The US Marshals are not the only federal law enforcement agency doing something like this. According to documents I obtained through a FOIA in 2012, ICE has purchased an airbourne mounting kit and paid for airbourne training for their Stingray II cell phone tracking gear.
See: <a href="https://www.documentcloud.org/documents/479397-#document/p44" rel="nofollow">https://www.documentcloud.org/documents/479397-#document/p44</a><p>Anyone interested in learning more about IMSI catchers and their use by US law enforcement agencies might be interested in this law review article I wrote.
<a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2437678" rel="nofollow">http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2437678</a>
In all seriousness, when police circumvent the existing legal methods for gaining access to information, and when they spy on people without warrants, why should the "normal channels" be left open?<p>Isn't it about time to repeal things like CALEA, or to accept that the cost of having a system like this is that it should be the <i>only</i> system?<p>"But we're afraid bad guys would act like they live in a surveillance state if they actually knew they lived in a surveillance state!" I... I just don't know how to understand that mindset.<p>I know there are evil criminals in the world, and I'll bet that having power and dominion over everyone is a fun trip, but it's also corrosive to what the US has always pretended to be.
There are also IMSI Catchers intercepting GSM all over the USA, for example this twitter feed reported one at SFO airport recently:<p><a href="https://twitter.com/cellhacking/status/524562944928264192" rel="nofollow">https://twitter.com/cellhacking/status/524562944928264192</a><p>And all over Washington DC:<p><a href="https://twitter.com/esdamerica/status/512293117052334080" rel="nofollow">https://twitter.com/esdamerica/status/512293117052334080</a>
Link is to WSJ paywall; also covered by:<p><a href="http://thehill.com/policy/technology/224129-report-feds-using-airplane-trackers-to-monitor-cellphones" rel="nofollow">http://thehill.com/policy/technology/224129-report-feds-usin...</a><p><a href="http://www.foxnews.com/politics/2014/11/13/secret-us-spy-program-targeted-americans-cell-phones/" rel="nofollow">http://www.foxnews.com/politics/2014/11/13/secret-us-spy-pro...</a>
Whenever I warn friends about this, I get called a conspiracy theorist :-/<p>We have a long way to go in educating the general public about technology, its benefits, and its pitfalls.
Thinking aloud in terms of a "solution" - is it possible to build crowdsourced blocklists that can be subscribed to by users, and will refuse to let their phones connect to "fake" celltowers?<p>P.S. I'm not a wireless guy, so I don't know if there's any kind of a digital giveaway that can distinguish a fake cell tower versus the real one it is spoofing. If there isn't, then perhaps the fault lies with existing wireless comm. standards.
Here are some excerpts from the WSJ paywalled article:<p><i>Cellphones are programmed to connect automatically to the strongest cell tower signal. The device being used by the U.S. Marshals Service identifies itself as having the closest, strongest signal, even though it doesn’t, and forces all the phones that can detect its signal to send in their unique registration information. Even having encryption on one’s phone, such as Apple Co. ’s iPhone 6 now includes, doesn’t prevent this process...<p>The program cuts out phone companies as an intermediary in searching for suspects. Rather than asking a company for cell-tower information to help locate a suspect, which law enforcement has criticized as slow and inaccurate, the government can now get that information itself. People familiar with the program say they do get court orders to search for phones, but it isn’t clear if those orders describe the methods used because the orders are sealed.<p>Also unknown are the steps taken to ensure data collected on innocent people isn’t kept for future examination by investigators. A federal appeals court ruled earlier this year that over-collection of data by investigators, and stockpiling of such data, was a violation of the Constitution.</i><p>This isn't exactly new. Harris' Stingray price list has AIRBRN-KIT-CONUS for sale for $9,000, dating back to 2008:
<a href="https://info.publicintelligence.net/Harris-SurveillancePriceList.pdf" rel="nofollow">https://info.publicintelligence.net/Harris-SurveillancePrice...</a><p>Here's a 2013 post on the so-called DRTBOX:
