difference.

Re:This does not bother me

[American+Patent+Guy]

I already showed in two other comments that the 4th Amendment doesn't cover your wireless conversations. You can say over and over again that the 4th Amendment prohibits that, but without any supporting law you have only empty argument.

The DMCA is statutory law, not constitutional law. What I said is still correct even in the face of your argument: there is no constitutional right to privacy that prohibits the feds (or anyone else) from intercepting your cell phone communications.

The "intent" of someone to have a private communication is irrelevant. If a person uses an insecure means of communication, anyone with a view can see it and will not be protected by the law. Your "private letter" in your mailbox isn't in an envelope, and isn't inside a mailbox: it is open for anyone to see (particularly the mail carrier -- who clearly has the right to read anything unsealed in his duties to deliver the mail.)

You require an explicit recitation of rights, and at the same time you don't. You can't have it both ways...

Re:This does not bother me

[American+Patent+Guy]

In which case they aren't intercepting any communications. If the police seize your phone out of your pocket, then they are invading your person. If that invasion is unreasonable, then it is against the 4th amendment. Here were talking about an invasion that is so insignificant that you don't even know it happened.

Re:This does not bother me

[American+Patent+Guy]

Hey, I'm not trying to tell you what the law ought to be, nor am I trying to say what is moral. I'm just trying to clarify what it actually is. The examples you give are arguably lawful conduct.

If you want control of your personal information (you want to keep it private), don't look to Uncle Sam to protect you.

Re:This does not bother me

[American+Patent+Guy]

I'm not a troll nor am I thick. I'm a licensed IP attorney.

If a person does not take reasonable precautions to keep their communications private, then a judge will consider it to be public. The burden lies on the person desiring the privacy, not on the millions of people who could potentially be exposed to his accidental or negligent disclosure.

When a person selects a communication medium for their information, they accept all the limitations that come with it. For cell phone traffic, that means having it exposed to ears having the right equipment. Do you and I (having cell phones) accept these limitations? Apparently yes, because we use the medium. If we truly want privacy, then we can meet in a secure room, or we can communicate by passing writings, or we can use an encrypted link having privately exchanged keys beforehand.

The fact that a higher technical skill or more work is needed doesn't really help your argument. Pick your technology ... I'll tell you of a time when equipment became publicly available to intercept it, or I'll argue that I can hire someone to do it for me. And again ... there is no such thing as "wireless wiretapping". I don't have to touch or physically connect with (trespass) your medium to intercept a wireless communication. You're broadcasting it for all to receive who have the capability.

Re:This does not bother me

[Whorhay]

Again bullshit.

Again, their is no need for a "right to privacy", we inherently posses all and any rights not explicitly forbidden in the law or granted to the various Governments to which we are subject. The Constitution is an explicit listing of powers or rights that the Federal Government and it's agents may posses. They are not granted any more authority than is explicitly listed in the Constitution and whatever other laws we've passed. You could argue that some of this might be covered under the questionable patriot law clause, but that is more and more tenous by the day.

Intent and method matters when you are talking about communications, otherwise there would be nothing illegal about wiretapping any phone conversation. You are essentially arguing that just because you had a conversation using a STU in a fortified bunker in an old mineshaft that there is nothing wrong as a private citizen tapping that line, cracking the encryption, and doing whatever they want with it. Or say a voyeur installing their own airport type scanner in a public walkway of some sort disguised as something else, I mean nobody is bothering to even encrypt the radiation they are emitting or reflecting. Just because they wouldn't expect anyone to be able to see or detect that, or even know it's possible, their can't possibly be anything wrong.

And speaking of radiation. I would wager that these towers are also in violation of any number of FCC Regulations on the use of radio frequencies. The frequencies that are used by cell phones are very lucrative and are leased on an exclusive basis. These towers are very likely using bandwidth that is already leased to some other entity. Remember they aren't just listening they have to be broadcasting or the cellphones would never actually establish a connection with them.

