Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Judge Throws Out Cell Phone 'Stingray' Evidence For The First Time (reuters.com)

Posted by BeauHD on from the first-of-its-kind dept.

An anonymous reader quotes a report from Reuters: For the first time, a federal judge has suppressed evidence obtained without a warrant by U.S. law enforcement using a stingray, a surveillance device that can trick suspects' cell phones into revealing their locations. U.S. District Judge William Pauley in Manhattan on Tuesday ruled that defendant Raymond Lambis' rights were violated when the U.S. Drug Enforcement Administration used such a device without a warrant to find his Washington Heights apartment. Stingrays, also known as "cell site simulators," mimic cell phone towers in order to force cell phones in the area to transmit "pings" back to the devices, enabling law enforcement to track a suspect's phone and pinpoint its location. The DEA had used a stingray to identify Lambis' apartment as the most likely location of a cell phone identified during a drug-trafficking probe. Pauley said doing so constituted an unreasonable search. The ruling marked the first time a federal judge had suppressed evidence obtained using a stingray, according to the American Civil Liberties Union, which like other privacy advocacy groups has criticized law enforcement's use of such devices. "Absent a search warrant, the government may not turn a citizen's cell phone into a tracking device," Pauley wrote. FBI Special Agent Daniel Alfin suggests in a report via Motherboard that decrypting encrypted data fundamentally alters it, therefore contaminating it as forensic evidence.

27 of 118 comments (clear)

  1. Throw them all out. by Anonymous Coward · · Score: 5, Insightful

    Bernard Seidler, Lambis' lawyer, noted that occurred a week after his client was charged. He said it was unclear if the drug case against Lambis would now be dismissed.

    This "War on Drugs" has proven to be a failure. Just regulate it like alcohol. And instead of sending these folks to jail, send them to rehab - an evidence based rehab like the Western Europeans do.

    Prosecutors like to say that some addicts need that "Come to Jesus" moment of getting arrested to get clean - and they have zero evidence to back that claim up. But the truth is that rehabilitation in the USA is a joke. It's not evidence based and when it fails, the program doesn't get blamed but the addict; when the opposite should be the case. I don't have to work for an antibiotic to work. It works or it doesn't. If someone has to "want" to change then you don't have an evidence based treatment but a placebo.

    Poor Lindsey Lohan has been in and out of rehab and her character is blamed when in fact the rehab places she's gone to are pretty much garbage.

    So, until we as a country grow up and stop this moralizing and hypocrisy about drug use, we are going to be pissing billions of dollars a year away on things that don't work.

    1. Re:Throw them all out. by Anonymous Coward · · Score: 5, Insightful

      The war on drugs, like the war on terror, isn't fought with the intention to win.

  2. Re:What? by Anonymous Coward · · Score: 2, Informative

    Well, he's right. With an arbitrary algorithm and arbitrary key, encrypted data can be decrypted to absolutely anything. In particular, data might have been arranged so that it can be decrypted in multiple intelligible ways, only one of which reflects a true plot, and the other of which are just made up shit to confuse anyone who tries to decrypt it. Hell, some encryption utilities allow people to create shadow partitions with no important data in it, so if you give the "wrong" key, it still likes you're giving up the goods - a cleverer alternative would be to have multiple shadows each of which contain bullshit, each of which can be decrypted with varying ease, where the bullshit is especially easy to decrypt. If LE finds one, declare precisely what you've done, and remark that all they've done is decrypt one of your red herrings.

  3. Re:What? by cryptizard · · Score: 5, Informative

    Read the linked article. He is saying that if the government presents ONLY the decrypted data as evidence in court it is not forensically valid because it breaks the chain of evidence. They need to also show the originally captured encrypted data so that it can verified that the decrypted version actually correlates to what they got and was not somehow tampered with.

  4. Re:What? by Registered+Coward+v2 · · Score: 4, Informative

    "decrypting encrypted data fundamentally alters it" What? If the decrypted data doesn't match the data that was encrypted, you failed to decrypt it properly. On a purely technical level I guess he's correct. Encrypted, the data is just a bunch of jazz and whirly bangs. Once decrypted it's actual data, so on a purely superficial level, with no understanding of encryption, I guess he's right. Damnit

    This a typical /. summary that mistakes what was actually said to make it sound more interesting. The agent said decrypted data is different from what was taking by the warrant, and thus you are not turning using the actual information taken in the search (i.e. the encrypted data) but that it still is forensically sound; he never said that's "contaminating it as forensic evidence" just it may still be less forensically sound than the actual encrypted data. /. seems to imply somehow that makes the decrypted data not valid as evidence which clearly is BS.

