DOJ Often Used Cell Tower Impersonating Devices Without Explicit Warrants 146
Via the EFF comes news that, during a case involving the use of a Stingray device, the DOJ revealed that it was standard practice to use the devices without explicitly requesting permission in warrants. "When Rigmaiden filed a motion to suppress the Stingray evidence as a warrantless search in violation of the Fourth Amendment, the government responded that this order was a search warrant that authorized the government to use the Stingray. Together with the ACLU of Northern California and the ACLU, we filed an amicus brief in support of Rigmaiden, noting that this 'order' wasn't a search warrant because it was directed towards Verizon, made no mention of an IMSI catcher or Stingray and didn't authorize the government — rather than Verizon — to do anything. Plus to the extent it captured loads of information from other people not suspected of criminal activity it was a 'general warrant,' the precise evil the Fourth Amendment was designed to prevent. ... The emails make clear that U.S. Attorneys in the Northern California were using Stingrays but not informing magistrates of what exactly they were doing. And once the judges got wind of what was actually going on, they were none too pleased:"
Bad headline? (Score:2)
Re: (Score:2)
Re:stingray phone tracking device (Score:4, Informative)
Re:stingray phone tracking device (Score:5, Interesting)
Here you go!
http://www.youtube.com/watch?v=DU8hg4FTm0g [youtube.com]
Thanks Chris - damned interesting talk :-) This also shows you how many phones may be attracted by such devices if there's no filter on the IME...
MITM attack: impersonates a cellular tower (Score:5, Informative)
2 - Wall Street Journal article [wsj.com] "'Stingray' Phone Tracker Fuels Constitutional Clash"
3 - another WSJ article [wsj.com] about "Judge Questions Tools That Grab Cellphone Data on Innocent People"
Essentially, the "Stingray" sends out a signal pretending to be a cell-phone tower. Your cellphone thinks it's found a great super-strong tower nearby, detaches from the real cell-phone towers and bonds to the Stingray and attempts to communicate through it. Now, the DOJ (or whomever) has performed a Man in the Middle (a href=http://en.wikipedia.org/wiki/Man-in-the-middle_attack MITM ) attack on your cell phone's communication with it's cellular service company. It impersonates a cellular tower.
.
Here's an interesting point from the WSJ article:
... The best known stingray maker is Florida-based defense contractor Harris Corp. A spokesman for Harris declined to comment.
... Harris holds trademarks registered between 2002 and 2008 on several devices, including the StingRay, StingRay II, AmberJack, KingFish, TriggerFish and LoggerHead. Similar devices are available from other manufacturers. According to a Harris document, its devices are sold only to law-enforcement and government agencies.
Re: (Score:2, Interesting)
"law-enforcement and government agencies" -- this is a common phrase in American English, but is it a legal term with precise meaning? IE, are there "law-enforcement" agents that are not "government"; like does it include bounty hunters for instance? renta-cops? school security guards? Seems far too broad.
Re: (Score:2, Informative)
It has no legal bearing. It just means the company won't sell one to you. You can't get one without contacts.
Re: (Score:2)
There are government agencies that are not "law enforcement" agencies, such as the NSA.
Re:MITM attack: impersonates a cellular tower (Score:5, Insightful)
The devices are supposedly only sold to law-enforcement agencies and government agencies.
Gosh, I feel so much safer now :(
Can't these guys get that this kind of stuff, in the hands of the government, is EXACTLY the problem?
Re: (Score:2)
They don't care, they only care about getting paid.
Re: (Score:2, Interesting)
The real enemy is the TV set. People don't feel safe, but they don't realize why. People are constantly screaming at each other, stuff is blowing up. If you watch the nightly news in any city you will think that everyone is a potential threat. If you switch stations after it is over, you will probably find a movie where the hero saved everyone by shooting people and/or blowing shit up.
Conclusion? They rapin errybody! You better get a gun and start making things right.
Re: (Score:3, Insightful)
Yeah, and it feels like crime is worse now more than ever, because somebody, somewhere around the world is doing some atrocity to somebody else. And that's what leads. The news you get on TV has slowly expanded from local to international 'news'. So the frequency of these reported 'incidents' have slowly gone up, but it doesn't really register that primary reason for the increase is that the area being covered has increased even faster.
