Slashdot Mirror
New App Detects Government Stingray Cell Phone Trackers
HughPickens.com writes IMSI catchers, otherwise known as stingrays, are those surveillance tools that masquerade as cell towers and trick mobile phones into connecting, spewing private data in the process. Law-enforcement agencies have been using them for almost two decades, but there's never been a good way for individuals to detect them. Now Lily Hay Newman reports that SnoopSnitch scans for radio signals that indicate a transition to a stingray from a legitimate cell tower. "SnoopSnitch collects and analyzes mobile radio data to make you aware of your mobile network security and to warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates." say German security researchers Alex Senier, Karsten Nohl, and Tobias Engel, creators of the app which is available now only for Android. The app can't protect people's phones from connecting to stingrays in the first place, but it can at least let them know that there is surveillance happening in a given area. "There's no one set of information, taken by itself, that allows you to detect an IMSI catcher," says Nohl. "But we do stream analysis of everything that happens on your phone, and can come out with a warning if it crosses a certain threshold."
Stingrays have garnered attention since a 2011 Arizona court case in which one agent admitted in an affidavit that the tool collaterally swept up data on "innocent, non-target devices" (U.S. v. Rigmaiden). The government eventually conceded in this case that the "tracking operation was a Fourth Amendment search and seizure," meaning it required a warrant. But given that the Justice Department has continued to claim that cellphone users have no reasonable expectation of privacy over their location data, it may take a Supreme Court judgement to settle the Stingray issue countrywide.
Stingrays have garnered attention since a 2011 Arizona court case in which one agent admitted in an affidavit that the tool collaterally swept up data on "innocent, non-target devices" (U.S. v. Rigmaiden). The government eventually conceded in this case that the "tracking operation was a Fourth Amendment search and seizure," meaning it required a warrant. But given that the Justice Department has continued to claim that cellphone users have no reasonable expectation of privacy over their location data, it may take a Supreme Court judgement to settle the Stingray issue countrywide.
JFGI
https://opensource.srlabs.de/projects/snoopsnitch/repository
"This app requires root access and will only run on devices with Qualcomm chipset."
That's not "for android". That's playing a Qualcomm trick with the baseband.
I also wonder if a better way might be (but I'm speculating here) to use the measured distance from the nearest cell tower (called Timing Advance), as in http://stackoverflow.com/a/137... - and couple it with a public database of known celltowers locations to spot recent "additions".
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
In fact, there's already something similar: http://wiki.opencellid.org/wik... and probably https://github.com/SecUpwN/And...
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
A better approach would be to keep a triangulation map of available towers over time.
The point of stingrays is that they are mobile. Cell towers are NOT.
Similar to older war-driving apps, the app looks for tower broadcast signals, even when it does not intend to hop. It keeps a record of the GPS coordinates of the handset (Seriously, a smartphone without a gps these days?) and the detected signal levels of all towers it sees.
It then builds a virtual geographical map of cellular towers based on its own radio data over time. The sudden, mysterious appearance of a new tower where there previously was not one, (and also where there does not seem to be capacity reason for one to be added, or one with a suspiciously small radius of service) would get flagged, and should get blacklisted by the phone until the user specifically says "No, it's OK to connect" (It may be a microcell at a crowded event or something)
That should allow creation of a stable whitelist over time.
You havent been following the stories on stingray use, have you?
Law enforcement agencies use them to eavesdrop on multiple cellular devices in the espionage radius, hoping to catch thier perps. the data of innocent civilians driving past also gets logged. this has been reported on. it is not handset specific.
the illegality of the practice does not seem to matter much except when the triale judge demands to know the source of the evidence. Even then, law enforcement frequently LIES about using stingrays.
a community method of tracking and recording stingray deployments in large urban centers that is public domain would open the doors to some serious FOIA request hilarity.
"hello, NYPD? yes, according to OpenTowerMap.Org, it appears that a new cell tower with unique ID XXXXXXXX went into operation in the area near to where your investigation into Nicky the Nose was going on, suspiciously consistent with the length of your investigation. Since your investigation agrainst Mr Nose has concluded, there should be no reason whatsoever to deny my request for any information you have on the use of a cellular monitoring device during that period at that location. Specifically, we want to know how many non-suspects accessed the device, and what the current status of thier records is, and also what degree or level of transparency your agency has taken to inform those innocent citizens that thier data was collected as part of your investigation."
etc.