No, Turning On Your Phone Is Not Consenting To Being Tracked By Police (theintercept.com) 79
An anonymous reader writes: The Maryland Court of Special Appeals on Wednesday upheld a historic decision by a state trial court that the warrantless use of cell-site simulators, or Stingrays, violates the Fourth Amendment. The trial had suppressed evidence obtained by the warrantless use of a Stingray -- the first time any court in the nation had done so. Last April, a Baltimore police detective testified that the department has used Stingrays 4,300 times since 2007, usually without notifying judges or defendants. Stingrays mimic cellphone towers, tricking nearby phones into connecting and revealing users' locations. Stingrays sweep up data on every phone nearby -- collecting information on dozens or potentially hundreds of people. The ruling has the potential to set a strong precedent about warrantless location tracking.
Cool title (Score:1)
They've been watching The Wire a tad too much.
Unless they are morons... (Score:4, Informative)
Unless they are morons, the state will only appeal if they think this is a good test case for them. So this is unlikely to set particularly meaningful precedent.
Re:Unless they are morons... (Score:5, Funny)
So you are saying there's a chance?
Re: (Score:3)
There's a chance that warrantless wiretaps will become a thing again as long as the general public doesn't understand how their privacy is being violated.
About a quarter of American's don't even know that radio waves make cell phones work.
This is a meaningless decision (Score:1)
This is a state trial court, it means nothing. It does not make a state or federal constitutional argument, it's just what some mid-level judge thinks in one specific case. It has zero value as a precedent, even inside the state itself, and is merely an anecdote for anyone located outside of that state.
The whole story amounts to mere clickbaiting.
Re:This is a meaningless decision (Score:4, Informative)
Not sure where you got that, but it was Maryland's Court of Special Appeals; Maryland's second highest court. Its decision is binding on the entire state.
The government can ask for an en banc hearing from the Court of Special Appeals or appeal to Maryland's highest court, The Court of Appeals.
The original opinion was written by a trial judge and the first sentence of TFA states, "The Maryland Court of Special Appeals on Wednesday upheld a historic decision by a state trial court that the warrantless use of cell-site simulators, or Stingrays, violates the Fourth Amendment."
The opinion has not yet been filed but here's the order [mdcourts.gov].
Re: (Score:1)
Not sure where you got that, but it was Maryland's Court of Special Appeals; Maryland's second highest court. Its decision is binding on the entire state.
The decision is not binding beyond that specific case, and it can be overturned in supreme court so it's nothing to take to the bank.
Only the supreme court can establish a new interpretation of the state's constitution. This case so far is merely an anecdote, like saying "my mom thinks that...", it doesn't have any impact on the daily life of cellphone users.
Re: (Score:2)
If you're a moron with no legal background why post like you're a lawyer?
Why don't you explain in what way my statement is incorrect? Of course you can't. You just want to hitch your wagon to the general ignorance, it's a lot easier.
Re: (Score:2)
A stupid guy with a big gun can dominate a smart guy with none. Just saying.
Re: (Score:2)
The general public barely understands how to drive a car safely or walk and chew gum, something difficult like privacy is way WAY above the general public's ability to understand.
Re: (Score:2)
There's a chance that warrantless wiretaps will become a thing again as long as the general public doesn't understand how their privacy is being violated.
About a quarter of American's don't even know that radio waves make cell phones work.
That's why we have the ACLU , EFF etc.
Since you feel so strongly about this, I'm sure you'll be happy to donate to the cause.
In other news... (Score:3, Insightful)
...remaining alive is deemed to give consent for any branch of government to do what the hell it likes....
Re: In other news... (Score:2)
I'd say that passes the Rational Basis Test.
Re: (Score:2, Interesting)
Just like having a landline attached to the phone company's network doesn't grant them permission. That wire is up there on the pole, where pretty much anyone who's willing to climb up there can get to it. Just because it's easy to do doesn't make it okay. As the court has ruled on many occasions.
