Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mysterious, Phony Cell Towers Found Throughout US

Posted by Soulskill on from the can-you-hear-me-now dept.

Trachman writes: Popular Science magazine recently published an article about a network of cell towers owned not by telecommunication companies but by unknown third parties. Many of them are built around U.S. military bases. "Interceptors vary widely in expense and sophistication – but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. ... Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured devices like the VME Dominator, available only to government agencies, can not only capture calls and texts, but even actively control the phone, sending out spoof texts, for example."

25 of 237 comments (clear)

  1. They used to be called UHF TV tuners by 50000BTU_barbecue · · Score: 4, Interesting

    We could listen to AMPS cell phone calls by tuning to the high UHF channels and tuning between channels... Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

    --
    Mostly random stuff.
    1. Re:They used to be called UHF TV tuners by fahrbot-bot · · Score: 5, Funny

      Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

      Worst pick-up line ever.

      --
      It must have been something you assimilated. . . .
    2. Re:They used to be called UHF TV tuners by Frobnicator · · Score: 4, Funny

      Picking up phone calls over TV tuners is one thing. Buying and installing a product with a name like "VME Dominator".

      One of those can happen by innocent mistake. The other sounds ... well, not so innocent.

      --
      //TODO: Think of witty sig statement
    3. Re:They used to be called UHF TV tuners by viperidaenz · · Score: 4, Funny

      So it would be ok if they renamed it "VME Fluffy Bunny"?

    4. Re:They used to be called UHF TV tuners by TWX · · Score: 4, Funny

      Ahhh anyone remember the joy of pressing the outer tuning ring and going back and forth???

      Worst pick-up line ever.

      Any pickup line that works is an effective pickup line.

      Though in hindsight, using, "Gimme a waitress, hold the dressing," successfully at the IHOP should have set off some warning bells...

      --
      Do not look into laser with remaining eye.
  2. Around or on top of millitary bases? by m00sh · · Score: 5, Insightful

    The article says ...

    What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.

    The summary says ...

    Many of them are built around U.S. military bases.

    Way to slant the summary to make it look like Chinese towers rather than our towers.

    1. Re:Around or on top of millitary bases? by wvmarle · · Score: 5, Insightful

      If they indeed are Chinese (or otherwise foreign) spy towers, and so easily detected (the authors of the article didn't seem to have a hard time finding such towers), there's something terribly, terribly wrong with your homeland security.

    2. Re:Around or on top of millitary bases? by ShanghaiBill · · Score: 5, Insightful

      I'd give the US military more credit than that. They wouldn't place their own interceptors directly on their bases, but nearby. Else, how would you have plausible deniability?

      It is likely that the military doesn't need deniability. Many FCC rules don't apply to the military. It is quite likely that they they can legal operate their own cell towers. Similar exceptions are made for prisons, which can operate their own cell towers to keep inmates from making calls from smuggled cell phones.

    3. Re:Around or on top of millitary bases? by ShanghaiBill · · Score: 4, Informative

      This is a good article, as before I had no idea such sophisticated rogue towers were such a threat all over the US.

      It is common. Where I live, in San Jose, California, our police department was caught illegally monitoring phone calls by operating a Stingray, which mimics a cell phone tower. Of course no one was punished or disciplined, and certainly no one lost their badge, because, hey, they are cops, and boys will be boys.

    4. Re:Around or on top of millitary bases? by Culture20 · · Score: 4, Informative

      "right on top of" is an American English colloquialism meaning "really close by", usually in terms of a pursuit, but sometimes with stationary objects.

    5. Re:Around or on top of millitary bases? by k6mfw · · Score: 3, Informative

      It is likely that the military doesn't need deniability. Many FCC rules don't apply to the military.

      military, like other federal agencies are "licensed" and freq coordinated by the NTIA and there databases are not publicly available like FCC general menu reports. http://fjallfoss.fcc.gov/Gener...

