Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Judge Throws Out Cell Phone 'Stingray' Evidence For The First Time (reuters.com)

Posted by BeauHD on from the first-of-its-kind dept.

An anonymous reader quotes a report from Reuters: For the first time, a federal judge has suppressed evidence obtained without a warrant by U.S. law enforcement using a stingray, a surveillance device that can trick suspects' cell phones into revealing their locations. U.S. District Judge William Pauley in Manhattan on Tuesday ruled that defendant Raymond Lambis' rights were violated when the U.S. Drug Enforcement Administration used such a device without a warrant to find his Washington Heights apartment. Stingrays, also known as "cell site simulators," mimic cell phone towers in order to force cell phones in the area to transmit "pings" back to the devices, enabling law enforcement to track a suspect's phone and pinpoint its location. The DEA had used a stingray to identify Lambis' apartment as the most likely location of a cell phone identified during a drug-trafficking probe. Pauley said doing so constituted an unreasonable search. The ruling marked the first time a federal judge had suppressed evidence obtained using a stingray, according to the American Civil Liberties Union, which like other privacy advocacy groups has criticized law enforcement's use of such devices. "Absent a search warrant, the government may not turn a citizen's cell phone into a tracking device," Pauley wrote. FBI Special Agent Daniel Alfin suggests in a report via Motherboard that decrypting encrypted data fundamentally alters it, therefore contaminating it as forensic evidence.

11 of 118 comments (clear)

  1. Throw them all out. by Anonymous Coward · · Score: 5, Insightful

    Bernard Seidler, Lambis' lawyer, noted that occurred a week after his client was charged. He said it was unclear if the drug case against Lambis would now be dismissed.

    This "War on Drugs" has proven to be a failure. Just regulate it like alcohol. And instead of sending these folks to jail, send them to rehab - an evidence based rehab like the Western Europeans do.

    Prosecutors like to say that some addicts need that "Come to Jesus" moment of getting arrested to get clean - and they have zero evidence to back that claim up. But the truth is that rehabilitation in the USA is a joke. It's not evidence based and when it fails, the program doesn't get blamed but the addict; when the opposite should be the case. I don't have to work for an antibiotic to work. It works or it doesn't. If someone has to "want" to change then you don't have an evidence based treatment but a placebo.

    Poor Lindsey Lohan has been in and out of rehab and her character is blamed when in fact the rehab places she's gone to are pretty much garbage.

    So, until we as a country grow up and stop this moralizing and hypocrisy about drug use, we are going to be pissing billions of dollars a year away on things that don't work.

    1. Re:Throw them all out. by Anonymous Coward · · Score: 5, Insightful

      The war on drugs, like the war on terror, isn't fought with the intention to win.

  2. Re:What? by cryptizard · · Score: 5, Informative

    Read the linked article. He is saying that if the government presents ONLY the decrypted data as evidence in court it is not forensically valid because it breaks the chain of evidence. They need to also show the originally captured encrypted data so that it can verified that the decrypted version actually correlates to what they got and was not somehow tampered with.

  3. Re:What? by Registered+Coward+v2 · · Score: 4, Informative

    "decrypting encrypted data fundamentally alters it" What? If the decrypted data doesn't match the data that was encrypted, you failed to decrypt it properly. On a purely technical level I guess he's correct. Encrypted, the data is just a bunch of jazz and whirly bangs. Once decrypted it's actual data, so on a purely superficial level, with no understanding of encryption, I guess he's right. Damnit

    This a typical /. summary that mistakes what was actually said to make it sound more interesting. The agent said decrypted data is different from what was taking by the warrant, and thus you are not turning using the actual information taken in the search (i.e. the encrypted data) but that it still is forensically sound; he never said that's "contaminating it as forensic evidence" just it may still be less forensically sound than the actual encrypted data. /. seems to imply somehow that makes the decrypted data not valid as evidence which clearly is BS.

    --
    I'm a consultant - I convert gibberish into cash-flow.
  4. Re:You would think. . . by cryptizard · · Score: 4, Informative

    That is exactly what the judge ruled. The main reason this isn't happening all over the place is that people don't understand how the devices work, and the police/prosecutors are not exactly volunteering the information. There is a good article about it here. Basically, the police hide the fact that they used stingray devices to track suspects by either making up some other reason that they happened to find themselves at the suspect's location or hiding something very vague on page 200 of the report like, "used electronic surveillance," which most defense attorneys do not know to challenge. In rare situations where the evidence has been challenged, the prosecution just drops the case so that precedent isn't set.

  5. Re:What? by Minupla · · Score: 3, Informative

    A valid point, but not really related specifically to encryption. Once evidence of any kind is gathered, how do you know the evidence is entirely original?

    I expect you meant "how do we know the evidence is unaltered." Typically a hash of the data is collected at the point of collection and stored along with other details (filename, length, date/time stamp, collector information) with the collected forensics data. So the hash value can be recomputed and verify that whatever file you're looking at is the same as at the point of collection. Additionally, the standard 'chain of custody' checks can be done to verify that that hash never changed at any point in the history of custody after it was collected. If a key is available, the defense could do their own decryption to confirm that the plaintext presented is the same as the plaintext they produce from a file with the correct hash. Min

    --
    On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
  6. Re:Why rehabilitate the unwilling? by Curunir_wolf · · Score: 5, Informative

    It is far better to leave people, who are not harming others, alone.