All those "It's the Constitution Dummy" Republicans seem
Re: (Score:1)
Re:Boradcasting your position (Score:5, Interesting)
Court rules that broadcasting your position is not broadcasting your position. Remember, judges are people who couldn't make a living as lawyers.
Court rules that broadcasting your position to your phone company is not equivalent to broadcasting your position to the police.
The police should not be legally allowed to operate Stingrays, since everything they collect from a Stringray is also available through a subpoena to the phone company, with more controls to ensure that they are only monitoring those who they are legally allowed to monitor.
Re: (Score:2)
Re: (Score:2)
So...all they need to do is get a female sheep to make a declaration an that is law? Is this some form of Parliamentary Procedure I am unfamiliar with? Are you, perchance, from Scotland?
Re: Wow (Score:2)
>That's a lot of founding father grave spinning.
See, Trump can use them to excavate the footing for his wall. He's a problem solver.
Turnabout is fair play (Score:2)
I live near a city whose police department is currently operating under a DoJ consent decree (Seatle). At this point, the DoJ is operating under the assumption that a cop turning on his cell phone is consent to being tracked by the FBI.
Re: (Score:1)
Re: (Score:3)
Well, having a security clearance of some types does. But one is made aware of this before completing the application process. The cops, I believe, have been put under surveillance subsequent to their joining the force. And this isn't just Seattle either. Due to the movement of personnel back and forth between various local PDs, the FBI is watching surrounding cities as well. So the Bellevue PD can thank some thugs across the lake for being followed.
Whitelisting (Score:5, Interesting)
IMSI-catchers [wikipedia.org], like the infamous Harris Stingray [wikipedia.org], operate in two different modes, passive and active.
In passive mode it just listens to the cellular frequencies and records the IMSI [wikipedia.org] of any device in range. This is similar to WiFi war driving and listening passively for SSIDs. While there are some preventative measures you can take, at some point you just have to broadcast the ID in the clear for things to work. Not a lot can be done to securely protect against this.
However, in active mode the IMSI-catcher spoofs credentials and claims to be a valid cell tower, tricking the cell phone to actually connect to it. This allows everything from text messages, to DTMF tones to the contents of a voice call to be captured.
Here is where there is room for end-user security improvements. One step would be to whitelist the known towers in your area, refusing to let your phone connect to any tower not on your list -- such as claimed NEW towers.
Net stumbler applications like Wigle [wigle.net] include lists of cellular networks in their scans and databases. A crowd-sourced or crowd-validated list of known, real towers could serve as an initial load or verification.
The trick is getting your phone to connect only to the whitelisted towers. I believe that function lies in the baseband processor and access to that is normally locked down tight.
This could be a nice addition to something like Silent Circle's Blackphone [wikipedia.org].
If nothing else, it should be possible to have your phone alert you when it connects to a non-whitelisted cell tower. After all, Android has the ability to display what tower you're connected to. Apps like Network Signal Info Pro [kaibits-software.com] certainly give enough details.
Re:Whitelisting (Score:5, Interesting)
The trick is to not be so narrow minded when thinking through the entire scenario, because your advice, while technically lucid, could get people more attention than they otherwise would.
Re: (Score:2)
if you're being actively targeted, then you're already getting attention. As IMSI-catchers are frequently used without oversight and warrants, defeating their drag net usage would force law enforcement to take other avenues. Those avenues most likely would require warrants and oversight. I'm all for that.
As much as I despise the cliche, it applies here to your post. Don't let the perfect be the enemy of the good. In other words, don't refuse partial solutions to problems on the excuse only a 100% solution w
Re: (Score:2)
I also suspect the cops running a Stingray would know this, and set the ID as something similar.
Because a Cell Tower ID of "Police Surveillance Van #42" would be kind of a giveaway.
Then again, I also wouldn't be surprised if most Stingrays aren't using a default name: the common pr
Re: (Score:2)
Re: (Score:2)
However, in active mode the IMSI-catcher spoofs credentials and claims to be a valid cell tower, tricking the cell phone to actually connect to it. This allows everything from text messages, to DTMF tones to the contents of a voice call to be captured.