    --
    I'm a consultant - I convert gibberish into cash-flow.
  5. Why rehabilitate the unwilling? by zerofoo · · Score: 2

    If you are truly a free human being - it is your right to consume any substances you like. If someone wants to be an addict and they hurt no one else in the process, what right does anyone have to force that person into rehab or treatment?

    It's a slippery slope - first we force addicts to become clean - next we force fat people to go to the gym.

    It is far better to leave people, who are not harming others, alone.

    1. Re:Why rehabilitate the unwilling? by Curunir_wolf · · Score: 5, Informative

      It is far better to leave people, who are not harming others, alone.

      The problem with this approach is we are, in general, too compassionate to walk by as someone writhes in agony from a cheetos-and-lard induced heart attack. We expect society to help them. So total disregard for one's health DOES have a cost to others. But it's tough to know where to draw the line

      You just did. As a society, we show compassion. But interfering with property rights is not okay. Just as someone that owns a book has every right to burn it, each person owns their own body and has every right to destroy that, too, without interference. In fact, owning YOURSELF is the first step is recognizing any human rights at all. Sure, we go out of our way to warn people about what they are doing "Hey if you keep eating cheetos and sitting all the time you will die sooner" - but they still have the final say in the matter. So there's the line.

      Also, be sure that you distinguish between "society" and "government", because they are not the same. There's a quote from, I think, Thomas Paine that spells it out pretty well... ah - here it is:

      "SOME writers have so confounded society with government, as to leave little or no distinction between them; whereas they are not only different, but have different origins. Society is produced by our wants, and government by our wickedness; the former promotes our happiness POSITIVELY by uniting our affections, the latter NEGATIVELY by restraining our vices. ... Society in every state is a blessing, but Government, even in its best state, is but a necessary evil; in its worst state an intolerable one: for when we suffer, or are exposed to the same miseries BY A GOVERNMENT, which we might expect in a country WITHOUT GOVERNMENT, our calamity is heightened by reflecting that we furnish the means by which we suffer." - Thomas Paine

      --
      "Somebody has to do something. It's just incredibly pathetic it has to be us."
      --- Jerry Garcia
    2. Re:Why rehabilitate the unwilling? by bobbied · · Score: 2

      That's just it, drugs generally do really bad things to people and those around them and many are helpless to break the cycle of dependency.

      Would you have us stand back and watch while people self destruct, killing themselves a little bit at a time? Where I get there is a limit to what government can do in a free society, but this question does not have a binary answer in the case of illicit drug use. Just taking the controls off and "making it legal" condemns a lot of people to needless lives of torment and early death, just as strict drug laws and enforcement with zero tolerance and total commitment to eradication of illegal substance use consumes vast resources, full jails and lives beset by a different kind of torment.

      The correct answer is somewhere in between the binary extremes I believe. The only problem is that it is very hard to define exactly where along the continuum you get the best outcome for the most people. (Which, by the way, *should* be our goal...) So I disagree with the legalization argument, based on the fact it will be really bad for a lot of people to fall into drug dependency.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    3. Re:Why rehabilitate the unwilling? by jimbolauski · · Score: 2, Insightful

      That's the problem you can't have unlimited freedom if you protect the people from the consequences of their decisions. If society has to bare the burden of supporting an addict then society should be able outlaw those decisions that lead to that outcome.

      --
      Knowledge = Power
      P= W/t
      t=Money
      Money = Work/Knowledge so the less you know the more you make
    4. Re:Why rehabilitate the unwilling? by spacepimp · · Score: 2

      People who can't afford to care for their children properly, shouldn't be able to breed as their offspring become a burden on society. The only answer is controlled breeding, Your logic is the same as those who justified eugenics.

    5. Re:Why rehabilitate the unwilling? by Kjella · · Score: 3, Insightful

      That's just it, drugs generally do really bad things to people and those around them and many are helpless to break the cycle of dependency. Would you have us stand back and watch while people self destruct, killing themselves a little bit at a time?