<a href="http://electrospaces.blogspot.com/2013/11/drtbox-and-drt-surveillance-systems.html" rel="nofollow">http://electrospaces.blogspot.com/2013/11/drtbox-and-drt-sur...</a><p>And another blog post from 2013 saying "Immigration and Customs Enforcement (ICE) purchased $3 million worth of Stingrays over several years, and are purchasing airborne mounting kits for both drones and manned aircraft":
<a href="http://gritsforbreakfast.blogspot.com/2013/03/bypassing-telecoms-stingrays-allow.html" rel="nofollow">http://gritsforbreakfast.blogspot.com/2013/03/bypassing-tele...</a><p>An earlier FOIA response from 2012:
<a href="http://s3.documentcloud.org/documents/479397/stingrayfoia.txt" rel="nofollow">http://s3.documentcloud.org/documents/479397/stingrayfoia.tx...</a>
"The training will cover all of Harris Stringray ll operations from an airborne platform.-Specifically, four students are to attend this special training on three different software packages GSM, and CDM mobile handsets) for the Program... The schedule is more unpredictable due to a large portion of the training taking place in an aircraft."<p>To summarize: if you live in the U.S.[1], your cell phone info (IMSI etc.) has been slurped up by flying FedGov "dirtboxes" without your knowledge, stored in perpetuity, without any law passed by Congress explicitly authorizing this, in violation of the Constitution's Fourth Amendment, and at best authorized by a secret court order from a secret court. Sigh.<p>[1] I presume most of the HN US readers live in or near metro areas, and the WSJ article says the program covers "most of the U.S. population." Obviously if you're in Idaho or Alaska, you're less likely to be caught in this particular data vacuum cleaner.
At a certain point, everyone will realize this has to stop. I've started to wonder though, if the way to beat the government at this is not to try and stop them, but to encrypt things in such a way that they can no longer use technology like this.<p>Personally, one thing I like about open source software, is I can host pretty much whatever I want, whenever I want. If this development path continues, I'd imagine that eventually, if there might be some entrepreneuring cell company[0] that would simply encrypt it all anonymously.<p>Obviously, this would mean a few changes to the way we do things. For example, maybe instead of triangulating your cellular position in an emergency, iOS and Android could create a 'distress' api that would allow for emergency services to access your location, and then alert you with the status. To be honest, it would end up working in a similar way as Emergency and Amber alerts on your device[1].<p>Realistically, it probably won't happen like this, but if privacy won't be given to us, we need to take it.<p>[0] <a href="http://www.artemis.com/" rel="nofollow">http://www.artemis.com/</a>
[1] <a href="http://support.apple.com/en-us/HT5795" rel="nofollow">http://support.apple.com/en-us/HT5795</a>
Yeah, well .. here is the thing:<p><i>We</i>, the free people, can build drones and we can also put wifi repeaters on them and we can - instead of sniffing things - actively participate in the construction and maintenance of wide open communication systems, for all to use. Everyone.<p>That is the other end of the scale of all this secrecy and control - there is another end of the NSA conundrum, and its all about open source. So, you know: getting your own local network started, and stop just 'consuming it' from the powers that be, is sort of a priority folks. If you don't want to have a secret oppressor, push to have fewer secrets kept in the world. Its a fact that the corruption of all governments begin with their secrets.<p>So .. as someone who has a fleet of small drones above his head right now, albeit sleeping while the lipo's charge, here is a technology I think should be pointed out that is a little less prone to snooping, and with the right kind of neighborhood, gives us all a great amount of freedom to communicate, nevertheless:<p><a href="http://ronja.twibright.com/" rel="nofollow">http://ronja.twibright.com/</a><p>Snoop on that, Feds!
My new kickstarter, a cell tower locator and a high power green laser pointer. When ever the device detects a cell tower above 500' AGL it activates the green laser pointer and directs it at the detected tower signal. :-)
> A Justice Department official would neither confirm nor deny the existence of such a program. The official said discussion of such matters would allow criminal suspects or foreign powers to determine U.S. surveillance capabilities.<p>This is the go-to defense for surveillance secrecy. However, not discussing such matters allows criminal officials to abuse these powers without repercussion.
