Who catches the IMSI catchers? Researchers demonstrate Stingray detection kit

Previous discussion: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=14474956" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=14474956</a>

Underlying paper with all of the tech details: <a href="https:&#x2F;&#x2F;seaglass-web.s3.amazonaws.com&#x2F;SeaGlass___PETS_2017.pdf" rel="nofollow">https:&#x2F;&#x2F;seaglass-web.s3.amazonaws.com&#x2F;SeaGlass___PETS_2017.p...</a><p>And the web site with all of the software: <a href="https:&#x2F;&#x2F;seaglass.cs.washington.edu&#x2F;" rel="nofollow">https:&#x2F;&#x2F;seaglass.cs.washington.edu&#x2F;</a> (most interesting section: algorithms)

The tricky part would be eliminating non-stingray signals.<p>T-Mobile&#x27;s HQ is in Bellevue, and I&#x27;m sure they have some test towers probably set up in their building. These signals can easily &quot;get away from you.&quot;<p>I worked on Windows Phone, and we had a faraday cage setup with various different cellular networks coming in over the wire, which we would set up with different attenuation to test cellular radio handoff. One time someone left the door open, and the whole floor of the building roamed over to the UK. It was not a good day for international roaming charges.

The next generation of the cellphone protocol should include some kind of PKI so the telco can&#x27;t be spoofed without its permission.<p>Don&#x27;t know if that will actually help, because the telcos are already quite compliant about giving every bit of data that passes through their systems to the NSA.

I spent the last year researching, designing, then implementing an IMSI Catcher detector at first as a hobby then as my capstone project. There already exists working fairly mature solutions for this and they are very open about their detection metrics, specifically SnoopSnitch [1].<p>The major drawback of the SnoopSnitch solution is that they are phone apps and are tightly coupled with the hardware and drivers. We were attempting to demonstrate that it could be done in a way portable across desktop operating systems and phones and we succeeded in creating a proof of concept at a cost of $200 [2].<p>This solution is also better suited to use as a centralized device for organizations to use that can be audited by security personnel to protect against corporate espionage. This is a real threat demonstrated by the fact that by simply changing a few lines of code in the IMSI Catcher detector a few undergrads built we could have an IMSI Catcher. This need is often left out of the arguments for IMSI Catcher detectors and I think that is very harmful because the first thing said about the project has always been &quot;They will just make it illegal.&quot; This is much more unlikely when you consider that anyone can build one.<p>I would like to continue development beyond the proof of concept but have lost most of my team now that school is out if anyone would be interested you can contact me. Some commercial IMSI Catcher detectors sell for as much as $40,000.<p>[1] <a href="https:&#x2F;&#x2F;opensource.srlabs.de&#x2F;projects&#x2F;snoopsnitch&#x2F;wiki&#x2F;IMSI_Catcher_Score" rel="nofollow">https:&#x2F;&#x2F;opensource.srlabs.de&#x2F;projects&#x2F;snoopsnitch&#x2F;wiki&#x2F;IMSI_...</a><p>[2] <a href="https:&#x2F;&#x2F;gitlab.com&#x2F;finding-ray&#x2F;antikythera" rel="nofollow">https:&#x2F;&#x2F;gitlab.com&#x2F;finding-ray&#x2F;antikythera</a>

Interesting.<p>Wouldn&#x27;t it be a desirable phone feature to be able to list and select a cell tower connection the same way you can select wifi?

One of those moments would be nice to have Steve Jobs step in. He certainly did not like Government abusing its powers (he used to buy or rent [don&#x27;t remember] his Benz from CA dealer once every six month and drove on paper license plate because that&#x27;s how long you can drive on non-hard plate) - I bet you newest update of OS would have it by default turned on detection and rejection of connections with unknown sources.<p>Overnight Stingray producer - bankrupt.