That's why I've stopped watching the 'news'. It's too much of "here'
Re:MITM attack: impersonates a cellular tower (Score:4, Interesting)
Re:MITM attack: impersonates a cellular tower (Score:5, Interesting)
You can place a filter on the IME but you have to know it first, in theory they would. chris Paget did a talk on this that was VERY informative that I found while researching SDR -> http://www.youtube.com/watch?v=DU8hg4FTm0g [youtube.com]
What he did was actually legal but if he had wanted to he could've intercepted FAR more and his comments about jamming were also pretty interesting. It's not just voice you can grab either but text and data. Very interesting to see how it works but scary that it's apparently not as secure as it could be...
Re: (Score:1)
If an individual did this on his own it would be a serious cluster of felonies. However when the state does it we can bet the state will not arrest itself and sovereign immunity might block civil actions as well. But supposing that a civil suit might go forward only those with a huge amount of money could try it and the outcome might be really lousy. I can just hear the testimony filled with terms such as " I can not confirm whether the investigation is ongoing nor can I comment on any active i
Re: (Score:1)
Hmm... Would this throw off GPS location reported on the phone when indoors (triangulating off the towers instead of the satellites)? Especially on drones? If it was constantly updating its broadcasted coordinates, one could possibly have an app to detect that.
Re: (Score:1)
Hmm... Would this throw off GPS location reported on the phone when indoors (triangulating off the towers instead of the satellites)? Especially on drones? If it was constantly updating its broadcasted coordinates, one could possibly have an app to detect that.
The equipment on the towers has to support location triangulation. They effectively just have it off, and your phone will not try to use it for location, although it will continue to use it for a call while triangulating from other towers.
Re: (Score:1)
I'm safe as I've programmed my iPhone to drop the call if it goes to 3 or 4 bars.
As Jobs once said, "Fool - you're holding it wrong!"
Re: (Score:2)
You can confiscate them, though, because they're probably being operated without the appropriate RF licence.
I can't wait for someone to try that out over here.
Re: (Score:2)
.
Q re I can't wait for someone to try that out over here.: Where is "over here" for you?
.
comment regarding what Law Enforcement would say about your comment "they're probably being operated without the appropriate RF licence":
(I know that the original is "badges", but "license" works perfectly fine in this context)
Re: (Score:2)
I'm in the UK. The licensing authorities here take people trespassing on mobile phone frequencies pretty seriously - and pretty much anywhere else that you've paid for a licence. Furthermore, certain technically-qualified people are legally able to confiscate or shut down equipment that is causing interference.
It doesn't matter if you're the police, if you're jamming something you get your toys taken away.
Re: (Score:2)
;>)
Well, it could either be that the jurisdictional boundaries of these peace officers does not extend far up enough over the surface of the earth to Low Earth Orbit, or it might be that Law Enforcement Officers call themselves LEOs for short.
Re: (Score:2)
Aren't radio-wave-emitting devices pretty tightly regulated and controlled, considering the chaos you could cause by being able to broadcast at arbitrary frequencies despite not being recognized as having rights to that part of the spectrum?
Hosts file corollary (Score:5, Interesting)
Wouldn't it be nice if the user had some visibility and control over what tower their own phone connects to. A sort of "hosts file" white-list except not for IP addresses.
Re:Hosts file corollary (Score:5, Insightful)
Wouldn't it be nice if the user had some visibility and control over what tower their own phone connects to.
Wouldn't it be nice if the system had some security built into it to exert control over what tower their subscribers' phone connects to.
It's not like this is a brand new problem that's just popped up in the age of cell-phone connectivity. Those who refuse to learn from history ...
Re:Hosts file corollary (Score:5, Interesting)
GSM has no network authentication (only user authenticates to the network, network doesnt authenticate to the user).
3G/UMTS has authentication both ways and is mitm secure (in theory = if your phone is not broken)
Just force phone to only talk 3G and you will be secure.
Re: (Score:2)
You cant relay, if you relay you end up looking at encrypted traffic.