      I'd be more inclined to agree with you if it was treated more like an illness and less like a crime. Criminalization might be good for those who choose to stay away from drugs because it is against the law, but it does nothing for the people actually using drugs. In fact, it makes everything worse. Don't tell me the effects of smoking a little pot is worse than the effects of being arrested for smoking pot, because it's just not true. Sure, it takes a lot of courage to go to an AA meeting and say you have an alcohol problem but I think it takes even more to say you have a drug problem. Same goes for clean, consistent quality - that street drugs may have all sorts of bad shit in them might scare some away, but it only makes it more dangerous for the actual users.

      By far most people who are really fucked up on drugs and get real destructive to those around them have some really bad shit in their past they want to get away from, this "gateway drug" theory is only looking at the steps not why people really take them. I read this story recently about a girl (17) who was now in rehab, started smoking pot at 12 and shot heroin at 14. Sure A followed B but if you listened even a little bit to her life's story you'd know she was ready to jump on any high to get away from the past. The vast, vast majority without psychological trauma will puff a little joint and get a buzz and that was it. Then there's a few with addictive personalities who can get addicted to anything from work and sex to gambling and drugs, but fuck it we're adults. I want to life my life even though you can't control yours.

      --
      Live today, because you never know what tomorrow brings
    6. Re:Why rehabilitate the unwilling? by The+Grim+Reefer · · Score: 2

      That's just it, drugs generally do really bad things to people and those around them and many are helpless to break the cycle of dependency.

      Would you have us stand back and watch while people self destruct, killing themselves a little bit at a time? Where I get there is a limit to what government can do in a free society, but this question does not have a binary answer in the case of illicit drug use. Just taking the controls off and "making it legal" condemns a lot of people to needless lives of torment and early death, just as strict drug laws and enforcement with zero tolerance and total commitment to eradication of illegal substance use consumes vast resources, full jails and lives beset by a different kind of torment.

      I don't think there's a simple answer, but what we have now is a complete failure. Where I live there is a 24 year old girl who sold heroin to a guy who overdosed and died. While she was out on bail awaiting trial she sold heroin to another guy who also overdosed and died. After both trials I think she got a total of 40 years. Where I live we don't have parole or early release in my state. So her useful life is essentially over. Granted, it wasn't a smart move on her part, but most of us can look back on stupid things we did in our youth that we were lucky about the outcome. Many people who overdose also don't get help as those that are with them are fearful of calling for help.

      Alcohol is legal and destroys a lot of people's lives, as does smoking. Perhaps we should focus more on education and doing more to improve the quality of life. And I don't mean handing more cash to people. But actually helping them to have a purpose and contributing to society while having a satisfying career. It would not be cheap, but neither are the current war on drugs, prison and welfare systems, police forces, etc. It seems that what we've done so far has failed. Perhaps it's time to try something completely different.

    7. Re:Why rehabilitate the unwilling? by HornWumpus · · Score: 2

      The front of your work place is public property. You could hurt, annoy or damage the property of someone that matters.

      If you want to burn yourself, do it where you won't bother anyone.

      --
      John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
    8. Re:Why rehabilitate the unwilling? by Plus1Entropy · · Score: 2

      Would you have us stand back and watch while people self destruct, killing themselves a little bit at a time?

      We do that all the time with lot's of things, including drugs which are already legal, like alcohol, tobacco, and pharmaceuticals. Some of these pharmaceuticals, by the way, are identical to illegal drugs, but in a more pure and profitable form. For example, people under extreme pain may be prescribed or given diamorphine as a pain killer. You might know it by its more common name, heroin.

      I disagree with the legalization argument, based on the fact it will be really bad for a lot of people to fall into drug dependency.

      You hold the more common viewpoint of how addiction actually works, i.e. that you take the drug too much and then you are unable to stop, all else being equal. Up until recently, in spite of being pro-legalization, so did I. However, it's apparently not as cut-and-dry as that. Kurzgesagt made a pretty good video outlining why this model of addiction is harmful and the evidence against it.

      --
      Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
    9. Re:Why rehabilitate the unwilling? by whoever57 · · Score: 2

      Illicit drug use has historically shown to be a public health and welfare problem. Opium is the prime example, but other recreational drugs have similar negative affects upon users.

