Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI's Smartphone Surveillance Tool Explained In Court Battle

Soulskill posted about a year ago | from the spying-made-simple dept.

Cellphones 168

concealment writes with news that a court battle has brought to light details on how the FBI's "stingray" surveillance tool works, and how they used it with Verizon's help to collect evidence about an alleged identity thief. Quoting: "Air cards are devices that plug into a computer and use the wireless cellular networks of phone providers to connect the computer to the internet. The devices are not phones and therefore don’t have the ability to receive incoming calls, but in this case Rigmaiden asserts that Verizon reconfigured his air card to respond to surreptitious voice calls from a landline controlled by the FBI. The FBI calls, which contacted the air card silently in the background, operated as pings to force the air card into revealing its location. In order to do this, Verizon reprogrammed the device so that when an incoming voice call arrived, the card would disconnect from any legitimate cell tower to which it was already connected, and send real-time cell-site location data to Verizon, which forwarded the data to the FBI. This allowed the FBI to position its stingray in the neighborhood where Rigmaiden resided. The stingray then "broadcast a very strong signal" to force the air card into connecting to it, instead of reconnecting to a legitimate cell tower, so that agents could then triangulate signals coming from the air card and zoom-in on Rigmaiden’s location. To make sure the air card connected to the FBI’s simulator, Rigmaiden says that Verizon altered his air card’s Preferred Roaming List so that it would accept the FBI’s stingray as a legitimate cell site and not a rogue site, and also changed a data table on the air card designating the priority of cell sites so that the FBI’s fake site was at the top of the list."

cancel ×

168 comments

Sorry! There are no comments related to the filter you selected.

Weak hack. (4, Interesting)

plover (150551) | about a year ago | (#43403675)

Chris Paget was able to demo similar behavior at DEFCON 18, and he sure didn't need Verizon's help to do so.

Pretty sure the FCC wanted to bust him on stage, actually.

Re:Weak hack. (4, Informative)

SpectreBlofeld (886224) | about a year ago | (#43405061)

That's because he spoofed a GSM tower. You'll find that doing the same with CDMA is impossible without Verizon's help - see the bit about reprogramming the phone's roaming list in order to make the phone accept the spoofed tower.

Supply Chain Attack (5, Informative)

dunkindave (1801608) | about a year ago | (#43403701)

This is basically a supply chain attack. People worry about others breaking into their devices, but the user has to trust the device supplier not to tamper with it before they receive it. This situation is analogous to your PC phoning home to Microsoft for updates, then having a special version sent to your machine at the request of the FBI. No matter how careful you are about what software you run or what security software you employ, Microsoft can compromise your machine.

Re:Supply Chain Attack (2, Interesting)

SuperTechnoNerd (964528) | about a year ago | (#43403873)

Unless of course you block all of Microsoft in your firewall.....

Re:Supply Chain Attack (-1)

Anonymous Coward | about a year ago | (#43404029)

at which point you're vulnerable to all of the security faults that don't get fixed. Either way you're not secure.

Re:Supply Chain Attack (0)

Anonymous Coward | about a year ago | (#43404425)

Only if you are silly and run their crap.

Re:Supply Chain Attack (-1)

Anonymous Coward | about a year ago | (#43404045)

good luck blocking your ISP in your firewall :)

Re:Supply Chain Attack (1)

Lazere (2809091) | about a year ago | (#43404027)

So you're saying we should all run FSF approved operating systems?

Re:Supply Chain Attack (3, Insightful)

Anonymous Coward | about a year ago | (#43404103)

So you're saying we should all run FSF approved operating systems?

Even then, unless you intend to audit several billion lines of code of a variety of packages, and understand it well enough to discover flaws that give a 3rd party control over you or your information, you're still trusting someone else that it's safe.

Re:Supply Chain Attack (1)

Skapare (16644) | about a year ago | (#43404837)

Or ... you are trusting that at least someone in the community that spends their free time reading through arbitrary open source code will find any exploits and notify the world before your PC or phone is owned by someone else.

Re:Supply Chain Attack (1)

gmuslera (3436) | about a year ago | (#43404817)

What if Canonical or Red Hat Inc, or even a package maintainer is forced to include a patched package by the FBI/government without disclosing it? In those companies probably won't go so far, not enough people in those ecosystems are tied with NDAs to avoid leaking in a way or another that it happened pretty soon.

What about the kernel or drivers, specially the dark parts like binary blobs or closed drivers? Some are just dissapearing (nvidia is releasing some of the drivers with open source, and the nouveau ones are good alternatives) and others must pass some good inspection. And if i suggest that Linus himself could be forced by law to let some nasty things in probably will get into hot water.

And of couse, there is the point of collaborating with poisoned code to commonly used open source programs, that if well goes thru some scrutiny, some could get in, there are enough not intentional vulnerabilities that pass to let some door opened for intentional vulnerabilities.

So, not because is open source, FSF approved operating system, can't have any of those things. But odds are far lower and will be more complex to happen than if is done by an american corporation in a closed source operating system.

Re:Supply Chain Attack (5, Interesting)

fredklein (532096) | about a year ago | (#43404075)

Screw PCs- how many people have a Microsoft XBox Kinect in their living rooms, complete with camera? You mean to tell me that Microsoft, at the perfectly legal (ie: rubber-stamped) request of the government, couldn't push an update that allows them to turn the Kinect cameras on at will??