So far as the DMCA goes, it is a law, as far as I know it applies to everyone unless they are explicitly exempted. According to the DMCA it doesn't matter how weak the encryption you are using is. Deliberately dycrypting something which you have not been explicitly authorized for is a violaiton and hacking of some sort or another.

The mailbox is exactly like radio transmissions it is just visible from a longer range and using a naturally visible frequency. When I put something in the mailbox it is continuously available to anyone who has the gumption to open the box and open the envelope. When you put a letter in an envelope and seal it, it is then obvious to anyone that it is private and not intended for anyone to read but the receipient listed on the envelope, doubly so if it's one of those 'security' envelopes. But the actual physical protection on that letter is still actually incredibly weak, my two year old frequently opens my mail for me. The same should be logically true for encrypted radio transmissions. Just because it is trivial to break does not justify deliberately doing so. And by virtue of those transmissions being in specifically leased frequency ranges they have an expected receipient, which is whoever the wireless provider is that leased the band and signed the contract with the end user. If the mailman accidentally, or even deliberately delivers my mail to your mailbox you are not legally allowed to just open it and read my correspondence.

As a private citizen I do not need an explicit recitation of rights, the only things I need explicitly stated are things that I may not do. The Government and its many agencies and agents does require an explicit grant of rights in the law to perform their duties. That is pretty much the entire point of our Constitution.

Re:This does not bother me

[shutdown+-p+now]

And by the same logic the government can't stop you from driving your car on the public roads

The federal government cannot and does not. The state government does not have such limits (though it has others, delineated in the corresponding state constitution).

or from selling narcotics on the corner.

The federal government cannot do this constitutionally (last time when they needed something like that, with alcohol, they had to make it a constitutional amendment to get that power). Unfortunately, the standing judicial interpretation for the last 70 years basically directly contradicts the constitution here.

Re:This does not bother me

[American+Patent+Guy]

The feds do it directly in Washington D.C., in the nationally managed parks, on federally-funded highways and on military posts. They do it indirectly through taxation and regulation.

The idea that the government (federal or state) cannot control something not enumerated in the constitution is a fairy tale. It should be obvious: the meaning behind the combination of letters on any page is not intrinsically sufficient -- the meaning ultimately lies in the minds of those who hold those words to be valuable.

Not towers

[VerdantHue]

The article doesn't say they are towers. It says that, to phones, they look like towers. Presumably, to people, they don't look like towers.

Interceptors look to a typical phone like an ordinary tower. Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device.... Interceptors vary widely in expense and sophistication – but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption.

Re:Not towers

[wisnoskij]

Except that the reason they place cell infrastructure on top of towers is not arbitrary. It is not like they can hide these "cell towers" 50 feet underground. Sure they could paint them blue, but they have to be high, and there are not really too many other ways of building something that is really high.

Military owned toweres

There are a number of positions in the military whose job is to put up or take down cell towers and any other telecommunications infrastructure at a moment's notice. They do it in warzones, on boats, on airplanes, at political rallies, during conventions and wargames. Is it so surprising that they keep permanent ones near or on their bases?

I would not be the slightest bit surprised to find half a dozen shady looking cell towers in a military base. Some soldiers shoot guns for a living, some fly drones, some pull cables, others do this.

Re:Military owned toweres

[Rosyna]

They are the new number stations!

Where did the linked to article go?

[AHuxley]

A few news sites and tech sites have:
"Android security mystery 'fake' cellphone towers found in U.S." (28 AUG 2014)
http://www.welivesecurity.com/...
Fake, phone-attacking cell-towers are all across America (Sep 1, 2014)
http://boingboing.net/2014/09/...
"The fake "interceptor" towers force your phone to back \\down to an easy-to-break 2G connection, then goes to work"
"..the baseband firewall on the Cryptophone set off alerts showing that the phones encryption had been turned off, and that the cell tower had no name a telltale sign of a rogue base station."
Fake cell phone towers may be spying on Americans calls, texts (September 03, 2014)
http://rt.com/usa/184636-fake-...

