Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Cellphones Government Privacy The Courts United States

Surveillance Case May Reveal FBI Cellphone Tracking Techniques 57

glittermage writes "The WSJ reports on an ongoing case about alleged 'Hacker' Daniel David Rigmaiden, regarding the government's tools used to track mobile devices with or without a warrant. The judge may allow Daniel to defend himself against the government's claims by putting the technology into the light. Sounds good to me."
This discussion has been archived. No new comments can be posted.

Surveillance Case May Reveal FBI Cellphone Tracking Techniques

Comments Filter:
  • Or not (Score:4, Interesting)

    by Hatta ( 162192 ) on Thursday September 22, 2011 @04:14PM (#37483966) Journal

    The judge could just as easily deny him an opportunity to defend himself based on unspecified "national security" fears.

    • by Z00L00K ( 682162 )

      From a technical point of view what can be done is to trace cell-towers and cells that his phone has accessed and do a rough estimation of his location.

      However if you are indoors in rural areas you can get rather weird results in location-handling since your phone isn't omni-directional but only sees towers in certain directions, which can make it appear that you are 10 miles off from where you actually are.

      And it's fairly easy to detect this on some devices - it's just a question of sending some "AT" comma

      • by Anonymous Coward

        from TFA:

        A stingray works by mimicking a cellphone tower, getting a phone to connect to it and measuring signals from the phone. It lets the stingray operator "ping," or send a signal to, a phone and locate it as long as it is powered on, according to documents reviewed by the Journal. The device has various uses, including helping police locate suspects and aiding search-and-rescue teams in finding people lost in remote areas or buried in rubble after an accident.

    • Re:Or not (Score:4, Interesting)

      by AngryNick ( 891056 ) on Thursday September 22, 2011 @05:04PM (#37484624) Homepage Journal
      Interesting timing. The Supreme Court is hearing oral arguments on the question of GPS tracking without a warrant [supremecourt.gov] on November 8th. I suspect the ruling could be applied to this kind of technology. Granted, one is "passive" tracking (the person owns the tracked device) and the other "active" (the government attaches the device to the person), but I see similarities in how the use of tracking technology in general impacts society's expectation of privacy.

      Civics homework: Defend your position on how the 4th amendment [wikipedia.org] protects/allows cell phone tracking of suspected criminals.
      • Is there a reasonable expectation of privacy as it relates to what towers your phone connects to (and if it will connect to a spoofed tower?).

        I.e. Postcard vs. Letter.

        Is connecting to the cell tower analogous to sending a postcard? The voice call equivalent to a letter in an envelope?
        -nB

        • Is there a reasonable expectation of privacy as it relates to what towers your phone connects to (and if it will connect to a spoofed tower?).

          I.e. Postcard vs. Letter.

          Is connecting to the cell tower analogous to sending a postcard? The voice call equivalent to a letter in an envelope? -nB

          The difference is that someone would have to happen upon a Postcard (unless they were specifically looking through the person's mail), which happens to have their name and address. Doing the same on a cell tower with lots of data requires a bit of cross checking to come up with the individual in question. Determining where they are based on multiple cell towers is even more involved.

        • by plover ( 150551 ) *

          It's not like a postcard. This is actually more like entrapment. They didn't simply monitor his cell device, they actively asked it to betray him.

          On its face it sounds similar to the police sending you a letter saying "Congratulations, Mr. networkBoy! You have won a cash prize of at least $10 from the 'Get What's Coming To You!' lottery! Show up at 123 Main St at noon on Friday the 13th to claim your prize, and be prepared to show a photo ID", paying you $10 for arriving and presenting your ID, bringing y

        • by WNight ( 23683 )

          Do you have an expectation of privacy when broadcasting signals? No. Of course not. And that's why, despite the USA's stupid laws, we encrypt our radio communications.

          But it should be reasonable to expect the company selling you an encrypted phone not sell you out without a warrant.

          Without the phone company identifying your phone for the snoopers you wouldn't stand out from the other anonymous devices. And because they refuse to use DOS-resistant protocols (ie, the phone only answering location queries from

      • The 4th amendment went out the window when they allowd the police to pull us over for no other reason but to see if we were drinking. The laws allowed to do that with no real reason, why not GPS tracking?
      • by MrL0G1C ( 867445 )
        If the supreme court ruled it legal for police to attach trackers to peoples cars without out warrants then anybody should be able to do it cos it's would be legal....right????
    • ...or suddenly drop the charges without explanation. You know, the same tact the MAFIAA take in civil cases - go for it big-time, until it looks like you are not going to get the result you want, then give up, act like nothing happened, and move on to the next poor sap.
  • by PPH ( 736903 ) on Thursday September 22, 2011 @04:20PM (#37484072)

    From TFA:

    According to a Harris document, its devices are sold only to law-enforcement and government agencies.