Re:Supply Chain Attack (1)

Anonymous Coward | about a year ago | (#43404191)

Screw PCs- how many people have a Microsoft XBox Kinect in their living rooms, complete with camera? You mean to tell me that Microsoft, at the perfectly legal (ie: rubber-stamped) request of the government, couldn't push an update that allows them to turn the Kinect cameras on at will??

Will is a pretty sexy dude, so I'm sure he's already turning all the cameras on.

Re:Supply Chain Attack (1)

gl4ss (559668) | about a year ago | (#43404417)

Screw PCs- how many people have a Microsoft XBox Kinect in their living rooms, complete with camera? You mean to tell me that Microsoft, at the perfectly legal (ie: rubber-stamped) request of the government, couldn't push an update that allows them to turn the Kinect cameras on at will??

that's not really a problem of ms being bad - it's a problem of having auto updates combined with a government that just doesn't care for rules, like this case. what's the use of arguing they shouldn't have been doing it when they're in other cases putting pipebomb looking devices to random dudes cars to follow them??

now why did they spend such a large effort to triangulate this person, who they knew where he lived seemingly etc? fbi suddenly cares about identity theft now?(I guess the alleged 4 million tax fraud got their attention.. but still, why the fuck the need for this overly complicated method?)

though, couldn't FCC could smack both verizon and fbi because of this? that is, if they cared.

Re:Supply Chain Attack (4, Funny)

StrangeBrew (769203) | about a year ago | (#43404675)

I always face my webcams and Kinect towards the wall when not in use, so I guess I subscribe to your particular brand of paranoia. I suppose they can still watch me when the Kinect is in use, but if they really find me playing Angry Birds in the buff that exciting who am I to deprive them of their entertainment?

Re:Supply Chain Attack (0)

Anonymous Coward | about a year ago | (#43404795)

I always face my webcams and Kinect towards the wall when not in use, so I guess I subscribe to your particular brand of paranoia. I suppose they can still watch me when the Kinect is in use, but if they really find me playing Angry Birds in the buff that exciting who am I to deprive them of their entertainment?

What about the microphone in the Kinect?

Re:Supply Chain Attack (1)

SternisheFan (2529412) | about a year ago | (#43405161)

I always face my webcams and Kinect towards the wall when not in use, so I guess I subscribe to your particular brand of paranoia. I suppose they can still watch me when the Kinect is in use, but if they really find me playing Angry Birds in the buff that exciting who am I to deprive them of their entertainment?

What about the microphone in the Kinect?

1) Double up a piece of black electrical tape (so it's not 'sticky') then scotch tape it over the lens (scotch tape being less 'sticky) so you can remove/apply it as needed. Same for the mike hole. If you are still unsure, unplug the internet completely. I do this mainly to keep the camera lens on my phones/ devices unscratched, still, a 'little' paranoia is okay too.

2) Live as clean a life as possible.

Re:Supply Chain Attack (2)

suutar (1860506) | about a year ago | (#43405273)

unplug the kinect from the back of the xbox when not in use?

Re:Supply Chain Attack (1)

sjames (1099) | about a year ago | (#43405325)

Perhaps it should face a printout of goatse.cx. If they're going to break the law, let them suffer the consequences.

Re:Supply Chain Attack (1)

Anonymous Coward | about a year ago | (#43404741)

Operation Scorpion Stare...

Re:Supply Chain Attack (0)

Anonymous Coward | about a year ago | (#43404597)

No matter how careful you are about what software you run or what security software you employ, Microsoft can compromise your machine.

That's an apt description of Windows, alright.

Ok..So verizon has shown they cant be trusted.. (4, Insightful)

wierd_w (1375923) | about a year ago | (#43403713)

Issuing a custom radio firmware for a data only device, so that it responds to a telephone network signal demonstrates that verizon is willing to place nonstandard firmware on devices on their network, for the express purposes of aiding investigations that lack proper warrants.

This is a very bad thing Verizon. A Very Bad Thing.

Don't underestimate the impact that losing public confidence can have on your business. Being so self-conceited as to feel that you don't have to worry because you have cornered the market would only add fuel to the fire.

Plan you PR damage control messages carefully. Smile, you're on candid camera.

Re:Ok..So verizon has shown they cant be trusted.. (1)

ttucker (2884057) | about a year ago | (#43403755)

Issuing a custom radio firmware for a data only device, so that it responds to a telephone network signal demonstrates that verizon is willing to place nonstandard firmware on devices on their network, for the express purposes of aiding investigations that lack proper warrants.

This is a very bad thing Verizon. A Very Bad Thing.

Don't underestimate the impact that losing public confidence can have on your business. Being so self-conceited as to feel that you don't have to worry because you have cornered the market would only add fuel to the fire.

Plan you PR damage control messages carefully. Smile, you're on candid camera.

This case will not affect my continued usage of Verizon in any way.

Re:Ok..So verizon has shown they cant be trusted.. (4, Interesting)

jbolden (176878) | about a year ago | (#43403757)

I don't think Verizon is going to be too upset that publicity that they helped the FBI catch an identify thief in an apartment under one of the assumed names he was identity stealing....