owner

[AHuxley]

The price has dropped to city, state and federal budget level for some of the tower like products.
The problem is more people now understand just how their low cost cell phone works as a gps becon, text, photo, calls list and voice, voice print collector.
The costs for voice systems like this in Ireland, South America where mil only historically. Now any regional, city, gov with funding can have a go at years of "warrantless surveillance".
The only issue is the upgrade to next gen costs and keeping details away from press with local FOIA like requests for city and state budgets.
Forcing 2g only signal use was the old news, now the next gen is ready for todays cell users in real time (beyond location tracking).
As 2g is removed in a few years, the new warrantless cell surveillance products are been made ready.

"Phony" cell towers?

[Black+Parrot]

Is this article some kind of joke I don't quite get?

Somewhat on topic.

[AbRASiON]

Can I just say,

From the mouths of ANYONE who isn't an American.
STOP FUCKING GEO-REDIRECTING LINKS FOR FOREIGNERS YOU ASSHOLES.

Jesus christ fuck me gently it's the worst god damned thing to do on any web page, I think it might actually be worse than "this content is not available in your region" - because at least it takes us (mostly) to what we wanted.

http://www.popsci.com/article/...
takes me to
http://www.popsci.com.au/?src=...

Thanks dipshits.

Re:Somewhat on topic.

[NoMaster]

Get around stupid geolocation redirects like that by using Google Translate as a proxy. Simply tell it to 'translate' the original URL from Arabic* to English.

(* or almost any language that doesn't use the Roman alphabet.)

Re:Somewhat on topic.

[anyaristow]

So, a magazine website would rather you visit their local version, to serve you better targeted ads, or local interest stories, or load leveling, or prices in local currency, or subscription services on the same continent, or maybe even to serve you better with faster access, and this is some American scheme to abuse you? Did it ever occur to you that an Australian company (or a German one, or...) wanting to create content unique to multiple continents might do the same thing? Or do you actually think URL redirection is a uniquely American thing, indicating a character flaw of an entire nation?

It's not *necessary* to use URL redirection to accomplish any of these things, but the dork who implemented it is no smarter than your average slashdotter, and just like how they create crappy interfaces, incomprehensible documentation (if any at all), code that is way more complex than it needs to be, or just simply can't solve the problem they were given, maybe...just maybe...they didn't anticipate your desire to not be given localized content, or that you'd take offense at their solution.

Re:Somewhat on topic.

[Smauler]

Click the second link, and you might understand the problem.

Re:Somewhat on topic.

The point is, GP wanted to see that article, and the website says "looks like you try to access some actual content, let me redirect you to our homepage." Kind of what happens sometimes when you browse from a shitty phone, "here, I'll help you, you wanted to see http://m.site.com/ right?"

Re:Somewhat on topic.

[Rich0]

It drives us Americans crazy too, at least for those of us who actually read stuff hosted outside the US. It is also fun when traveling to have to deal with redirection into a language you can't read. If I wanted the japanese version of your site, I'd have asked for it.

this might be another secret plan of #US govt.

[ltorvalds11]

this might be another secret plan of #US govt.

Not towers

[AHuxley]

Small cell hardware can be offered some concealment as signs, trees, big cactus, wider flag poles, bell towers, thin onto brick walls or fake wood sidings, water towers, added rooftop enclosures, fake tinted glass, in a new chimney box, fake dormers, cupola.
It just depends on who is paying and what fits in with the surrounding area.

this might be another secret plan of #US govt.

[AHuxley]

The other question is then what where telco teams and gov teams doing when they scan for allocated spectrum issues? Own tower, competitor networks, new interfering hardware to be located and that local 'fake' mobile tower should kind of show up on normal regional cell maintenance work. What do telco staff do? Just let the 'fake' mobile devices work alongside their own expensive networks 24/7 over years? Thats their brands network thats been used by some fake device...
Are new staff instructed only to worry about hardware and consumer grade issues? Fake networks are to be left alone and not explored?