Re: (Score:2)
Wouldn't it be nice if the system had some security built into it to exert control over what tower their subscribers' phone connects to.
It does have security! The DOJ is absolutely secure in the knowledge that it can have control over what tower a cell phone connects to.
Re: (Score:2)
Wouldn't it be nice if the system had some security built into it to exert control over what tower their subscribers' phone connects to.
It does have security! The DOJ is absolutely secure in the knowledge that it can have control over what tower a cell phone connects to.
Yeah, about that [wikipedia.org] ... Hail Caeser! :-P
Re: (Score:2)
Hail Caesar!
In honor of Good Friday, and Monty Python, Hail Thaethar!
Re:Hosts file corollary (Score:5, Interesting)
The $10,000 question, though, is whether the cell companies would simply hand over the full cryptographic keys to the government snoops, so the fake towers would be indistinguishable from the true. When your phone resolves 4 towers simultaneously with the same 1 identity, how does it choose the true one?
Re: (Score:1)
OMG lazers and sharks wasn't enough (Score:5, Funny)
now they are using Stingrays with cell phone towers attached to them?
Re: (Score:2)
Tools (Score:1)
Search warrants stipulate what the authorities are looking for and where they can look; not the tools they can use to get the job done. Do wiretap warrants stipulate the kind of recording devices that can be used? I doubt it very much.
There is still the point at to whether the order covers the police. I might be argued that the authorities were working as an agent for Verison to gather the information.
Re:Tools (Score:5, Informative)
From the EFF article:
The Court therefore ORDERS, pursuant to Federal Rule of Criminal Procedure 41(b); Title 18, United States Code, Sections 2703 and 3117; and Title 28, United States Code, Section 1651, that Verizon Wireless, within ten (10) days of the signing of this Order and for a period not to exceed 30 days, unless extended by the Court, shall provide to agents of the FBI data and information obtained from the monitoring of transmissions related to the location of the Target Broadband Access Card/Cellular Telephone...
What part of that do you think authorizes the DoJ to intercept everyone's calls while looking for the target device? It might be argued that the authorities were working as agents of Verizon, but it also might be argued that Pink Unicorns did the interceptions, and I don't think the court is going to accept either one.
Re:Tools (Score:5, Informative)
It might be argued that the authorities were working as an agent for Verison to gather the information.
If the police have a warrant for Verizon, it tells Verizon what to do.
Otherwise, the police need a specific warrant for everything else they intend to do.
In other words, a warrant allows for [company] to act as an agent for the State.
It never(?) works the other way around.
Exactly, they overreached the what and the where (Score:5, Insightful)
Search warrants stipulate what the authorities are looking for and where they can look;
In this case the "what they are looking for" is information about the suspect's phone and the "where" is in Verizon's records. They instead peeked at other people's communications, by eavesdropping in the neighborhood. So they didn't stick to either the WHAT or the WHERE.
Additionally, they didn't get a search warrant as they should have, but rather a lower order telling Verizon to be cooperative insofar as technical assistance. They didn't even get an supeona for Verizon to turn over records, only an order to provide tech support.
It may be that they a request for a search warrant would have been granted, but that's for the judge to decide. The Texas judge mentioned clearly would not have signed a warrant without first adding specific limitations to reduce or eliminate having other people's phones intercepted. That seems to be the case fairly often - a judge will restrict a warrant to a very specific place, time etc., or ask for further evidence, rather than completely denying or approving the request as first presented.
Re: (Score:2)
The "where" isn't in Verizon's records. Towers don't normally triangulate the location of users. However, with an appropriate court order, the instantaneous signal strength data from multiple towers can be used to locate the user. This g
You're confusing SHOULD vs DID (Score:2)
Verizon wireless shall provide to agents of the FBI data and information ...
The order doesn't authorize the FBI to do anything, certainly not to violate 18 USC 2511. The order they got told Verizon to turn over the information that Verizon had. I agree, the tool they used is a useful tool. Yes, it's better than tower triangulation. They should have asked for a warrant authorizing them to use it. They didn't, though. What they asked
Re: (Score:2)
No disagreement here. They did something they should not have done, and a judge spanked them.