    Harris isn't the only one building these (other brands look a lot less like 1960's era gear) and we don't have assurances from these other manufacturers that they aren't being sold to private individuals or investigative firms.

    • Re:LEO Only? (Score:5, Insightful)

      by Khopesh ( 112447 ) on Thursday September 22, 2011 @05:06PM (#37484634) Homepage Journal

      From TFA:

      According to a Harris document, its devices are sold only to law-enforcement and government agencies.

      Harris isn't the only one building these (other brands look a lot less like 1960's era gear) and we don't have assurances from these other manufacturers that they aren't being sold to private individuals or investigative firms.

      We also don't have assurances that this can't be built by enterprising criminals. In another few years, home-brewed equivalent devices will likely be easy to make, thus empowering criminals, overprotective parents, and wannabe stalkers. If a warrant is not required, doesn't this mean that this technology fair game for anybody to use?

      Better to have the technology exposed and patch the security hole, then consider a warrant-requiring backdoor for law enforcement (i.e. use the existing providers' antennae rather than shelling out the money for taxpayer-funded stalkers in vans).

  • http://www.spyanycellphone.com/ [spyanycellphone.com]

    I'm not a shill. Just had a great laugh over this advertised website at the bottom of TFA. The kind of thing you must share with the rest of the cubefarm residents.

     

  • Wiretaps carried out by MI5 and MI6 are blocked from being been used in court cases. The legal rationale is that if the wiretaps were used, then they would have to disclose the intercept technology and methods. Obviously they don't want that. Craig Murray, as ambassador to Uzbekistan, had knowledge of the intercept methods in use and he revealed them in his book 'Murder in Samarkand':

    You can be bugged very easily. A sound bug can be no bigger than a pin, but it is not necessary to plant one. Directional microphones are very effective, and can be used from several hundred metres away if necessary, but it is much easier to use the telephone. Either a home landline or a mobile can be remotely activated to serve as a microphone, bugging the room even though the handset is down, or the mobile switched off. The resulting sound can be cleaned up to surprising quality."

    The FBI apparently uses similar technology that they call a "roving bug" [cnet.com]. Apparently this is the big secret that they don't

    • Either a home landline or a mobile can be remotely activated to serve as a microphone, bugging the room even though the handset is down

      Certainly not POTS? I wasn't aware they could remotely close your circuit to make you appear off the hook.

      • by chrb ( 1083577 )
        I had thought the same, but with modern digital phones and firmware, who knows? If the design of the phone allows the firmware to control the circuit, rather than having it mechanically linked to the handset being picked up, then it must be possible. Certainly, for systems that combine phone function with answerphone, it must be possible for the firmware to order the phone "off-hook".
      • They can on some phones.
        Not sure about all, or newer ones. In the former USSR this was commonplace. I have some Bell rotary phones (setup a basic three phone partyline as an intercom with them) that relied on this ability to work properly.
        (Kids love the partyline BTW).
        -nB

        • In the former USSR this was commonplace.

          In the former USSR it was believed to be commonplace, however it was technically impossible.
          The 30V loudspeakers connected to the local radio, on the other hand, were perfectly usable as microphones, and I would guess, some lucky KGB agents found such speakers in a mode suitable for listening. But everyone over the age of 15 knew that it's possible -- those speakers were commonly used as microphone replacement in home recording.

    • How can they use the device if the battery is taken out then? Never turn your phone off and leave the battery in, if you want it to be truly off. Of course, you'd need a device that has a user replaceable battery, not an iPhone or alike.
    • Sounds like we need to go back and use the old model 500 phones [wikipedia.org]. No software there to hack and the things last forever, my grandmother had a model 544 phone (the wall mount version of the model 500) that she replaced a couple of years ago so she could have a cordless and not have to sit or stand near the phone. .
  • by IamTheRealMike ( 537420 ) on Thursday September 22, 2011 @05:04PM (#37484618)

    Hrmm. There are several parts of the FBIs story here that aren't internally consistent.

    It's pretty well known by now thanks to Hollywood and TV shows that police can track mobile phones by triangulating signal strengths at different cell towers. Heck, phones do it themselves these days. The fixes can be fairly accurate in urban areas. There's no need for the phone to be making a call in order to be traced this way, because as the article points out, towers can talk to the phone any time they want.