      --
      mfwright@batnet.com
    6. Re:Around or on top of millitary bases? by AmiMoJo · · Score: 3, Interesting

      They are US towers designed to track people who visit military sites. If some potential terrorist visits a few different military sites to do reconnaissance with their phone they can be flagged up in a database somewhere. As a bonus whoever owns those towers gets to monitor all the calls, texts and data going through them. They probably like to keep an eye on military personnel too, in case any of them are traitors.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. Sponsored post by ourlovecanlastforeve · · Score: 5, Interesting

    It's a thinly veiled ad for a supposedly "secure" cell phone.

  4. Clearly these towers were designed to find and by jpellino · · Score: 4, Funny

    intercept non-approved communications about kjhfgdt kans hwwpfu alowk nh ar akhde.

    --
    "Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
  5. Article full text by gargleblast · · Score: 5, Informative

    Source.

    Mysterious Phony Cell Towers Could Be Intercepting Your Calls

    Wed, 08/27/2014 - 11:00

    Unencrypted Connection Les Goldsmith Like many of the ultra-secure phones that have come to market in the wake of Edward Snowden's leaks, the CryptoPhone 500, which is marketed in the U.S. by ESD America and built on top of an unassuming Samsung Galaxy SIII body, features high-powered encryption. Les Goldsmith, the CEO of ESD America, says the phone also runs a customized or "hardened" version of Android that removes 468 vulnerabilities that his engineering team team found in the stock installation of the OS.

    His mobile security team also found that the version of the Android OS that comes standard on the Samsung Galaxy SIII leaks data to parts unknown 80-90 times every hour. That doesn't necessarily mean that the phone has been hacked, Goldmsith says, but the user can't know whether the data is beaming out from a particular app, the OS, or an illicit piece of spyware. His clients want real security and control over their device, and have the money to pay for it.

    To show what the CryptoPhone can do that less expensive competitors cannot, he points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone. Interceptors look to a typical phone like an ordinary tower. Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device.

    “Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says. “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip. We even found one at South Point Casino in Las Vegas.”

    Who is running these interceptors and what are they doing with the calls? Goldsmith says we can’t be sure, but he has his suspicions.

    “What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases. So we begin to wonder – are some of them U.S. government interceptors? Or are some of them Chinese interceptors?” says Goldsmith. “Whose interceptor is it? Who are they, that's listening to calls around military bases? Is it just the U.S. military, or are they foreign governments doing it? The point is: we don't really know whose they are.”

    Ciphering Disabled Les Goldsmith

    Interceptors vary widely in expense and sophistication – but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. Whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor. The baseband processor functions as a communications middleman between the phone’s main O.S. and the cell towers. And because chip manufacturers jealously guard details about the baseband O.S., it has been too challenging a target for garden-variety hackers.

    “The baseband processor is one of the more difficult things to get into or even communicate with,” says Mathew Rowley, a senior security consultant at Matasano Security. “[That’s] because my computer doesn't speak 4G or GSM, and also all those protocols are encrypted. You have to buy special hardware to get in the air and pull down the waves and try to figure out what they mean. It's just pretty unrealistic for the general community.”

    But for governments or other entities able to afford a price tag of “less than $100,000,” says Goldsmith, high-quality interceptors are quite realistic. Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured

  6. This does not bother me by eclectro · · Score: 4, Insightful

    The fact that these towers are found next to military bases speaks volumes.

    The military needs to there own version of everything to make sure things work in times of national crisis, emergency, or security. They need to have their own infrastructure to insure communications. They need to control their communications around bases and know who is saying or doing what. They need to be able to anticipate attacks. Nobody should have any expectation of privacy on or next to a military base.

    Quite frankly, I'm glad to see this.

    --
    Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
    1. Re:This does not bother me by flayzernax · · Score: 5, Insightful

      Uh, yeah, but the military can damn well make sure their hardware only interfaces with other military hardware, not your cell phone, and not prioritize your civilian traffic over their 'emergency, auxilary, or military channels'.

      This is just more and more slippery goose shit for the sauce.

    2. Re:This does not bother me by Charliemopps · · Score: 4, Insightful

      The fact that these towers are found next to military bases speaks volumes.

      The military needs to there own version of everything to make sure things work in times of national crisis, emergency, or security. They need to have their own infrastructure to insure communications. They need to control their communications around bases and know who is saying or doing what. They need to be able to anticipate attacks. Nobody should have any expectation of privacy on or next to a military base.