    The problem with this approach is we are, in general, too compassionate to walk by as someone writhes in agony from a cheetos-and-lard induced heart attack. We expect society to help them. So total disregard for one's health DOES have a cost to others. But it's tough to know where to draw the line

    You just did. As a society, we show compassion. But interfering with property rights is not okay. Just as someone that owns a book has every right to burn it, each person owns their own body and has every right to destroy that, too, without interference. In fact, owning YOURSELF is the first step is recognizing any human rights at all. Sure, we go out of our way to warn people about what they are doing "Hey if you keep eating cheetos and sitting all the time you will die sooner" - but they still have the final say in the matter. So there's the line.

    Also, be sure that you distinguish between "society" and "government", because they are not the same. There's a quote from, I think, Thomas Paine that spells it out pretty well... ah - here it is:

    "SOME writers have so confounded society with government, as to leave little or no distinction between them; whereas they are not only different, but have different origins. Society is produced by our wants, and government by our wickedness; the former promotes our happiness POSITIVELY by uniting our affections, the latter NEGATIVELY by restraining our vices. ... Society in every state is a blessing, but Government, even in its best state, is but a necessary evil; in its worst state an intolerable one: for when we suffer, or are exposed to the same miseries BY A GOVERNMENT, which we might expect in a country WITHOUT GOVERNMENT, our calamity is heightened by reflecting that we furnish the means by which we suffer." - Thomas Paine

    --
    "Somebody has to do something. It's just incredibly pathetic it has to be us."
    --- Jerry Garcia
  7. Re:You would think. . . by JaiWing · · Score: 3, Insightful

    ... How can the RF emitted by your cell phone, observed from a public space not be legally obtained evidence? ...

    it is a little different with a general radio-frequency emission. in the case where you are emitting RF voluntarily, locating and tracking that emission requires no special permissions. you are effectively yelling in a place, and they are following the sound.

    in the case of the stingray, it is giving false information to your phone, and your phone is identifying itself to a 'stranger'. in this case you are still emitting RF, and they could still locate and track that emission, but without the stingray, they would not be able to identify the owner of the RF emission until they located and identified they source..

  8. Re:You would think. . . by cryptizard · · Score: 3, Interesting

    , just the meta-data and signaling information between the tower and the phone.

    That is actually not true. Stingray devices are capable of "active" attacks where they act as a man-in-the-middle between cell phones and legitimate towers, thereby decrypting and recording calls. As far as the metadata is concerned, there is a legal history of requiring warrants to get that information from phone companies. The fact that technologically it is possible to directly get it by snooping with a stingray doesn't make it clear cut that it is actually legal for the police to do so, as was demonstrated here. As an analogy, if the FBI developed a technology that allowed them to read minute EM leakage off phone wires from 100ft away, it wouldn't suddenly become legal for them to tap your land line with that.

  9. Re:Why rehabilitate the unwilling? by Kjella · · Score: 3, Insightful

    That's just it, drugs generally do really bad things to people and those around them and many are helpless to break the cycle of dependency. Would you have us stand back and watch while people self destruct, killing themselves a little bit at a time?

    I'd be more inclined to agree with you if it was treated more like an illness and less like a crime. Criminalization might be good for those who choose to stay away from drugs because it is against the law, but it does nothing for the people actually using drugs. In fact, it makes everything worse. Don't tell me the effects of smoking a little pot is worse than the effects of being arrested for smoking pot, because it's just not true. Sure, it takes a lot of courage to go to an AA meeting and say you have an alcohol problem but I think it takes even more to say you have a drug problem. Same goes for clean, consistent quality - that street drugs may have all sorts of bad shit in them might scare some away, but it only makes it more dangerous for the actual users.

    By far most people who are really fucked up on drugs and get real destructive to those around them have some really bad shit in their past they want to get away from, this "gateway drug" theory is only looking at the steps not why people really take them. I read this story recently about a girl (17) who was now in rehab, started smoking pot at 12 and shot heroin at 14. Sure A followed B but if you listened even a little bit to her life's story you'd know she was ready to jump on any high to get away from the past. The vast, vast majority without psychological trauma will puff a little joint and get a buzz and that was it. Then there's a few with addictive personalities who can get addicted to anything from work and sex to gambling and drugs, but fuck it we're adults. I want to life my life even though you can't control yours.

    --
    Live today, because you never know what tomorrow brings
  10. Re:You would think. . . by gurps_npc · · Score: 4, Insightful

    Your base assumption is false, the police do not have blanket powers to lie to you. There are very specific rules about how and when police can lie. They can not for example lie and tell you that they are your lawyer. Nor can they, If your lawyer is present and they make an offer, claim "we were lying when we offered you immunity in exchange for testimony".

    They are also not allowed to disable your internet, knock on your door and say "I am from your ISP, here to fix your internet" unless they have a warrant.

    That situation seems to me to be the most direct comparison of a sting ray. They are preventing your phone from interacting with the network and instead pretending to be that network.

    That is radically different from passively listening.

    --
    excitingthingstodo.blogspot.com