Besides Verizon works with the military and has most of the government contracts. They've been pretty clear they are going to extra cooperative with the government for many years.

Re:Ok..So verizon has shown they cant be trusted.. (2)

Lumpy (12016) | about a year ago | (#43404445)

Who was also making the #1 mistake, Cracking from home.

Re:Ok..So verizon has shown they cant be trusted.. (1)

fustakrakich (1673220) | about a year ago | (#43404803)

...Verizon works with the military and has most of the government contracts.

Another reason a silly boycott won't ever work... You know... In case somebody brings it up.

The government continues to operate with the full consent of its subjects. Accept it

Re:Ok..So verizon has shown they cant be trusted.. (1)

SternisheFan (2529412) | about a year ago | (#43405247)

Whether it's Verizon, or any company that markets any device in the U.S., I imagine part of the vetting process before it can be sold here is that govt. agencies have their backdoors already in them. If it's a device with any type of antenna you have to figure it's sold pre-compromised. Welcome to our brave new world.

Re:Ok..So verizon has shown they cant be trusted.. (4, Informative)

alen (225700) | about a year ago | (#43403775)

FBI got a warrant and verizon helped catch a suspected scumbag
what's the problem here?

Re:Ok..So verizon has shown they cant be trusted.. (5, Insightful)

semi-extrinsic (1997002) | about a year ago | (#43403899)

I saw a good quote on this topic yesterday here on /. :
"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all."
H. L. Mencken

Re:Ok..So verizon has shown they cant be trusted.. (1, Insightful)

Anonymous Coward | about a year ago | (#43404083)

Which is a wonderful quote in response to government overstepping its boundaries. But getting a warrant first is kind of the opposite of overstepping their boundaries.

Now if you'd like to argue that a warrant should never have been issued...

(I am aware of the other posters that have pointed out that no warrant was actually issued. However, since you made no mention of that, one must read your post as you arguing against the actions of the FBI despite them having a warrant.)

Re:Ok..So verizon has shown they cant be trusted.. (2)

ShanghaiBill (739463) | about a year ago | (#43404751)

"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels."

Lenny Bruce was a scoundrel. Larry Flynt was scoundrel. They deserved to be defended. This guy is just a common thief. As long as the FBI has a warrant (it isn't clear that they did), then I don't see the issue here. He deserves a fair trial, but stealing from other people is not a "human freedom", and none of his actions are defensible.

Re:Ok..So verizon has shown they cant be trusted.. (4, Informative)

Hatta (162192) | about a year ago | (#43403901)

A court order is not a warrant, and the judge who issued that court order may not have been fully informed. FTFA:

The government has conceded, however, that it needed a warrant in his case alone â" because the stingray reached into his apartment remotely to locate the air card â" and that the activities performed by Verizon and the FBI to locate Rigmaiden were all authorized by a court order signed by a magistrate.

The Electronic Frontier Foundation and the American Civil Liberties Union of Northern California, who have filed an amicus brief in support of Rigmaidenâ(TM)s motion, maintain that the order does not qualify as a warrant and that the government withheld crucial information from the magistrate â" such as identifying that the tracking device they planned to use was a stingray and that its use involved intrusive measures â" thus preventing the court from properly fulfilling its oversight function.

âoeIt shows you just how crazy the technology is, and [supports] all the more the need to explain to the court what they are doing,â says EFF Staff Attorney Hanni Fakhoury. âoeThis is more than just [saying to Verizon] give us some records that you have sitting on your server. This is reconfiguring and changing the characteristics of the [suspect's] property, without informing the judge whatâ(TM)s going on.â

Re:Ok..So verizon has shown they cant be trusted.. (1)

alen (225700) | about a year ago | (#43404001)

the paragraph before that one said they got a warrant

Re:Ok..So verizon has shown they cant be trusted.. (3, Informative)

wierd_w (1375923) | about a year ago | (#43404031)

Reading comprehension fail.

The FBI agreed that it *needed* a warranted (eg, that what they were doing with the stingray needed one), but said that what verizon did for them was authorized by a court order, and did not need one.

This does not say that they in fact obtained such warrant, which they did not.

Re:Ok..So verizon has shown they cant be trusted.. (2)

alen (225700) | about a year ago | (#43404337)

go read the linked articles

the FBI had multiple court orders and warrants. the perp is saying that the wording of their warrant did not allow the use of a stingray device

rule #1 of criminal law. if you can't fight the evidence then fight to have it excluded from the case. they already had lots of other evidence that he was a scumbag and were only trying to figure out who he was and where he lived

Re:Ok..So verizon has shown they cant be trusted.. (1)

wierd_w (1375923) | about a year ago | (#43404393)

And it would appear that many other organizations, and even this court judge are either in agreement with that position, or are willing to consider that position's legitimacy, which is why this case has not been dismissed.

Like all things, the devil's in the details.

Re:Ok..So verizon has shown they cant be trusted.. (1)

the eric conspiracy (20178) | about a year ago | (#43404645)

Warrants have to be specific as to the place to be searched. If they didn't have a warrant to do this, oh well.

