Slashdot Mirror
US Suspects Listening Devices in Washington (apnews.com)
For the first time, the U.S. government has publicly acknowledged the existence in Washington of what appear to be rogue devices that foreign spies and criminal could be using to track individual cellphones and intercept calls and messages. From a report: The use of what are known as cellphone-site simulators by foreign powers has long been a concern, but American intelligence and law enforcement agencies -- which use such eavesdropping equipment themselves -- have been silent on the issue until now. In a March 26 letter to Oregon Sen. Ron Wyden, the Department of Homeland Security acknowledged that last year it identified suspected unauthorized cell-site simulators in the nation's capital. The agency said it had not determined the type of devices in use or who might have been operating them. Nor did it say how many it detected or where.
The agency's response, obtained by The Associated Press from Wyden's office, suggests little has been done about such equipment, known popularly as Stingrays after a brand common among U.S. police departments. The Federal Communications Commission, which regulates the nation's airwaves, formed a task force on the subject four years ago, but it never produced a report and no longer meets regularly. The devices work by tricking mobile devices into locking onto them instead of legitimate cell towers, revealing the exact location of a particular cellphone. More sophisticated versions can eavesdrop on calls by forcing phones to step down to older, unencrypted 2G wireless technology. Some attempt to plant malware.
The agency's response, obtained by The Associated Press from Wyden's office, suggests little has been done about such equipment, known popularly as Stingrays after a brand common among U.S. police departments. The Federal Communications Commission, which regulates the nation's airwaves, formed a task force on the subject four years ago, but it never produced a report and no longer meets regularly. The devices work by tricking mobile devices into locking onto them instead of legitimate cell towers, revealing the exact location of a particular cellphone. More sophisticated versions can eavesdrop on calls by forcing phones to step down to older, unencrypted 2G wireless technology. Some attempt to plant malware.
With the disconnects between various agencies and departments within agencies, I wouldn't be surprised if it was some agency of the US government spying on us. It isn't like they haven't been caught already spying on Americans. But we don't talk about it because THAT would be RACIST!!!!!
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
This is the original statement on which conjectures are based on:
>Department of Homeland Security acknowledged that last year it identified suspected unauthorized cell-site simulators in the nation’s capital. The agency said it had not determined the type of devices in use or who might have been operating them. Nor did it say how many it detected or where.
This statement suggests that someone in DHS Washington actually checked with every single signals intelligence agency in the country to ensure that whatever they found isn't one of their own.
Considering the competition between various agencies within the state of US, I strongly suspect that what actually happened is that they couldn't get anyone domestic they asked to admit to having planted whatever they found, so they're working on assumption that it must be foreign by default. While it's most likely planted by one of the agencies, which may not even know it's theirs on the top of bureaucratic chain, must less be able and willing to pass this information on to DHS.
Because... All of the backdoors required to make surveillance of the masses possible..
Time for individual point to point encryption for just about everything..
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
One year ago, to the day ...
With a map of where the devices where, and all the probable parties that would be using them ... domestic and foreign, friendly or otherwise ...
CBC investigation finds cell phone trackers at work near Parliament Hill and embassies.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
We live in an age in which the bluray disk that you buy in the store will only operate correctly in a bluray player and TV that have contain appropriate encryption keys, yet our cell phone network - arguably something in need of *more* protection - lacks even the most basic handshaking or authentication capabilities. As users of this technology, we should be demanding Industry Standards which allow us to control the digital keys of networks and that we trust, so that we can actually look at our handset and determine which tower a device has paired with.
This would not stop the authorities from conducting legal, authorized surveillance, because they could simply get a court order and have the appropriate tower operator[s] grant them access to the traffic. Unless, of course, they were conducting illegal surveillance of people and didn't have a court order, but that's hardly our problem...
In a similar fashion, there was nothing stopping the makers of the so-called Stingray and other devices from having a configurable operator setup process in which, before "standing up" in operating mode, the device requires the operator to provide the number of numbers of a finite [but reasonably] number of handsets that the Stingray is to track. Say, for example, the a maximum of 100 cell phones]. Because the internal working of the Stingray could be designed to only "pair" with handsets on the list, the Stingray could only include data from legitimate targets, thus narrowing the scope for warrantless surveillance.
Both of these techniques are entirely within our capability, today. Both would require only software changes [although I'd concede that the first is more of a protocol change].
The fact that neither of these are even being discussed - that in fact there is no discussion concerning what might need to be done to ensure that surveillance remains proportionate, limited, controlled and of identified targets - should be ringing alarm bells - and not because of some simplistic, idealistic, libertarian dogma.
All the evidence we have suggests that our security services are suffering from "data overload" - that whilst there might be valuable intelligence gathered today, our ability to sift it out of the noise is simply lacking. So far from limiting the ability of security services to "find the bad guys", steps like these would actually enhance our ability to do so, by helping to "filter out the noise".