Here is where there is room for end-user security improvements. One step would be to whitelist the known towers in your area, refusing to let your phone connect to any tower not on your list -- such as claimed NEW towers.
I don't think out of system towers have a way to spoof credentials. They just advertise as 'encryption not available' and your phone falls back to insecure communications. I have a phone that displays a Secure/Not Secure icon for connections. I know for a fact that roaming works the same way. When I'm in Canada, my phone won't set up a secure call. Probably because Telus (or whoever) doesn't have my SIM key.
I suppose one could write an app to refuse an incoming call/text if a secure connection could not be
Re: (Score:2)
I need to research this more. From my understanding, phones will only connect to a non-home network when the home network is unavailable and not just because the non-home network is stronger.
If this were the case, active connections could be defeated simply by telling your phone to not use roaming.
The IMSI-catchers would still have to be able to claim that they are "official AT&T", for example, in order for your phone to agree to connect. I guess it is possible that all that requires is to name your IMS
Re: (Score:2)
I need to dig a little more. I think your "encryption not available" is GSM encryption of the call (A5/1) but has nothing to do with validating that the tower really belongs to Velus.
This exactly. The "unsecure" icon only appears during a call. It doesn't announce the validity of a tower (or IMSI catcher) that it checks in with.
phones will only connect to a non-home network when the home network is unavailable and not just because the non-home network is stronger.
Hmm. I've traveled between Belgium and The Netherlands (with a Dutch SIM). Every time we would move closer to one system tower or another, I'd get a chirp indicating that we had changed systems and roaming status. And that happened quite frequently for miles (kilometers). So I suspect that my phone was switching based on the strongest tower.
Re: (Score:2)
Interesting.
Switching between towers of the same network is called a "soft hand-off", and can be done without dropping a call.
Switching to a tower from a different network is called a "hard hand-off", and usually results in a dropped call. The different networks don't share registration and other vital internal data needed for smooth transfer.
Maybe things have changed recently. I was a field engineer for Alcatel-Lucent several years ago and did cell site upgrades, which is how I know about some of this.
Of c
Re: (Score:2)
Switching between towers of the same network is called a "soft hand-off", and can be done without dropping a call.
I'm thinking of switching towers/networks with the phone on standby. I'm not aware of any case where one can switch providers (particularly from roaming to home network or vice versa) without dropping a call.
I don't know how a Stingray in active mode would handle a moving caller. Probably just drop the call. On standby, the phone would be handed to the next real tower. But as long as the system name was properly spoofed by the Stingray, the user would probably never notice.
Using electricity gives consent to power bugs (Score:4, Interesting)
Re: (Score:1)
...solid laws that block any further attempts.
As if that is going to stop them knowing that systematically have hidden the fact to the courts and lied to judges.
For those people over the law, Laws only work on top of technological meassures and ultimately because physics and math.
Re: (Score:1)
One could argue that, but I'm not sure it's relevant. Cellular service isn't a public utility.
Re: (Score:3, Insightful)
I've got a great preamble to that law:
the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated
Re: (Score:2)
Re: (Score:2)
Every generation was designed, built and sold globally on the expectation that law enforcement and the mil would need total live access or be able to recreate movement maps from standard logs.
The only need was to keep out random people with consumer or more advanced methods from getting to actual voice conversations.
Such thinking would go back to the late 1970's, early 1980's as very early sta
Turing on your phone? (Score:2)
Turing on your phone is consent.... Who thought up that silly idea?
Everyone knows the consent is given by choosing to live in a "safe" country.
Re: (Score:2)
Everyone knows the consent is given by choosing to live in a "safe" country.
I don't know about you, but I chose to be born here...
Meaningless (Score:2, Insightful)
It's hard enough to get a judge to rule that the cops need to follow the law. It's practically impossible to punish the police for violating the law and willfully disobeying a judge's decision.
There is absolutely no oversight on law enforcement. They routinely break the law and are routinely found to be on the wrong side of the law by the courts. What happens then is some cops shrug and go back to doing what they're doing because there are no consequences for lawless cop behavior.
When cops start getting