It depends on your phone

[AHuxley]

Cell towers are usually owned or shared by telco firms, brands, providers that try to encrypt their users and are kind of easy to spot with hardware.
The "Phony" cell towers do not respond or act in the same way. They are fake but still fool a users phone into making a network connection.
Tame consumer grade hardware is fooled into seeing just another cell tower.

All in all...

[GrahamCox]

...it's just another brick in the wall.

For some reason people aren't breaking out the hammers. It's as if they just don't care, or fail to understand the implications at least, of all this surveillance and monitoring.

Re:All in all...

[KingOfBLASH]

"First they came for the Socialists, and I did not speak out—
Because I was not a Socialist.

Then they came for the Trade Unionists, and I did not speak out—
Because I was not a Trade Unionist.

Then they came for the Jews, and I did not speak out—
Because I was not a Jew.

Then they came for me—and there was no one left to speak for me."

– Martin Niemoeller

homeland security (wasRe:Around or on top of mill)

[sowth]

If they...so easily detected...there's something terribly, terribly wrong with your homeland security.

And this is news....how? This is the same government which brought the TSA, and they are certainly useless.

spectrum is expensive

[bugs2squash]

so you mean to tell me that the telcos that spend millions, billions on spectrum licensing don't spot rogue basestations mooching on their frequency allocations ? Or were all of these in unlicensed spectrum ?

Re:spectrum is expensive

[MildlyTangy]

so you mean to tell me that the telcos that spend millions, billions on spectrum licensing don't spot rogue basestations mooching on their frequency allocations ? Or were all of these in unlicensed spectrum ?

The telcos either
1) did spot them, quickly realise who it was and quickly shut up tighter than a Republican asshole, or
2) knew all along, and shut the fuck up tighter than the proverbial Republican, or
3) fuckn liberals

Re:spectrum is expensive

[AHuxley]

Re 'Or were all of these in unlicensed spectrum ?"
"Phone Firewall Identifies Rogue Cell Towers Trying to Intercept Your Calls" (09.03.14)
http://www.wired.com/2014/09/c...
Seems to offer a hint via "But the [FCC] task force will only examine the use of the devices by hackers and criminals—and possibly foreign intelligence agencies—not their warrantless use by law enforcement agencies bent on deceiving judges about their deployment of the powerful surveillance technology."
Seems to hint at a few known/listed devices getting a free gov/telco pass re frequency allocations when discovered in the wild.
The good news is a "... envision a consumer-level app in the future that could be installed on phones by individuals." :)

Re:Pico and Femto cells

[ZosX]

OMG! LOGIC!

Phony

[wonkey_monkey]

Mysterious, Phony Cell Towers

Aren't all cell towers phone-y?

*Phony* cell towers...

[kefalonia]

... ha ha, still LOL about it!

Makes me feel old

[dbIII]

The kids today need to learn the lessons we did when the operator could very obviously listen in to every call and would sometimes even break in and say something. The technology has changed but the capability is not just still there, it's easier. Never say anything on a phone that you would hate to see in a newspaper (or on a blog) - that most definitely includes credit card numbers.

Re:Makes me feel old

[mjwalshe]

so Ernestine the spook "We don't care. We don't have to. We're the Phone Company. "

Re:Makes me feel old

[bughunter]

Never say anything on a phone that you would hate to see in a newspaper (or on a blog) - that most definitely includes credit card numbers.

That goes for the camera, too. Don't take photos with your phone that you would never want revealed in public.

I would have written the same thing last Friday, but the whole fapocalypse thing last weekend underlines the risk. Unless you encrypt it yourself, your data isn't secure, not on the cloud, and not even on your own phone.

(So, can we just assume that the purpose of these towers are to collect nude photos of celebrities?)

Android IMSI-Catcher Detector (AIMSICD)

[sociocapitalist]

Looks like Apple has built in detection from IOS 5 (though being Apple it might well have an off switch for legal intercept type applications):
http://9to5mac.com/2011/06/07/...

