Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Judge Throws Out Cell Phone 'Stingray' Evidence For The First Time (reuters.com)

Posted by BeauHD on from the first-of-its-kind dept.

An anonymous reader quotes a report from Reuters: For the first time, a federal judge has suppressed evidence obtained without a warrant by U.S. law enforcement using a stingray, a surveillance device that can trick suspects' cell phones into revealing their locations. U.S. District Judge William Pauley in Manhattan on Tuesday ruled that defendant Raymond Lambis' rights were violated when the U.S. Drug Enforcement Administration used such a device without a warrant to find his Washington Heights apartment. Stingrays, also known as "cell site simulators," mimic cell phone towers in order to force cell phones in the area to transmit "pings" back to the devices, enabling law enforcement to track a suspect's phone and pinpoint its location. The DEA had used a stingray to identify Lambis' apartment as the most likely location of a cell phone identified during a drug-trafficking probe. Pauley said doing so constituted an unreasonable search. The ruling marked the first time a federal judge had suppressed evidence obtained using a stingray, according to the American Civil Liberties Union, which like other privacy advocacy groups has criticized law enforcement's use of such devices. "Absent a search warrant, the government may not turn a citizen's cell phone into a tracking device," Pauley wrote. FBI Special Agent Daniel Alfin suggests in a report via Motherboard that decrypting encrypted data fundamentally alters it, therefore contaminating it as forensic evidence.

6 of 118 comments (clear)

  1. Re:What? by Anonymous Coward · · Score: 2, Informative

    Well, he's right. With an arbitrary algorithm and arbitrary key, encrypted data can be decrypted to absolutely anything. In particular, data might have been arranged so that it can be decrypted in multiple intelligible ways, only one of which reflects a true plot, and the other of which are just made up shit to confuse anyone who tries to decrypt it. Hell, some encryption utilities allow people to create shadow partitions with no important data in it, so if you give the "wrong" key, it still likes you're giving up the goods - a cleverer alternative would be to have multiple shadows each of which contain bullshit, each of which can be decrypted with varying ease, where the bullshit is especially easy to decrypt. If LE finds one, declare precisely what you've done, and remark that all they've done is decrypt one of your red herrings.

  2. Re:What? by cryptizard · · Score: 5, Informative

    Read the linked article. He is saying that if the government presents ONLY the decrypted data as evidence in court it is not forensically valid because it breaks the chain of evidence. They need to also show the originally captured encrypted data so that it can verified that the decrypted version actually correlates to what they got and was not somehow tampered with.

  3. Re:What? by Registered+Coward+v2 · · Score: 4, Informative

    "decrypting encrypted data fundamentally alters it" What? If the decrypted data doesn't match the data that was encrypted, you failed to decrypt it properly. On a purely technical level I guess he's correct. Encrypted, the data is just a bunch of jazz and whirly bangs. Once decrypted it's actual data, so on a purely superficial level, with no understanding of encryption, I guess he's right. Damnit

    This a typical /. summary that mistakes what was actually said to make it sound more interesting. The agent said decrypted data is different from what was taking by the warrant, and thus you are not turning using the actual information taken in the search (i.e. the encrypted data) but that it still is forensically sound; he never said that's "contaminating it as forensic evidence" just it may still be less forensically sound than the actual encrypted data. /. seems to imply somehow that makes the decrypted data not valid as evidence which clearly is BS.

    --
    I'm a consultant - I convert gibberish into cash-flow.
  4. Re:You would think. . . by cryptizard · · Score: 4, Informative

    That is exactly what the judge ruled. The main reason this isn't happening all over the place is that people don't understand how the devices work, and the police/prosecutors are not exactly volunteering the information. There is a good article about it here. Basically, the police hide the fact that they used stingray devices to track suspects by either making up some other reason that they happened to find themselves at the suspect's location or hiding something very vague on page 200 of the report like, "used electronic surveillance," which most defense attorneys do not know to challenge. In rare situations where the evidence has been challenged, the prosecution just drops the case so that precedent isn't set.

  5. Re:What? by Minupla · · Score: 3, Informative

    A valid point, but not really related specifically to encryption. Once evidence of any kind is gathered, how do you know the evidence is entirely original?

    I expect you meant "how do we know the evidence is unaltered." Typically a hash of the data is collected at the point of collection and stored along with other details (filename, length, date/time stamp, collector information) with the collected forensics data. So the hash value can be recomputed and verify that whatever file you're looking at is the same as at the point of collection. Additionally, the standard 'chain of custody' checks can be done to verify that that hash never changed at any point in the history of custody after it was collected. If a key is available, the defense could do their own decryption to confirm that the plaintext presented is the same as the plaintext they produce from a file with the correct hash. Min

    --
    On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
  6. Re:Why rehabilitate the unwilling? by Curunir_wolf · · Score: 5, Informative

    It is far better to leave people, who are not harming others, alone.

    The problem with this approach is we are, in general, too compassionate to walk by as someone writhes in agony from a cheetos-and-lard induced heart attack. We expect society to help them. So total disregard for one's health DOES have a cost to others. But it's tough to know where to draw the line

    You just did. As a society, we show compassion. But interfering with property rights is not okay. Just as someone that owns a book has every right to burn it, each person owns their own body and has every right to destroy that, too, without interference. In fact, owning YOURSELF is the first step is recognizing any human rights at all. Sure, we go out of our way to warn people about what they are doing "Hey if you keep eating cheetos and sitting all the time you will die sooner" - but they still have the final say in the matter. So there's the line.

    Also, be sure that you distinguish between "society" and "government", because they are not the same. There's a quote from, I think, Thomas Paine that spells it out pretty well... ah - here it is:

    "SOME writers have so confounded society with government, as to leave little or no distinction between them; whereas they are not only different, but have different origins. Society is produced by our wants, and government by our wickedness; the former promotes our happiness POSITIVELY by uniting our affections, the latter NEGATIVELY by restraining our vices. ... Society in every state is a blessing, but Government, even in its best state, is but a necessary evil; in its worst state an intolerable one: for when we suffer, or are exposed to the same miseries BY A GOVERNMENT, which we might expect in a country WITHOUT GOVERNMENT, our calamity is heightened by reflecting that we furnish the means by which we suffer." - Thomas Paine

    --
    "Somebody has to do something. It's just incredibly pathetic it has to be us."
    --- Jerry Garcia