Re:Ok..So verizon has shown they cant be trusted.. (1)

alen (225700) | about a year ago | (#43404811)

technically, they weren't searching his home or vehicle, they were simply trying to triangulate his location to make an arrest based on other evidence already collected

Re:Ok..So verizon has shown they cant be trusted.. (1)

Khyber (864651) | about a year ago | (#43404977)

"A court order is not a warrant,"

In fact, a warrant is a court order signed and issued by a judge via the District Attorney's office.

Try again. This isn't the '50s.

Re:Ok..So verizon has shown they cant be trusted.. (1)

suutar (1860506) | about a year ago | (#43405311)

A warrant is a form of court order, yes. But not all court orders are warrants.

Re:Ok..So verizon has shown they cant be trusted.. (1)

j00r0m4nc3r (959816) | about a year ago | (#43405343)

This isn't the '50s.

Not for another 37 years...

Re:Ok..So verizon has shown they cant be trusted.. (1)

sjames (1099) | about a year ago | (#43405387)

A warrant is a court order, but a court order is not necessarily a warrant. Somewhere, your elementary school math teacher is facepalming.

Re:Ok..So verizon has shown they cant be trusted.. (2)

wierd_w (1375923) | about a year ago | (#43403925)

I was under the impression that verizon complied with the FBI request in "rubber stamp" fashion, and not due to a warrant. (Which was why their use of the stingray had caused judges to get stingy when discovered.)

Pushing firmware to devices without permission/authorization from the downstream user can count as vandalism, if the device is not subsidized by verizon, and is the user's personal property. I don't use verizon, so this does not really impact me except as being a chilling effect, as other providers will be compelled to comply by govt agencies as well.

The above 3 posts fail to take into account that all persons of interest are innocent until proven guilty in a court of law, so all tapping and tracing activities need to be seen as if they were performed on people who have done absolutely nothing wrong. Approaching it from the "we helped them catch a dirtbag" angle is not justifiable, unless you operate under the "guilty until proven innocent" model instead.

A warrant has to be issued, it has to be specific in what is to be taken, and specific in the place, time, and person of interest investigated.

Your "la dee dah" blithe response to this kind of thing is exactly why the USA is turning more and more into a police state every day. Keep that in mind.

Re:Ok..So verizon has shown they cant be trusted.. (1)

plover (150551) | about a year ago | (#43404199)

A warrant has to be issued, it has to be specific in what is to be taken, and specific in the place, time, and person of interest investigated.

That's the interesting thing about this case. It's not just a thing to be taken, but they performed active malicious operation of the suspect's own data card. And it's hard to exactly name an identity thief, when his true identity was one of the facts they were trying to ascertain.

I suspect the ruling will be narrowly focused on some detail of this specific case and won't answer the broad question of whether or not all Stingray use needs a warrant.

Slip down your law and order slope, citizen (5, Funny)

ThatsNotPudding (1045640) | about a year ago | (#43404065)

FBI got a warrant and verizon helped catch a suspected scumbag what's the problem here?

"When they came for the scumbags, I did not speak out, for I was not a scumbag..."

Re:Ok..So verizon has shown they cant be trusted.. (1)

sl4shd0rk (755837) | about a year ago | (#43404115)

what's the problem here?

Alleged 4th amendment viloation [engadget.com]

Re:Ok..So verizon has shown they cant be trusted.. (1)

poetmatt (793785) | about a year ago | (#43404447)

lazy troll is lazy.

warrant was not legitimate, search was violation of 4th amendment.

when/how is that ever not a problem?

Re:Ok..So verizon has shown they cant be trusted.. (1)

Leafheart (1120885) | about a year ago | (#43405059)

lazy troll is lazy.

warrant was not legitimate, search was violation of 4th amendment.

when/how is that ever not a problem?

Got any proof of that?

Re:Ok..So verizon has shown they cant be trusted.. (1)

the eric conspiracy (20178) | about a year ago | (#43404609)

They didn't get a warrant. They got a court order, which isn't something that requires demonstration of probable cause.

Re:Ok..So verizon has shown they cant be trusted.. (0)

Anonymous Coward | about a year ago | (#43404717)

The logic goes like this, If you let people do anything they want to stop "crime", it encourages them to be lawless. Therefore, evidence that is collected without a warrant is not admissible, as it would encourage law enforcement to break the law, however they want, to physh for whoever they want to target. It encourages lawlessness and tyranny.

Re:Ok..So verizon has shown they cant be trusted.. (3, Insightful)

jchawk (127686) | about a year ago | (#43403785)

While I really agree with what you are saying... The market has not demonstrated that it cares about this type of behavior. Joe Six Pack continues to pile on more and more devices onto the Verizon network without a second thought to privacy. If you think I'm wrong look at the 6-strike rule in their Internet business... This hasn't hurt them one bit.

The average person simply doesn't understand the behinds the scenes technology well enough to care.

Re:Ok..So verizon has shown they cant be trusted.. (1)

IndustrialComplex (975015) | about a year ago | (#43404349)

The average person simply doesn't understand the behinds the scenes technology well enough to care.

The average person doesn't need to understand the technology to care. The problem is that very often the average person doesn't understand why they should care.

The second problem is that even when you do care, what does the average person have in the way of alternatives?