Re: (Score:2)
The problem is that the Stingray inevitably captures more than just the target cellphone and they have no warrant for that.
Re: (Score:2)
Just as a wiretap on a business phone captures conversations of people other than the target.
Re: (Score:2)
But the business (or at least it's employees) is always at least one of the parties involved. It doesn't also capture the guy across the hall talking to his aunt.
Re: (Score:2)
How about video surveillance of a location? it would capture people walking by who have nothing at all to do with the location.
Re: (Score:2)
And so shouldn't be permitted.
Re: (Score:2)
Unless it's a public place where there is no expectation of privacy.
Re: (Score:2)
Sorry, I didn't see your tinfoil hat brigade badge. Information and images of non-targets will always be captured in any surveillance. Try to get back to reality.
Re: (Score:2)
You may have missed my addendum where I note that public places where there is no expectation of privacy would be an exception.
Re: (Score:3)
Umm no, an IME catcher emulates a cell tower and becomes a MITM for the phone's communications.
Re: (Score:1)
location data != communication data.
Anonymous coward is right. So far, the courts are pretty much saying that police have the right to use location data from electronic devices to track criminals without a warrant. In this case, police appear to be using the mobile tower as only a way to find the exact location of the suspect. Per the article, he was immobile which means the police would not have a precise fix on where he was without forcing his phone to switch communication to at least one other tower. S
Glad to know the judges are pissed (Score:4, Interesting)
Re: (Score:3)
No Respect At All (Score:1)
anything or any new way they can exploit technology to spy on people is being used, to spy on the general public without probable cause, and at the cost of the taxpayers' money. we only find out about these things when the "good guys" get in trouble for breaking the law
All freedom-loving net users should coordinate in ways to return the favor to assholes doing stuff like this. In
Re: (Score:2)
More to the point, more and more law enforcement agencies are proving that they have no respect for the law.
Re: (Score:2)
Well, how can you respect an animal that is not willing to fight for its own freedom, but willfully submits at the slightest threat? Even the sheep in the fields put up more of a struggle than this lot. "Of course our masters, who have screwed us at every turn, will have a sudden conviction of conscience, brought upon by, I don't know, the gods (because they've typically been the great centers of morality...), and not go through with whatever depravity is in the works this time. Yeah, that'll happen."
But yo
Re: (Score:2)
I think there were some good old days. At least there was a time in this country where we had more than one or two elected officials who actually cared about the rule of law.
http://en.wikipedia.org/wiki/Church_Committee [wikipedia.org]
The dates are incorrect (Score:5, Funny)
The emails are dated "2011".........impossible. Bush left office in January 2009. Please backdate the emails to 2007.
Thank you
Re: (Score:3, Insightful)
This expansion of federal authority started under the Bush administration and has continued under the Obama administration. Like all Federal power expansions no future administration will argue they don't need the power as this is an issue that is without party bounds. Both parties seek expansion of federal powers and any argument that one party doesn't is window dressing to convince rubes.
Democrat or Republican, it matters not as both parties want more power and more control over the populace. Too many peo
Re: (Score:3)
Too many people spend far too much time in either parties echo chamber to understand that.
The Republicans didn't promise unicorns were going to come dancing out my ass.
Re: (Score:1, Insightful)
nor did the Democrats; they just stayed quiet and let the Republicans make everyone assume that whatever replaced Bush would be an assload of unicorns by comparison.
Re: (Score:2)
This expansion of federal authority started under the Washington administration and has continued under the Adams administration.
There, fixed that for 'ya. To think that every thing bad the government does started with Bush is just lunacy.
Re: (Score:2)
Washington was offered to be king of America, which he refused, because Washington was a small government kind of guy.
It's more complicated than that: Yes, Washington turned down being effectively a king a few times. The first time was actually when he'd won the Revolution, and probably could have taken his army to Philadelphia, rounded up the Continental Congress, and become a dictator. Then there were some who kind of wanted him to take over when the government was hopelessly disfunctional under the Articles of Confederation. And then he could have been President for as long as he'd wanted to be.