      You failed, once again, to get the point. The question is not whether drugs have negative consequences.

      The issue is not that illicit drugs are bad (although, I don't accept that this is fully true: what about marijuana?), the issue is that making drugs illegal may cause more problems for society than legalizing them.

      You do know that countries that have legalized some drugs have shown an overall benefit to society from legalization, don't you?

      Making drugs illegal does not prevent people from obtaining them. However, the illicit nature of drugs drives the illegal drug trade, which is responsible for many, many deaths.

      --
      The real "Libtards" are the Libertarians!
    10. Re:Why rehabilitate the unwilling? by david_thornley · · Score: 2

      And we run into the issue that there are medical problems that make the victim irrational, and therefore unwilling to seek help. If we could count on people making rational decisions from their point of view, that would be great. If you've decided that your desire to sit around and eat Cheetos all the time is greater than your desire to be healthy, I can respect that decision while thinking it's stupid. If you are sitting around eating Cheetos because you're suffering from clinical depression, and won't seek treatment because of your illness, that's different.

      This isn't clearcut. We don't want police detaining people without trial because they might be mentally ill, or make up mental illnesses because it's politically convenient. However, letting people's depression go untreated until they become homeless is very much like leaving someone to have a heart attack on the sidewalk. The use of some drugs can cause similar artificial irrationality.

      For that matter, what do you do if you find someone unconscious on the sidewalk? Pull out your phone and call 911 (number may very depending on country)? That's going to result in responders doing things to the unconscious person without his or her consent. Mental illness can make the person unable to rationally consent more subtly.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  6. Re:You would think. . . by cryptizard · · Score: 4, Informative

    That is exactly what the judge ruled. The main reason this isn't happening all over the place is that people don't understand how the devices work, and the police/prosecutors are not exactly volunteering the information. There is a good article about it here. Basically, the police hide the fact that they used stingray devices to track suspects by either making up some other reason that they happened to find themselves at the suspect's location or hiding something very vague on page 200 of the report like, "used electronic surveillance," which most defense attorneys do not know to challenge. In rare situations where the evidence has been challenged, the prosecution just drops the case so that precedent isn't set.

  7. Re:What? by Minupla · · Score: 3, Informative

    A valid point, but not really related specifically to encryption. Once evidence of any kind is gathered, how do you know the evidence is entirely original?

    I expect you meant "how do we know the evidence is unaltered." Typically a hash of the data is collected at the point of collection and stored along with other details (filename, length, date/time stamp, collector information) with the collected forensics data. So the hash value can be recomputed and verify that whatever file you're looking at is the same as at the point of collection. Additionally, the standard 'chain of custody' checks can be done to verify that that hash never changed at any point in the history of custody after it was collected. If a key is available, the defense could do their own decryption to confirm that the plaintext presented is the same as the plaintext they produce from a file with the correct hash. Min

    --
    On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
  8. Re:Stingray by bobbied · · Score: 2

    Oh these things are useful and the evidence they generate is valid for criminal prosecution, Just get a warrant before you use it... Case closed..

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  9. Re:You would think. . . by bobbied · · Score: 2

    In a way, I'm not sure this is really an issue. Apparently the device will now require that a search warrant be granted before it is used to collect evidence, at least in that jurisdiction.

    However, I wonder if this will be overturned on appeal (not that it matters to the perp as the evidence collected has now been tossed) because the police are free to lie to you when questioning you. How's that different from a device claiming to be a valid cell tower? Or, how's that different than using a directional antenna to find a specific RF transmitter device which happens to be carried by a suspect? Where I understand the stinger works a bit differently, but in principle it's not that much different from totally acceptable surveillance methods we've used for centuries that don't require warrants. As a investigator, I can follow you around in your public travels, observe what I can from public spaces at any time without a warrant. How can the RF emitted by your cell phone, observed from a public space not be legally obtained evidence? Because it's encrypted? How's that relevant?

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  10. Re:You would think. . . by JaiWing · · Score: 3, Insightful

    ... How can the RF emitted by your cell phone, observed from a public space not be legally obtained evidence? ...

    it is a little different with a general radio-frequency emission. in the case where you are emitting RF voluntarily, locating and tracking that emission requires no special permissions. you are effectively yelling in a place, and they are following the sound.

    in the case of the stingray, it is giving false information to your phone, and your phone is identifying itself to a 'stranger'. in this case you are still emitting RF, and they could still locate and track that emission, but without the stingray, they would not be able to identify the owner of the RF emission until they located and identified they source..