Re:Ok..So verizon has shown they cant be trusted.. (1)

Farmer Pete (1350093) | about a year ago | (#43405071)

Most likely thing is that even if you got people to be pissed at Verizon and ready to jump ships, no one would pay their ETF to leave. By the time people's contracts ran up, they'll probably have forgotten they were angry at Verizon in the first place.

Holy crap ... (0)

gstoddart (321705) | about a year ago | (#43403731)

Is this even legal? Did they have warrants for this? Did they take any precautions to make sure other people weren't pulled into this?

When telecom companies are re-programming such things to serve law enforcement, I should hope there's some actual legal oversight instead of "because we need to".

I'd like to see some clear rulings which define how they can and can't use this stuff, because they seem to just go ahead and do it without caring much for the legalities.

Re:Holy crap ... (1)

Pliny (12671) | about a year ago | (#43403799)

If anybody other than Verizon had done this to somebody, they'd be in jail.

Re:Holy crap ... (3, Informative)

plover (150551) | about a year ago | (#43403917)

That's one of the issues in this case. A Stingray is not discriminating and could impact other cellular devices. The FBI also claims they "throw away" all data that is not pertinent to their investigation, meaning there is no way to determine what they did or did not see regarding other people's communications. (Kind of a damned if you do, damned if you don't situation.)

There is also the difference between wiretaps and pen trace registers. Wiretaps require a warrant, but pen traces don't. The Stingray doesn't record the call or data contents, so it could be claimed to be more like a pen trace. But a Stingray is actively pinging the target's machine to generate data to be used against the owner, which is a completely different use (abuse?) of the technology.

Anything like this would be perfectly legal with a warrant. The real question is if this is legal without one.

Re:Holy crap ... (1)

plover (150551) | about a year ago | (#43404059)

Clarification: in this case they had a "court order signed by a magistrate". I don't know how that differs from a "warrant", but it does sound like an appropriate level of judicial oversight, and that this was not just a rogue agent fishing for tax evaders.

Re:Holy crap ... (1)

gstoddart (321705) | about a year ago | (#43404185)

Clarification: in this case they had a "court order signed by a magistrate". I don't know how that differs from a "warrant"

Well, except that:

The government has conceded, however, that it needed a warrant in his case alone â" because the stingray reached into his apartment remotely to locate the air card â" and that the activities performed by Verizon and the FBI to locate Rigmaiden were all authorized by a court order signed by a magistrate

They didn't have the appropriate level of oversight, they had some oversight, but not to the standard they required.

I have no reason to believe this was a 'rogue' agent, I fear it's become SOP at the FBI, and the entire agency is skirting the law when it's convenient.

Re:Holy crap ... (1)

PRMan (959735) | about a year ago | (#43404111)

It does look like they configured it in such a way that ONLY the suspect's card attached to the Stingray. That narrow focus may win the day in this case.

Re:Holy crap ... (4, Insightful)

EmperorArthur (1113223) | about a year ago | (#43404143)

It's a little more complicated than that.

It seems Verizon pushed an update to his specific wireless card. This update allowed it to receive phone calls, thus allowing them to "ping" him in particular. It also set the preferred tower list so that the stingray would always be connected to first.

The fun thing is that by modifying his wireless card, the FBI has "planted" a tracker on him. That requires a warrant. If this guy was such a big deal, then it shouldn't have been hard to get the warrant. The problem is the FBI didn't want anyone, even the judges, to know what cards they held. So even when they got there court order, it wasn't a warrant, and they misled the judge who issued the order. That's a big no no.

Re:Holy crap ... (2)

plover (150551) | about a year ago | (#43404413)

Got it, thanks. I missed equating the change to his card as "planting a tracking device", which makes total sense, at least to me. So now, it's up to the court to decide if the law sees those as equivalent activities, requiring equivalent oversight.

Oh well. Better to let 100 scoundrels roam free than to wrongly imprison one man.

Re:Holy crap ... (1)

Bobfrankly1 (1043848) | about a year ago | (#43404271)

That's one of the issues in this case. A Stingray is not discriminating and could impact other cellular devices. The FBI also claims they "throw away" all data that is not pertinent to their investigation, meaning there is no way to determine what they did or did not see regarding other people's communications. (Kind of a damned if you do, damned if you don't situation.)

From what I've read on the issue, the stringray only works if the targeted phone's PRL has been modified to accept the stingray as a "friendly" tower. On or off, unmodified phones aren't going to connect to the stingray, seeing it as a rogue device.

I'm not saying there isn't anything to be concerned about here, just saying that you're focusing on the wrong (and incorrect from what I'm reading) issue. In these circumstances, the stingray appears useless without the service provider's complicity in both tracing location of the target, and uploading modified firmware to the target's phone.

Re:Holy crap ... (1)

plover (150551) | about a year ago | (#43404617)

That was the beauty of Paget's hack. He used one of the non-domestic cell frequency bands to attack quad-band cell phones (using the ISM band at 900MHz.) Because the phone decided it was roaming, and didn't care about the network ID being set to zero, the phone believed whatever the fake tower told it. The other thing he needed was to send a tower signal that claimed it was getting perfect reception from the subscriber device, so the phone would prefer it above the real towers. No PRL change needed. He also told the phones that the network did not support encryption, so the traffic was sent in the clear, and not only could he intercept it, he could retransmit it over VOIP, acting as a man in the middle.