    Presumably, phone companies require a warrant of some kind before performing this type of trace. This leads me to wonder if fake base stations like the Stingray devices have any use at all beyond avoiding phone companies legal processes. I could buy the explanation that a fake base station lets you get slightly more accurate fixes on the phones location, except that apparently even with these devices the best they were able to get was to a particular apartment block and they had to do old fashioned detective work to get closer. "Nearest block" is about as good as modern smartphones can do by themselves.

    There are a few other puzzlers in there. The government claim they can't reveal the devices capabilities without compromising future investigations, and then go on to state quite clearly that the devices can't intercept calls or data and that's why they don't feel they need a proper search warrant. This makes sense. Some kind of roving fake base station in an FBI van wouldn't be able to route calls successfully. And the GPRS/3G protocols don't terminate data encryption at the base station, but rather further back in the core network. But that implies the person being traced would be able to notice - if the data connection stops working, or calls fails to place, it could be a sign you're being traced. Time to switch the phone off. That could even be automated by a smartphone app. Is that trivial workaround what they're afraid of?

    Another puzzler. The 3G/UMTS protocols have the handset authenticate the network exactly to protect against fake base station attacks. How does the StingRay device handle this? Presumably, the major networks have all been required to hand over their root keys/certs so the FBI can emulate them. It makes you wonder how secure these keys can really be, if there are cops running around with the keys inside a box. If one of these devices got lost or was somehow sold to the wrong people, how hard would a key rotation be? Presumably you'd have to replace the SIMs? Again, this seems like a lot of problems that could easily be avoided by tracing the target device with the direct co-operation of the phone companies.

    I'd like to think there's a purely technical reason for the use of these things, but given the FBIs prevarication over exactly what kind of warrants they are getting, I'd be worried it's more a legal dodge.

    • by sjames ( 1099 )

      If the thing tricks phones into thinking it's a tower, how many 911 calls fail (with fatal results) while the FBI hunts for a tax cheat?

    • by Anaerin ( 905998 )

      Another puzzler. The 3G/UMTS protocols have the handset authenticate the network exactly to protect against fake base station attacks. How does the StingRay device handle this? Presumably, the major networks have all been required to hand over their root keys/certs so the FBI can emulate them.

      Not necessary. It goes something like this:

      • StingRay sends out "I am a cell tower" message
      • Cellphone responds asking "Really? I am xxxx, who are you?"
      • StingRay uses diversity antennae to triangulate position as it receives, then sends out "Oh, nobody important"

      Cellphone found.

    • The 3G/UMTS protocols have the handset authenticate the network exactly to protect against fake base station attacks.

      For GSM, this is not the case -- handsets do not authenticate the towers they're connecting to. It's trivial to become the loudest tower and get the phone to switch over to you... but there are technical hurdles around connecting back to the wireless carriers and getting calls / SMS to work correctly in both directions.

    • by Anonymous Coward

      Presumably, phone companies require a warrant of some kind before performing this type of trace

      That's a pretty big assumption there. The government will do everything it has the capability to do unless it is explicitly prohibited from doing it. That's partially because when you really get down to it on a personal level, some guy just wants to do his job, and isn't really thinking of the overall implications.

      However, the majority of the blame lies on people who erroneously believe and accept as justificati

    • I would guess, the device is actually very primitive -- it either:

      1. Acts as RF man in the middle between the phone and tower. Since it can't get identifying information, someone has to make a very short phone call that will be dropped immediately after they noticed that connection is established (and that is a BIG SECRET they are trying to protect).
      2. Forces fallback into an unencrypted or weakly encrypted mode (and then BIG SECRET is that the device is actually perfectly capable of intercepting conversati

  • by Dunbal ( 464142 ) * on Thursday September 22, 2011 @05:09PM (#37484672)
    Owned by News Corporation, talks about hacking. Pot, kettle, black.
  • Well, what did they expect?

    They aren't trying to catch a pedo here, but somebody w/ the knowledge to break into computer systems. Of course he will challenge the law in every single manner he can think of to win his freedom. You can call it an attempt to get off the hook, except what the FBI is doing is in violation of the 4th by not obtaining legal permission to use their technology and furthermore it's unethical, these people are paid to protect us, not spy on us, if I need protection that only the FBI

  • Charlie Savage reports for the New York Times on intelligence gathering. He has an article today [nytimes.com] that dovetails nicely into this Wall Street Journal article. Savage reports that two senators are concerned that the government is using secret means to surveil US citizens based on a ruling from the FISA court -- rulings that are secret. This is tantamount to having a secret law; something that is anathema to the Constitution.

"You know, we've won awards for this crap." -- David Letterman

Working...