And it looks like some developers have gotten together to do something for Android with a project called Android IMSI-Catcher Detector (AIMSICD)
https://secupwn.github.io/Andr...
http://seclists.org/fulldisclo...

Has anyone tried this?

Re:Android IMSI-Catcher Detector (AIMSICD)

[buckfeta2014]

If I recall correctly, this doesn't detect stingray, because stingray looks like any other cell tower.

Re:Android IMSI-Catcher Detector (AIMSICD)

[anyaristow]

Looks like Apple has built in detection from IOS 5

So, the iPhone he says unhelpfully didn't tell him there was a rogue tower...was actually aware of the rogue tower, and therefore not compromised? That it would have warned him if he tried to communicate through it, and has therefore already, for years, been doing the same thing his secure phone does? You mean someone who is selling a secure phone is making up a use case for it?

You don't say.

Re:Android IMSI-Catcher Detector (AIMSICD)

[sociocapitalist]

If I recall correctly, this doesn't detect stingray, because stingray looks like any other cell tower.

It seems that stingray is an imsi-catcher so unless there's a way for law enforcement to disable the notification (which I said may be the case in my original post) I think it should work.
http://en.wikipedia.org/wiki/S...

Do you have any more specific info on it?

I wonder

[DaMattster]

If this applies to CDMA technology as well.

Cut the cable -- See who screams

[gavron]

Take one out of action. See who responds. It's not that hard.

Make sure your lawyer is on speeddial.

E

Re:Cut the cable -- See who screams

[k6mfw]

Reminds me a discussion about difficulty remodeling The Pentagon that was built in 1941. "It took them 18 months to build, and it takes us 18 years to remodel" quoted a building contractor working on upgrading Pentagon walls, floors, etc. One major obstacle are so many cables strung throughout the complex. Cables from 1940s to 2000, many undocumented, which really slows down construction. There may be some old cable with that paper type insulation, may not look important but for all you know it may be the single hotline for Joint Chiefs of Staff to NORAD commander.

Some years ago there was an article about some town in India or China where utility poles had jumbled masses of cables, mayor was fed up of these horrible mess so visible downtown and not able to find who owns these to clean them up. So he ordered city crews to tear them all down which put the whole town into the 6th century and population screaming.

That's a pico cell

[Zeorge]

I know what you are talking about as I had to install one at a military base. Ours supported only US Government cell phones and unless your personal phone was able to see a carrier you would have no signal. This does require coordination with the carriers to make sure you don't interfere with them. These pico-cells are "smart" in that they communicated with the towers when it comes to hand-over, etc.

This is true

[Zeorge]

I was in the military and we could not operate all willy-nilly. A lot of our equipment, specifically radar, was way over-powered. However, the FCC rules only apply to the 12 mile limit (or whatever it may be now) of shore. The systems that we did use within that 12 mile limit had active FCC licensing. The one exception is that the operators, we did not have an FCC license. IIRC, in the commercial world we would have to have had them.

Re:This is true

[k6mfw]

I was in the military and we could not operate all willy-nilly.

I heard NTIA runs a "tight ship" and very diligent on coordination and authorization, unlike FCC which is mostly a political organization which doesn't stop sellers from offering things like 10watt 1.2GHz video transmitters that operate in the 950 to 1200 MHz aeronautical navigation (transponders) band. I was talking with a presenter at IWCE some years ago who has worked with both NTIA and FCC, he said compared to FCC the NTIA is horribly bureaucratic.

Data, data everywhere ...

[CaptainDork]

... and we can't find out who built the towers and who paid the freaking bill?

Cities are tracking people by cellphone

[h4ck7h3p14n37]

Cities like Chicago are installing cellphone tracking devices to monitor pedestrian traffic. http://readwrite.com/2014/09/0... http://articles.chicagotribune... There's one at the top of a light pole in front of the Board of Trade on Jackson St. It looks like a small, black, round trash can.