However, George Washingto
Re: (Score:1)
This expansion of federal authority started under the Washington administration and has continued under the Obama administration. Like all Federal power expansions no future administration will argue they don't need the power as this is an issue that is without party bounds. Both parties seek expansion of federal powers and any argument that one party doesn't is window dressing to convince rubes.
Re: (Score:2)
This expansion of federal authority started under the Bush administration
Yeah, George H.W. Bush, former director of the CIA. Not his failed clone.
Government doubled 2005-2001 (Score:1)
(The doubling of government size is evident in the federal budget, which approximately doubled in constant dollars.)
Re: (Score:2)
Huh?
Federal employment actually decreased during the Clinton administration.
And 50% during the past few years? I don't think so. Federal employment has increased a total of 6.2% under Obama.
Re: (Score:2)
Federal spending has doubled since 2001 and has increased 50% since 2005. Straight from whitehouse.gov
http://www.whitehouse.gov/omb/budget/Historicals [whitehouse.gov]
Year | Federal Outlays ... ...
=======================
2001 1,862,846
2005 2,471,957
2008 2,982,544
2009 3,517,677
2010 3,456,213
2011 3,603,061
Re: (Score:1, Offtopic)
Re: (Score:1)
I'll start mad spamposting like that APK guy, I swear I will! (He hasn't posted lately, what, did he finally fall asleep or something?)
What we witnessed between APK and his counter-troll was a rare troll courtship mating display. Now that the courtship has been accepted, the pair has slunk off under a bridge to begin "making goatse" --- all part of the beautiful cycle of life through which a new brood of tad-trolls are spawned.
Re: (Score:2)
None too pleased? (Score:2)
Unless the judges are prepared to punish the attorneys in question with actual jail time, their pleasure is irrelevant.
Harris Corp CEO (Score:5, Interesting)
My, my, my........
"Harris Corp. President and CEO William M. Brown was appointed to President Barack Obama's National Security Telecommunications Advisory Committee on Tuesday, Florida Today reports."
http://www.bizjournals.com/orlando/morning_call/2012/11/harris-corp-ceo-appointed-to-obama.html [bizjournals.com]
Re: (Score:2)
So with Republicans, we get to be irradiated every time we fly for the illusion of safety while companies get rich thanks to Chertoff going off and starting a company.
With Democrats, we get to have the government listen to all our calls while companies get rich and the CEO gets into the government.
We could call this the Reverse Chertoff Maneuver. As a sexual move, it'd be down somewhere around the dirty sanchez and sucking up Santorum.
Re: (Score:3)
I don't understand the issue here. Harris makes this tool just like Stanley makes screwdrivers. If some asshat stabs someone with a screwdriver we're not pissed at Stanley so why is someone from Harris, a company that obviously understands how this shit works, not a good choice? Maybe they will actually help them make things better?
Re: (Score:3)
Screwdrivers have tons of legitimate uses and a few "off label" illegitimate ones, like stabbing somebody. Stingray type devices have one purpose only, and that is to enable someone to perform a man in the middle attack and enable spying.
Obama's appointment of this guy to a committee clearly dealing with domestic surveillance makes sense -- evil CEO for an evil Federal program. In that light, it is a big deal because it highlights one of the small details in the many that foreshadow our future, one where
Re: (Score:2)
Wow how many strawmen in foil hats are you going to throw up? Yes, there ARE legit uses for these devices just as there are wiretaps when due process is followed. Yes the GSM system is WEAK, you or I could BUILD one of these ourselves if we wanted - it's been done and documented. They should put someone in that post that has no clue of capabilities?
HSBC? That has fuckall what to do with this? I understand you didn't like that situation, few did, but stop frothing at the mouth long enough to focus on the poi
Re: (Score:2)
Yep -- just keep ignoring things and pretending nothing is going on. Be sure to insult anyone who points out the obvious.
Where is the FCC in all of this? (Score:2)
Presumably, I would hope regulators at the FCC would like to have a word with the prosecutors as well.
Then again, I have this crazy belief that law enforcement officers who drive their cruisers 25+ over the speed limit with their lights off should be thrown in jail, like any other criminal.
