Forgot your password?
typodupeerror
Electronic Frontier Foundation Cellphones Privacy Your Rights Online

Secret Stingray Warrantless Cellphone Tracking 62

Posted by Soulskill
from the your-phone-is-broadcasting-an-ip-address dept.
Penurious Penguin writes "Last year a Slashdot story mentioned the case of Daniel David Rigmaiden, or 'the Hacker.' With the help of an IMSI-catcher device, law enforcement had been able to locate and arrest the elusive 'Hacker,' leading to U.S. v. Rigmaiden. But far more elusive than the 'Hacker,' is the IMSI-catcher device itself — particularly the legalities governing its use. The secrecy and unconstitutionality of these Man In The Middle devices, i.e. 'stingrays,' has caught some attention. The EFF and ACLU have submitted an amicus brief in the Rigmaiden case; and EPIC, after filing an FOIA request in February and receiving a grossly redacted 67 out of 25,000 (6,000 classified) pages on the "stingray" devices, has now requested a district judge expedite disclosure of all documents. Some Judges also seem wary of the 'stingray,' having expressed concerns that their use violates the Fourth Amendment; and additionally, that information explaining how the technology is used remains too obscure. Perhaps the most controversial aspect of ISMI-catchers is their several-kilometer range. When a "stingray" is used to spoof a cellphone tower, thousands of innocent users may be collaterally involved. And while the government claims to delete all gathered data unrelated to the target, it also means no one else can know what that data really was. The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary." (More, below.)
Penurious Penguin continues, "The use of a pen-register (outgoing) and trap & trace (incoming) device, requires little more than a mewl of penal curiosity before a court, and no warrant or follow-up on the case is needed. The pen/trap seems unwieldy enough, as the EFF explains:

"Most worrisome, we've heard some reports of the government using pen/trap taps to intercept content that should require a wiretap order: specifically, the content of SMS text messages, as well as "post-cut-through dialed digits" (digits you dial after your call is connected, like your banking PIN number, your prescription refill numbers, or your vote for American Idol). intercept information about your Internet communications as well."

Precisely what data these "stingrays" collect will hopefully be soon revealed through such efforts as those of EPIC. It should be noted that the Stingray is one of multiple devices with the same application. The Stingray and several others are trademarks of the Harris Corporation. Some are quite pricey ($75,000), and others are, as mentioned last year by a Slashdot reader, peculiarly affordable — and available. For a more comprehensive overview of the subject, see this Wall Street Journal article."

This discussion has been archived. No new comments can be posted.

Secret Stingray Warrantless Cellphone Tracking

Comments Filter:
  • by Anonymous Coward

    What the fuck is going on here? The Slashdot summary says "Harrison Corporation" near the end, but looking at the links show "Harris" as the company behind these particular devices. I mean, it says the name right in the logo in the pictures of the device, and on the document! The logo basically is the name, for Pete's sake!

    I'm going to go on the assumption that the linked-to content is right, and that Harris Corporation is the correct name to be used in this case.

    Penurious Penguin , you need to get your sh

    • That was a typo; it is Harris. You are correct.
      I have bad momentson' good ones, like some mad vacillating, deliriouson Ferrison wheel.
    • by couchslug (175151)

      "And the Slashdot editors should have caught that right away."

      WHAT editors? All they do is SORT content, not edit it.

      • by Anonymous Coward

        "And the Slashdot editors should have caught that right away."

        WHAT editors? All they do is SORT content, not edit it.

        Objection!

        Your Honor, the witness is commenting on facts not in evidence.

  • by Anonymous Coward

    yup, turnkey police state

  • by wonkey_monkey (2592601) on Saturday October 27, 2012 @11:58AM (#41789513) Homepage

    Penurious Penguin

    Too late for that one...

    Secret Stingray

    That'll do!

  • Evil (Score:2, Insightful)

    by Anonymous Coward

    The government is evil.

    • Ah, but being the 'lessor' evil makes it all okay.

    • by petsounds (593538)

      I don't believe most people in government are evil. Most people in government just want to do their job, and groupthink overtakes them such that their ethical compass points in whatever direction gets the job done. The same thing can be seen in corporations. Most people are too weak-willed to stand up for what they believe in, and become part of the machine. Is this evil? I don't think so, it is a failing of the human spirit. These people, when the shit hits the fan, may come to see the error of their ways.