A $9,000 per machine. Is it possible for a civilian to purchase it?<p>Knowing this is unconstitutional and if there are no government laws (shouldn't be right?) forbidding you from purchasing it, can I sue them if they refuse to sell me one?<p>Correct me if I'm wrong but putting this machine around Wall Street (given you know how to sell and buy stocks) would probably get you $9k back in less than a day, hm?<p>I still wonder though, if cellphones technology is secure and traffic encrypted, then how come can they listen to it? Wouldn't it be that Verizon or Apple had to give them some sort of keys to open the traffic and read it? (serious question)
Let's say they're flying a Cesna 1,500 feet over a metro area, that could easily be millions of cellphone connections. A regular cell tower can't handle that many. I'm wondering how this could work.
Seems like you would get an excellent picture of everyone's location habits with a small number of flights per city per month.<p>If this is legal, why can't they just subpoena carriers for the tower census data?
Last year a Cessna (a Skylane or Stationair) orbited the around central SF for several hours over 3 or 4 days. The edge of the track was right over my block. It would drone by every few minutes. It did not have a removed door or anything that would indicate camera platform. The constant orbit wouldn't make sense as an photographic mapping platform.<p>It was not on flighttrack, no ADS-B info, and too high to see the N number.
Isn't it time Google and Apple build some protections inside Android and iOS against this?<p>Maybe do something like what these guys did, but I'm sure they can come up with even more comprehensive protections:<p><a href="http://www.wired.com/2014/09/cryptophone-firewall-identifies-rogue-cell-towers/" rel="nofollow">http://www.wired.com/2014/09/cryptophone-firewall-identifies...</a>
I understand that you can sniff IMSI without being a recognized carrier. But to actually get a cell phone to join your tower – don't you need the carrier's keys to be able to authenticate during the tower handshake? (iOS 5+ warns about unencrypted tower connections, so presumably these have to be authenticated UMTS?)<p>If so, should we expect that the carriers surrendered their keys to law enforcement to allow them to run fake cell towers that authentically emulate their networks?
These are all still using GSM, which doesn't authenticate the network right? I really wish I could disable GSM on the iPhone like I could on my Android - none of the networks I regularly use have usable GSM networks. It's a waste of battery and a wide open security hole. Plain old classic GSM needs to die. Bring on the UMTS/LTE future.
This makes me wonder if the government has or is working on drones that hone in on a specific cellphone signal with a specific id after being trained.<p>Not just for tracking but an "icbm" kind of drone. First for military use, then for domestic use like how the police always get military weapon, iris scanners, etc.
Its tragic to see the self-inflicted damage that out-of-control surveillance has caused to the international reputation of the US and its tech industry. Sad.
I think cell antennas have unique identifiers. If true, can you detect when you connect to a tower that isn't your usual tower in your usual geographic location (assuming you're being targeted at home, for example).<p>And if there is indeed a unique id, can the fake cell take the id of a real cell and still work with the cellphone company, or would it need the cooperation of the cellphone company? (for example, the cell company would look at hops?)<p>I guess it's too much to hope that the cellphone companies would try to protect our privacy.<p>Maybe someday we'll have police running things similar to license scanners but for cellphone conversations. They'll drive around the city recording conversations to detect keywords for illegal activity (herb, drug, murder of crows, etc)<p>EDIT: actually, I don't think they need to hijack cellphone connections. They can just listen in - at least they used to be able to. We determined the identities of the bombers of our embassies in Africa in the late-90s through cellphone conversations through RC-135s flying along the Africa coast from Diego Garcia, and an intelligence gathering satellite that drags an antenna behind it.
We changed the url to one that seems to work, via <a href="https://news.ycombinator.com/item?id=8604931" rel="nofollow">https://news.ycombinator.com/item?id=8604931</a>.