  11. Re:You would think. . . by cryptizard · · Score: 3, Interesting

    , just the meta-data and signaling information between the tower and the phone.

    That is actually not true. Stingray devices are capable of "active" attacks where they act as a man-in-the-middle between cell phones and legitimate towers, thereby decrypting and recording calls. As far as the metadata is concerned, there is a legal history of requiring warrants to get that information from phone companies. The fact that technologically it is possible to directly get it by snooping with a stingray doesn't make it clear cut that it is actually legal for the police to do so, as was demonstrated here. As an analogy, if the FBI developed a technology that allowed them to read minute EM leakage off phone wires from 100ft away, it wouldn't suddenly become legal for them to tap your land line with that.

  12. Re:You would think. . . by ADRA · · Score: 2

    The Stingray becomes a man in the middle. There's nothing passive about it. Imagine the real case of a plugging in a twisted pair tap on a phone line and you'll have a relatively accurate analogy.

    Why the heck aren't there apps that warn you when a new cell tower pops up in an area? It seams like a relatively simple system to beat, or does it act entirely like an existing tower ID's and all?

    --
    Bye!
  13. Re:You would think. . . by gurps_npc · · Score: 4, Insightful

    Your base assumption is false, the police do not have blanket powers to lie to you. There are very specific rules about how and when police can lie. They can not for example lie and tell you that they are your lawyer. Nor can they, If your lawyer is present and they make an offer, claim "we were lying when we offered you immunity in exchange for testimony".

    They are also not allowed to disable your internet, knock on your door and say "I am from your ISP, here to fix your internet" unless they have a warrant.

    That situation seems to me to be the most direct comparison of a sting ray. They are preventing your phone from interacting with the network and instead pretending to be that network.

    That is radically different from passively listening.

    --
    excitingthingstodo.blogspot.com
  14. Case law supporting my claim by gurps_npc · · Score: 2

    Here is an arstechnica article reporting on a judge ruling that the "cut the internet, then claim to fix it" lie is illegal:

    Arstechnica story

    and here is a link to the official ruling:
    arstechnica hosted court ruling.

    --
    excitingthingstodo.blogspot.com
  15. Re:You would think. . . by ShaunC · · Score: 2

    Why the heck aren't there apps that warn you when a new cell tower pops up in an area?

    There's AIMSICD, although I'm not sure how accurate it is. I played with it a bit last year and got a few yellow warnings, so the app detects something, but it's possible those were due to legitimate roaming or tower-sharing mechanisms. When protests were ongoing in Baltimore last year, multiple people with the app reported seeing orange warnings, which mean there's definitely some fuckery going on nearby, and red warnings, which mean the user's specific phone is being targeted.

    My big problems with AIMSICD last year were that it chewed through battery, the cell tower map never worked right, the upload function for OpenCellID.org was hit or miss, and there was little or no proper documentation about what the app actually does or what its different indicators mean. I think English was a second language for (most of) the developers as well as many of the users; this made the wiki and issue tracker difficult to parse. As neither an Android developer nor a subject matter expert, there wasn't much I could do to understand what was happening under the hood.

    That aside, the trouble with any stingray detector app is that it runs at the consumer OS level and can only know the "facts" that OS chooses to expose. It seems likely to me that most of the unconstitutional warrantless wiretapping functionality would operate at the baseband level, below and perhaps invisible to Android/iOS/etc and any apps running there.

    --
    Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
  16. Re:You would think. . . by Impy+the+Impiuos+Imp · · Score: 2

    The Stingray becomes a man in the middle. There's nothing passive about it. Imagine the real case of a plugging in a twisted pair tap on a phone line and you'll have a relatively accurate analogy.

    Why the heck aren't there apps that warn you when a new cell tower pops up in an area? It seams like a relatively simple system to beat, or does it act entirely like an existing tower ID's and all?

    For that matter, arent tower locations known? If a new one appears across the street, or is driving down the street, something is up.

    --
    (-1: Post disagrees with my already-settled worldview) is not a valid mod option.