That was an amazing hack.

Re:Holy crap ... (0)

Anonymous Coward | about a year ago | (#43404859)

That was the beauty of Paget's hack. He used one of the non-domestic cell frequency bands to attack quad-band cell phones (using the ISM band at 900MHz.) Because the phone decided it was roaming, and didn't care about the network ID being set to zero, the phone believed whatever the fake tower told it. The other thing he needed was to send a tower signal that claimed it was getting perfect reception from the subscriber device, so the phone would prefer it above the real towers. No PRL change needed. He also told the phones that the network did not support encryption, so the traffic was sent in the clear, and not only could he intercept it, he could retransmit it over VOIP, acting as a man in the middle.

That was an amazing hack.

I turned roaming off in my cell phone...

Re:Holy crap ... (1)

EmperorArthur (1113223) | about a year ago | (#43405133)

I'm not so sure about some of that.

I watched the video: https://www.youtube.com/watch?feature=player_detailpage&v=DU8hg4FTm0g#t=1314s [youtube.com] and didn't see anything on preventing rogue base stations for GSM. Of course, Verizon uses a CDMA network, so they may have extra precautions.

The part about using the 900MHz band didn't have anything to do with roaming. It had to do with legality. The frequency he's using is a ham radio frequency, and he's complying with FCC regs. https://www.youtube.com/watch?feature=player_detailpage&v=DU8hg4FTm0g#t=507s [youtube.com]

Re:Holy crap ... (0)

Anonymous Coward | about a year ago | (#43404733)

Interference is interference...if they were operating the stingray without regards to any of the neighboring cell frequency/channel/pn...it could be detrimental to innocent users.

It could also accept calls from anyone savvy enough to alter their own PRL to accept all networks.

Re:Holy crap ... (1)

Farmer Pete (1350093) | about a year ago | (#43405097)

No wonder that guy on the Verizon commercials had such good coverage...He had an FBI van with a femtocell following him around.

Re:Holy crap ... (1)

LVSlushdat (854194) | about a year ago | (#43404495)

You have to realize that we are now living in an era when the law is WHATEVER the FBI/TSA and all of the other multitude of three-letter-acronymed agencies SAY it is.. I've given up hope that sanity and Consitutional freedom will return to America anytime soon.. I'm thankful I'm not a kid anymore having to live in what is quickly becoming what the old soviet union was..

Re:Holy crap ... (0)

Anonymous Coward | about a year ago | (#43404653)

If only there was a linked article with more details!

So. Who cares? (0)

Anonymous Coward | about a year ago | (#43403773)

If the FBI's looking for you and gets the proper documentation, then everything's fine. You only worry if you have something to hide.

FTFY (1)

Overzeetop (214511) | about a year ago | (#43404153)

If the FBI's looking for you and gets the proper documentation, then it is legal. full stop

Whether things are fine, or whether you do or don't have something you would like to hide, it becomes irrelevant to the discussion.

Re:FTFY (1)

IndustrialComplex (975015) | about a year ago | (#43404539)

If the FBI's looking for you and gets the proper documentation, then it is legal. full stop

For sufficient levels of proper documentation. I'm not convinced that today's warrants are given a sufficient amount of scrutiny. Without oversight, all human processes have a tendency to degrade.

If someone were given a task to perform, and there are no consequences if the task is not performed, it won't be long before the task sits uncompleted.

If the penalties for underperforming are less severe than the additional cost of full performance, expect underperformance.

Re:FTFY (1)

moeinvt (851793) | about a year ago | (#43405319)

Exactly. Government employees are never held responsible for their under-performance or even their criminal activities. Warrantless wiretapping was a clear violation of the FISA law with both civil and criminal penalties, but nobody is held responsible. ATF smuggles guns to the Mexican cartels, they do an internal investigation and nothing happens. The OTS, SEC and FDIC have clearly defined obligations (the agency SHALL ....) to regulate banks, but they ignore those obligations. Their failures result in financial turmoil, but there are no consequences for the so-called "regulators".

Expect non-performance.

technology vs law (2, Insightful)

houbou (1097327) | about a year ago | (#43403791)

Clearly our technological advances are ahead of the law and it's time for those 2 to sync up in a realistic way.

Ok, so this is a guy who does identity fraud.
I'm not crying for him
He's lucky to even have access to due process as far as I'm concerned However, that your very own devices can be used against you in such ways, which means that the trust you have in your provider is broken, seems unethical.
If the FBI and/or other agencies require such abilities, perhaps then, companies such as Verizon should place this in their contracts something like "authorities can use your devices to track you and/or use your data for any of their investigations as they see fit".
Transparency would be nice.
All I know is that, I've got nothing to hide, so I don't care, but, for those who do, they may have to switch to another provider....

Re:technology vs law (2, Insightful)

Anonymous Coward | about a year ago | (#43403865)

He's lucky to even have access to due process as far as I'm concerned ... All I know is that, I've got nothing to hide, so I don't care

Then you, sir, deserve to be dragged off in the night and charged without due process.

Everybody deserves due process, or you cease to be a free society. And the "you have nothing to fear if you have nothing to hide" is the lament of cowards and fascists.