      Quite frankly, I'm glad to see this.

      Last time I checked, my constitutional rights didn't get suspended inside a casino in Las Vegas... did you miss that part? Many were on bases, but not all or even most. If the military wants to control their own communications they are welcome to start their own cellular network, they could even use these towers and then have their staff roam to other networks when they weren't near a base.

      The only reason they are doing this is to intercept the calls of us citizens which is both illegal and unconstitutional. Your imaginary safety is not worth my constitutional rights. This sort of surveillance is exactly what the constitution was created to protect us from. It's not some weird esoteric thing the founders could never have anticipated like Machine guns or Abortions. This is the government listening in to the private correspondence of citizens for the sole purpose of security. That's expressly and unarguably forbidden legally, constitutionally and every other way you can think of.

    3. Re:This does not bother me by American+Patent+Guy · · Score: 3, Interesting

      There is no U.S. constitutional right to privacy.

      Yes there is. It is contained in implications of and the relationships between the 4th, 9th and 14th amendments. See Griswold v. Connecticut for more details.

      No, there isn't. The case law you refer to defines aspects of privacy in the "penumbra" of other rights. Now, I can define any term I want to any way I want to and, if it appears in a Supreme Court case, it instantly becomes "the law" to those who want it to be. The "right to privacy" that Griswold discusses is the right individuals have to control aspects of their lives (such as the use of contraception). Griswold does not grant any right to keep the government from peering in your open windows, following you around town or reading your postcards you put in the mail.

      Perhaps the most supportive case you have is Mapp v. Ohio: http://www.law.cornell.edu/sup... ... and that says that the government can't invade your SECURED residence to collect evidence. If you leave the information or the evidence in the open (as you're doing when you broadcast your cell phone conversations), you aren't protected by that decision. If you walk out to the street and shout a message to the world, there is no "right to privacy" granted by the Constitution you can use to keep anyone from hearing and recording it.

      May I suggest to you that the flaw in your lack of "privacy" lies in the technology, and not in the law as it presently stands? Do you want privacy? Then demand it from your communications carrier, or see that you implement any necessary encryption yourself.

  7. Re:Where did the linked to article go? by PPH · · Score: 4, Funny

    You're not trying to open this link on a phone near a military base, are you?

    --
    Have gnu, will travel.
  8. "Phony" cell towers? by Black+Parrot · · Score: 4, Funny

    Is this article some kind of joke I don't quite get?

    --
    Sheesh, evil *and* a jerk. -- Jade
  9. Somewhat on topic. by AbRASiON · · Score: 4

    Can I just say,

    From the mouths of ANYONE who isn't an American.
    STOP FUCKING GEO-REDIRECTING LINKS FOR FOREIGNERS YOU ASSHOLES.

    Jesus christ fuck me gently it's the worst god damned thing to do on any web page, I think it might actually be worse than "this content is not available in your region" - because at least it takes us (mostly) to what we wanted.

    http://www.popsci.com/article/...
    takes me to
    http://www.popsci.com.au/?src=...

    Thanks dipshits.

  10. homeland security (wasRe:Around or on top of mill) by sowth · · Score: 4, Insightful

    If they...so easily detected...there's something terribly, terribly wrong with your homeland security.

    And this is news....how? This is the same government which brought the TSA, and they are certainly useless.

  11. Makes me feel old by dbIII · · Score: 3, Informative

    The kids today need to learn the lessons we did when the operator could very obviously listen in to every call and would sometimes even break in and say something. The technology has changed but the capability is not just still there, it's easier. Never say anything on a phone that you would hate to see in a newspaper (or on a blog) - that most definitely includes credit card numbers.

  12. Android IMSI-Catcher Detector (AIMSICD) by sociocapitalist · · Score: 4, Interesting

    Looks like Apple has built in detection from IOS 5 (though being Apple it might well have an off switch for legal intercept type applications):
    http://9to5mac.com/2011/06/07/...

    And it looks like some developers have gotten together to do something for Android with a project called Android IMSI-Catcher Detector (AIMSICD)
    https://secupwn.github.io/Andr...
    http://seclists.org/fulldisclo...

    Has anyone tried this?

    --
    blindly antisocialist = antisocial