      • Well said. In fact, the blanket claim that some institution (company, government, etc.) is evil, takes people out of the equation, absolves them of blame, and simultaneously detracts from the fact that any solution must involve people. I think it is for that reason that freedom of speech and the use of protest actually are so important. Without such tools in the hands of the population the perpetrators (let's simply call them misguided, sloppy, and/or too caught up in their work) cannot even be made aware o

  • The only point these "redacted" things have, is to hide criminal activity.
    A government has no right to keep privacy from its citizens. Just like it has no right to take privacy from them.

    If they redact it, it must count as treason and result in jail until the full info is released.

    • by Anon-Admin (443764) on Saturday October 27, 2012 @12:42PM (#41789773) Homepage Journal

      Summed up as

      "A government by the people and for the people should not be allowed to keep secrets from the people!" -- Me for the last 8 years.

      The problem is that if it is deemed of National Security, they get to redact it. There is no punishment in place that could be applied if they remove it for national security reasons and it is later found to have been for criminal reasons. Example: the fact that a us company paid in tax payer dollars provided young boys for sexual use by Afghan Cops.

      http://blogs.houstonpress.com/hairballs/2010/12/wikileaks_texas_company_helped.php [houstonpress.com]

      Which was classified and thanks to WikiLeaks is now known.

      • by artor3 (1344997)

        Some things need to be kept secret. For example, the identity of undercover cops infiltrating gangs. But of course, secrecy can also be abused to cover up wrong-doing.

        The only way to determine whether or not something should be secret, is to look at it. So we need a third party trusted by both sides to do the looking. They need to be trusted by the government not to reveal something that really ought to be secret, and they need to be trusted by the people not to cover-up something that should be exposed.

  • by nurb432 (527695) on Saturday October 27, 2012 @12:20PM (#41789655) Homepage Journal

    Problem solved ( for at least one side of the call.. )

    • VOIP will protect the data if the content is properly encrypted, but headers and locations are still exposed. The phone can still be identified and located, which is already great information for the police. The IP addresses can be tracked in the header and voila, pen-register services without a warrant. And if VOIP is not encrypted, or if the encryption is weak, even the content can be accessed.
      • TOR is the next step of escalation. The cyberwar arms race has been going on for a long time, and it's it's not just governments.

        Horse (& cow) traders in the Midwest caused a surge of demand for cell phone encryption in the early 90's when news of how easily one could tap FM cell calls got out. The FCC's stand was that they were secure because listening in was illegal, even if the needed equipment was sold at Radio Shack.

      • by nurb432 (527695)

        Sure, location could be gathered but that doesn't always tell you much ' he was in a Starbucks making a call ', its who you call when that is a bigger deal.

        Also, i was thinking wifi, and turning off the cell radio. Harder to track that way. Plus this is all done on a throaway ( used or other cash market ) cellphone so it isnt traced back to you personally.

        Assumption is that proper encryption is being used, of course if its not then all bets are off.

  • by WaffleMonster (969671) on Saturday October 27, 2012 @01:02PM (#41789899)

    I don't know what all mobile platforms there is APIs / permission for this but I do know theres enough information provided from the RIL to be able to detect and track tower data.

    Reckon an app could be developed in to keep track of towers in the area and alert users if there are any changes.

    It could also crowdsource and mine data to uncover patterns useful in catching anyone using such devices.

    • The problem with this is that in urban areas you'll encounter lots and lots of picocell towers, and these may vary over time. In short, with GSM/3G you're never really sure who you're connected to. Apparently the Chinese embassy in London has its own tower and uses it to gather info on any protestors outside.
  • by Anonymous Coward
    "The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary." Just the fact that I called a specific number at a specific time is private information, regardless of the content. How is it a search warrant isn't necessary?
  • Wasn't 'squirrel' macho enough for the brute force and ignorance crowd?
  • First they assassinate Steve Irwin; now they spy on our cellphones? When is the government finally going to declare war?

"For the man who has everything... Penicillin." -- F. Borquin

Working...