Fuck you you worthless sack of shit. You're part of the problem of tacitly accepting it as okay when your government breaks the laws.

Re:technology vs law (0)

AaronLS (1804210) | about a year ago | (#43404187)

You completely twisted his words you "worthless sack of s***". He never said the suspect shouldn't have due process. As far as I can tell he was probably alluding to the fact that they are lucky they are in America where you get due process. If you are so quick to twist someone's words so you can find a reason to delegate them to worthlessness, then you have nothing to contribute to the world and are the very essence of worthlessness. Chill out and learn some reading comprehension.

It is like if I said "I'm lucky to be alive" and you interpreted that to mean that I am a proponent of being dead.

Re:technology vs law (0)

Anonymous Coward | about a year ago | (#43404339)

It is like if I said "I'm lucky to be alive" and you interpreted that to mean that I am a proponent of being dead.

Well why don't you try being dead and fuck the hell off?

The poster said "He's lucky to even have access to due process as far as I'm concerned", which conveys he'd be OK with skipping that part for certain kinds of 'bad' people.

Assign your own meaning to "All I know is that, I've got nothing to hide, so I don't care", and ask how your own reading comprehension is working.

We should be OK with the government spying on us because we're innocent? Fuck that, the government needs to show cause, not the other way around.

"If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him." --Cardinal Richelieu.

Grow up and read some history. When governments try to convince you that your rights are an afterthought, they're not looking out for you. They're going to run roughshod over you.

Re:technology vs law (0)

Anonymous Coward | about a year ago | (#43403935)

won't ever happen

Re:technology vs law (1)

japhering (564929) | about a year ago | (#43404209)

All I know is that, I've got nothing to hide, so I don't care, but, for those who do, they may have to switch to another provider....

And what happens when it becomes a felony to possess $100 bill, or to take 4 pain killers when the bottle says 2, .. speeding over 5 mph
not taking reusable bags to the grocery store ..

In this day and age .. no telling what will be the next big federal crime... streaming copyrighted video from a site not owned by the copyright holder comes to mind.

Re:technology vs law (1)

the eric conspiracy (20178) | about a year ago | (#43404545)

What happens is simple. It's all about consent of the governed and common sense. [wikipedia.org]

Re:technology vs law (1)

Farmer Pete (1350093) | about a year ago | (#43405175)

Your list of potential crimes is insanely stupid and completely unrealistic. What next? Are you going to outlaw all sodas sold in cups 17 oz or larger? That will be the day.

Re:technology vs law (1)

KingMotley (944240) | about a year ago | (#43404347)

If the FBI and/or other agencies require such abilities, perhaps then, companies such as Verizon should place this in their contracts something like "authorities can use your devices to track you and/or use your data for any of their investigations as they see fit".

I'm going to go out on a limb here and say you haven't read your agreement.

Re:technology vs law (1)

moeinvt (851793) | about a year ago | (#43404729)

I'd like to see transparency too, but it doesn't really matter. The FISA Revisions Act of 2007 basically shredded any privacy agreements we might have with the telecom companies and absolved them of any legal responsibility for protecting their customers' information.

The feds didn't want any details of their blatantly illegal and unConstitutional warrantless surveillance program leaking out.
Therefore, they came along and granted all the telecom providers complete immunity from civil suits or any criminal investigations and prosecutions.A civil suit or state level criminal prosecution had the potential for revealing their crimes, so the telecoms get complete immunity. Your privacy agreement with them doesn't matter one bit.

Ping-SMS and IMSI catcher (0)

Anonymous Coward | about a year ago | (#43403951)

In case you want to look it up.

Sounds Technically Accurate (0)

Anonymous Coward | about a year ago | (#43403967)

The described scenario is technically accurate. I see no reason to doubt that this is exactly what happened. The only possible exception is the 'reprogramming of the aircard'. It is my assumption that this is the default behavior of aircards and that no reprogramming was/is necessary. A trojaned PRL is likely IMO.

Re:Sounds Technically Accurate (1)

plover (150551) | about a year ago | (#43404311)

Nobody is disputing the facts of the case. The questions are if the legal protections were adequate in this case, or if the FBI should have done something more.

And the card wasn't "reprogrammed", at least not in the sense of sending an actual new program to it. An artificial list of cell tower IDs was sent to it, prominently featuring the fake tower ID as top priority. This duped his card into always trying to connect to the FBI's Stingray.

It was "reprogrammed" in the same sense that your grandmother equates "data entry" with "programming".

Re:Sounds Technically Accurate (1)

gstoddart (321705) | about a year ago | (#43405203)

Well, then go with "reconfigured" instead of getting mired in the definition of "programmed".

The end result was they broadcast something which caused his card to report his whereabouts, and gets into the realm of things that the FBI + Verizon may or may not be able to do without some proper authorization.

The Electronic Frontier Foundation and the American Civil Liberties Union of Northern California, who have filed an amicus brief in support of Rigmaiden's motion, maintain that the order does not qualify as a warrant and that the government withheld crucial information from the magistrate -- such as identifying that the tracking device they planned to use was a stingray and that its use involved intrusive measures -- thus preventing the court from properly fulfilling its oversight function.

So did an error of omission lead to an error of commission?