Re: (Score:2)
Gee, wouldn't it be far more appropriate if the PRESIDENT OF THE UNITED STATES had a conversation with his ATTORNEY GENERAL?
But no, that would shatter far too many illusions.
Re: (Score:2)
Actually there's a Youtube video of a woman cop pulling over another cop doing just that WITH his lights on. Cuffed his ass and arrested him too!
Re: (Score:2)
Aww, that's just police courtship.
Re: (Score:3)
25+ over? Yeah actually you can get thrown in jail for that. Reckless driving, reckless endangerment, they can dream up all sorts of things to tack on...
Realtime voice encryption apps? (Score:3, Interesting)
Smartphones are relatively powerful these days. So why aren't there any good realtime voice encryption apps? And if there are, why aren't more people using them?
A voice encryption app would make the kind of privacy invasion described in the original article a lot more difficult.
Re: (Score:2)
I've heard of one called Skype.
Re: (Score:2)
I've heard of one called Skype.
He said good realtime voice encryption apps.
Re: (Score:2)
Encrypting the communication will likely not encrypt the routing or connection information: the cell network has to know where to send your call. Signals intelligence can get a LOT of information about you from knowing to whom you are talking, even if they do not know what you are saying.
Re: (Score:1)
Re: (Score:2)
https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone [google.com]
of course you can get the audio feed (Score:2)
otherwise it would not be possible to create something like skype. Basically take the audio portion of skype, add in public-key encryption, and you're done.
Now you may not be able to get access to the audio feed *while making a regular voice call*, but that's a different story.
Re: (Score:2)
I don't think you've tried Android then. My girlfriend wrote an app that looks for "emergency" and "help" in an incoming text. Then it takes the phone off silent and maxes the volume. Took her two weekends and it's the first thing she's ever written in java. Give it a shot : )
Here's a good link from googling "android intercept text": http://stackoverflow.com/questions/6979540/how-can-i-intercept-an-incoming-sms-with-a-specific-text [stackoverflow.com]
Enemy of the State (Score:3)
We need some geeks with USRP to sloppily intercept few members of appropriation committee phones "Enemy of the State" style.
That will get the ball rolling on those DOJ scumbags.
Re: (Score:2)
The point is to make it look like DOJ did it. Interesting phone conversation was captured by IMSI Catcher as a background noise and then leaked. Bonus points if you can get your hands on something Petraeus quality.
And yet... (Score:2)
Dare to suggest we can't trust these guys to overreach in financial regulation or that they can't be trusted if we disarm the population or not to infringe on free speech if anonymity isn't preserved, or with latest constitution shr
Re: (Score:2)
Dare to suggest that the government isn't made up of perfect, incorruptible beings who can never do any wrong and it's therefore not wise to give them essentially unlimited powers or let them exercise their powers in secrecy? You must be a terrorist!
It's scary how many people possess the "nothing to hide, nothing to fear" mentality as if they think that people who work for the government are somehow perfect beings.
The DOJ probably doesn't get the irony. (Score:2)
They "break the law" in order to follow their agenda and 'get the bad guys'. Only -- who really are the bad guys? A few hackers out there who annoy banks? More likely, mobsters who routinely extort these companies for their own databases and get paid off without the public knowing.
But who protects us from a DOJ that knows everything, but doesn't arrest bankers and Wall Street crooks -- and meanwhile, they arrest people protesting this massive corruption for loitering in parks or on trumped up charges?
Who pr
So will we see some enforcement activity here? (Score:2)
Re: (Score:2)
Re: (Score:2)
'Tis quite alright. In the typical predator / prey co-evolution style way of doing things, for every new right the government (the predator) wanders off with, the people (the prey) will develop something new. In a few millenia, the people of the past would, if revived, die of a heart-attack within 5 minutes of being told the current state of worldly affairs. "Good news, we've traveled to the other side of the galaxy, and found sentient alien life! Even created some of our own! But the bad news is that you a
Re: (Score:2)
Not defending the Bouldet cops but more likely a garden variety repeater not a stingray. You will find repeaters in most large office buildings just to give decent coverage. Time to remove the tinfoil.