Slashdot Mirror

← Back to Stories (view on slashdot.org)

NYPD Says Talking About Its IMSI Catchers Would Make Them Vulnerable To Hacking (vice.com)

Posted by BeauHD on from the breach-of-security dept.

An anonymous reader quotes a report from Motherboard: Typically, cops don't like talking about IMSI catchers, the powerful surveillance technology used to monitor mobile phones en masse. In a recent case, the New York Police Department (NYPD) introduced a novel argument for keeping mum on the subject: Asked about the tools it uses, it argued that revealing the different models of IMSI catchers the force owned would make the devices more vulnerable to hacking. The New York Civil Liberties Union (NYCLU), an affiliate of the ACLU, has been trying to get access to information about the NYPD's IMSI catchers under the Freedom of Information Law. These devices are also commonly referred to as "stingrays," after a particularly popular model from Harris Corporation. Indeed, the NYCLU wants to know which models of IMSI catchers made by Harris the police department has. "Public disclosure of this information, and the amount of taxpayer funds spent to buy the devices, directly advances the Freedom of Information Law's purpose of informing a robust public debate about government actions," the NYCLU writes in a court filing. The group has requested documents that show how much money has been spent on the technology. After the NYPD withheld the records, the FOI request was escalated to a lawsuit, which is where the NYPD's strange argument comes in (among others). "Public disclosure of the specifications of the CSS [cell site simulator] technologies in NYPD's possession from the Withheld Records would make the software vulnerable to hacking and would jeopardize NYPD's ability to keep the technologies secure," an affidavit from NYPD Inspector Gregory Antonsen, dated August 17, reads. Antonsen then imagines a scenario where a "highly sophisticated hacker" could use their knowledge of the NYPD's Stingrays to lure officers into a trap and ambush them.

17 of 53 comments (clear)

  1. We used to say this about wiretaps too by WillAffleckUW · · Score: 3, Insightful

    That was unconstitutional and illegal as well.

    Admit the crime and stop covering it up.

    --
    -- Tigger warning: This post may contain tiggers! --
  2. Can't be that great a tool by Opportunist · · Score: 4, Informative

    If your security is dependent on you not talking about the technology altogether, it is a pretty insecure and unreliable system altogether and should not be used, especially not in a situation where gathering evidence is critical. How easily could said evidence be thrown out if the tool you use to gather it is so insecure, unreliable and in a generally sorry state that you cannot even TALK about it lest it breaks?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:Can't be that great a tool by somenickname · · Score: 4, Interesting

      My thoughts as well. How can this be admissible in court if you can't publicly defend how/what/why you did what you did. If the technology is so vulnerable to hacking, that seems like it has "reasonable doubt" written all over it.

    2. Re:Can't be that great a tool by fred911 · · Score: 2

      Because the law enforcement advises it's agents to use parallel construction when they've got tainted evidence as the basis for a prosecution.

      https://en.wikipedia.org/wiki/...

      --
      09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
    3. Re:Can't be that great a tool by somenickname · · Score: 2

      Sure, I understand that. And, presumably, what law enforcement is worried about is IMSI catcher catchers. Basically, a device that can detect when a spoofed cell phone tower is in play. If such a device were reliable enough that it could be presented as evidence, it could potentially stop stingray based parallel construction in its tracks.

    4. Re:Can't be that great a tool by Fjandr · · Score: 2

      A distributed app collecting signal strength and cell site hardware data could rapidly expose any portable IMSI device. Just needs to be built and publicized by someone with the time, interest, and skill.

    5. Re:Can't be that great a tool by BlueStrat · · Score: 3, Insightful

      A distributed app collecting signal strength and cell site hardware data could rapidly expose any portable IMSI device. Just needs to be built and publicized by someone with the time, interest, and skill.

      I'm an R.F. engineering tech. I even worked for Harris (the manufacturer) back in the early '80s.

      I'll bet just comparing phase to obtain directional data and comparing locational data to actual cell site locations should be enough to alert to shenanigans.

      With a bit more sophistication the location could be narrowed to within ~10-15ft. Program a consumer hobby drone with the location, attach about a pound of HE to that drone, and IMSI goes bye-bye.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
  3. First rule of IMSI club by rsilvergun · · Score: 3, Funny

    Do not talk about IMSI club. Second rule: it this is your first night you have to violate someone's rights.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  4. Not to mention by fred911 · · Score: 4, Informative

    The acknowledgement would also at a minimum be an admission of multiple violations of section 301 of the Communications Act.

    https://www.law.cornell.edu/us...

    --
    09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  5. I can also imagine scenarios... by caladine · · Score: 3, Insightful

    ... where the police having this technology use it on a whim, without a warrant, and with absolutely no oversight.
    Oh, wait. That's already happening and doesn't require a "sophisticated hacker".

  6. Comprehensive defense testing by Fjandr · · Score: 2

    Taking a page from the State actors comprehensively exposing the defensive capabilities of the Internet core, there needs to be a distributed network setup to calculate and correlate all physical cell site information. When shared between a large number of users, it would be trivial to map all permanent physical infrastructure such that any IMSI catcher would light up like a bullseye the second it was turned on. Then that hardware could be targeted for comprehensive testing and exploitation. It wouldn't surprise me to see a future cellular botnet set up to do something just like that if it's not done for more above-board accountability reasons first.

    1. Re:Comprehensive defense testing by Xochil · · Score: 3, Informative

      AIMSICD has been working well for me in this regard.

      https://github.com/CellularPri...

  7. How about you audit and secure your code? by sandbagger · · Score: 2

    I'm very sorry you did not take security into account to the degree that you should have, and probably did no QA, but the facts are you have to in order to establish the credibility of your system and its data. Everyone else has to.

    --
    ---- The above post was generated by the Turing Institute. Maybe.
  8. Astoundingly stupid... by laird · · Score: 2

    Revealing which models of devices they bought doesn't reduce their security, unless they're using units with widely known security flaws that they leave open.

    Either they're really, really stupid or they think we are. Perhaps both?

    --
    Enable 3D printed prosthetics!
  9. translation by Tom · · Score: 2

    revealing the different models of IMSI catchers the force owned would make the devices more vulnerable to hacking.

    In other words: There is at least one audit report giving them very bad marks on security and they don't have the time, budget or expertise to fix the problem. Basically, they should be treated as if they are already hacked by an unknown party or two.

    You are not afraid of disclosing basic information unless you cover up known vulnerabilities.

    --
    Assorted stuff I do sometimes: Lemuria.org
  10. Re: New legal defense? by sir-gold · · Score: 2

    Or they just drop the charges entirely and walk away.

    http://arstechnica.com/tech-po...

  11. Re:A completely neophyte non-hacker... by sir-gold · · Score: 2

    Its easier than that.

    Just grab a phone out of one of those recycling bins they have at some electrics stores, and call 911 (all phones can call 911, even if not activated). You don't even have to talk, just make muffled sounds, and the police will eventually show up.

    The police don't even need to have a stingray, they already know where the phone is though e-911