It's TFA which says "In order to do this, Verizon reprogrammed the device so that when an incoming voice call arrived, the card would disconnect from any legitimate cell tower to which it was already connected, and send real-time cell-site location data to Verizon, which forwarded the data to the FBI"

Pshaw (0)

Anonymous Coward | about a year ago | (#43404157)

Rookie move, he deserved to be caught! Everyone knows compare your tables to non-criminals tables. DUH

You Can Too! (1)

Anonymous Coward | about a year ago | (#43404183)

All you need is openBTS [wikipedia.org] and a USRP [wikipedia.org] . Total investment could be under $500.

HOWEVER... Since you would be operating an unlicensed radio on a licensed spectrum, as well as intercepting/hijacking other people's cell calls you will be breaking many laws including operating without a license, illegal intercept, wire fraud...

You, unlike the FBI, will not have a get out of jail free card. You will rot in jail! But, the tools are readily available to the public and te barrier to entry is surprisingly low.

weird hypothetical wonder of the modern world (0)

Anonymous Coward | about a year ago | (#43404481)

1) connect CDMA card to embedded PC board acting as router, with WIFI to bridge.
2) connect camera to rig, stream video over wifi to user end point
3) hide device in an unused area or room that has no connection (evidence wise) to you whatsoever
4) when FBI tactical sigint nazis home in on your celluar devices signal, they think they "HAVE YOUR ASS", and SWAT team busts through the door. Unfortunately for them, there's nobody to bust, but there IS a nice camera streaming the hilarity to you, which you record.
5) upload hilarious footage of dumbfounded, pissed off nazi SWAT team ot internet
6)?????
7) hilarity and profit ensues

I had a dream that happened

mod 0P (-1)

Anonymous Coward | about a year ago | (#43404501)

Felonies even if the FBI did'em (1)

redelm (54142) | about a year ago | (#43404537)

... 'scuse me, but I see "unauthorized access to a computing system" and "theft of service" all over here. A badge should not be a free pass to commit crimes.

The fibbies might well have a warrent that would allow searching the machine, and a different one that would allow monitoring electronic conversations. But that is not the same as planting malware that creates transmissions. Not that the FBI transgressions are likely to be presented to a Grand Jury.

The interesting thing is this is a criminal trial where illegally obtained evidence and all results thereof can be excluded "fruit of the poisoned vine". So watch the admissibility rulings ...

Re:Felonies even if the FBI did'em (1)

AK Marc (707885) | about a year ago | (#43404903)

... 'scuse me, but I see "unauthorized access to a computing system" and "theft of service" all over here. A badge should not be a free pass to commit crimes.

So the police can't come on to your property to arrest you, because that would be trespass. Go out, kill, rob, maim, and race home. If they don't restrain you before you reach your property, you are safe indefinitely.

No, that's not how it works.

Re:Felonies even if the FBI did'em (1)

redelm (54142) | about a year ago | (#43405293)

Sure it is -- arrest warrents allow trespass, breaking & entering, and armed kidnap. Sometimes "danger to others" or "exigent circumstances" are acceptable reasons. Would be for civilians too.

Do not kid yourselves, the police skate close to felonies. The more conscious amongst them are well aware of this and appropriately cautious.

Re:Felonies even if the FBI did'em (0)

Anonymous Coward | about a year ago | (#43404915)

... 'scuse me, but I see "unauthorized access to a computing system" and "theft of service" all over here. A badge should not be a free pass to commit crimes.

The fibbies might well have a warrent that would allow searching the machine, and a different one that would allow monitoring electronic conversations. But that is not the same as planting malware that creates transmissions. Not that the FBI transgressions are likely to be presented to a Grand Jury.

The interesting thing is this is a criminal trial where illegally obtained evidence and all results thereof can be excluded "fruit of the poisoned vine". So watch the admissibility rulings ...

Wow, maybe I can hire you as my next lawyer!

Joke's on them. I have AT&T. (1)

Anonymous Coward | about a year ago | (#43404581)

It never connects to the strongest signal.

Government will do as it pleases (0)

Anonymous Coward | about a year ago | (#43404773)

Maybe I am naive and everyone knows this already but the the government monitors bank accounts.

I opened a joint bank account for my grandson two months ago. He does not have a SS number yet. I noticed some transactions of a few cents in the account. My credit union told me these are transactions against the account from the federal givernment to verify the account because it does not have a SS attached to it. Once I send in the signed paperwork, the transactions should stop. What the hell are they doing? My wife is always saying "if you have nothing to hide why should you worry". She finally changed her mind after seeing this. Of course she blames it on Obama but at least shes looking now.

One has to wonder if Verizon's routers and STBs (1)

Burz (138833) | about a year ago | (#43404935)

...aren't also targets for reprogramming and surveillance.

Boulder Colorado Police use a stingray (0)

Anonymous Coward | about a year ago | (#43404939)

The boulder county sheriffs department likes to reprogram the PRL of jail visitors as described in TFA after using adb to break into phones and copy off /data /sdcard and /sd-ext. Make sure to *228 or use cdma field test -> map tower. I only noticed because of the crappy service...I wonder how many people are being snooped without warrant in Boulder CO

Sounds about right... (1)

Tim12s (209786) | about a year ago | (#43405013)

Thats one way to do it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>