Posted on 05/15/2015 1:15:06 PM PDT by zeugma
Stingray is the code name for an IMSI-catcher, which is basically a fake cell phone tower sold by Harris Corporation to various law enforcement agencies. (It's actually just one of a series of devices with fish names -- Amberjack is another -- but it's the name used in the media.) What is basically does is trick nearby cell phones into connecting to it. Once that happens, the IMSI-catcher can collect identification and location information of the phones and, in some cases, eavesdrop on phone conversations, text messages, and web browsing. (IMSI stands for International Mobile Subscriber Identity, which is the unique serial number your cell phone broadcasts so that the cellular system knows where you are.)
The use of IMSI-catchers in the US used to be a massive police secret. The FBI is so scared of explaining this capability in public that the agency makes local police sign nondisclosure agreements before using the technique, and has instructed them to lie about their use of it in court. When it seemed possible that local police in Sarasota, Florida, might release documents about Stingray cell phone interception equipment to plaintiffs in civil rights litigation against them, federal marshals seized the documents. More recently, St. Louis police dropped a case rather than talk about the technology in court. And Baltimore police admitted using Stingray over 25,000 times.
The truth is that it's no longer a massive police secret. We now know a lot about IMSI-catchers. And the US government does not have a monopoly over the use of IMSI-catchers. I wrote in Data and Goliath:
There are dozens of these devices scattered around Washington, DC, and the rest of the country run by who-knows-what government or organization. Criminal uses are next.
From the Washington Post:
How rife? Turner and his colleagues assert that their specially outfitted smartphone, called the GSMK CryptoPhone, had detected signs of as many as 18 IMSI catchers in less than two days of driving through the region. A map of these locations, released Wednesday afternoon, looks like a primer on the geography of Washington power, with the surveillance devices reportedly near the White House, the Capitol, foreign embassies and the cluster of federal contractors near Dulles International Airport.
At the RSA Conference last week, Pwnie Express demonstrated their IMSI-catcher detector.
Building your own IMSI-catcher isn't hard or expensive. At Def Con in 2010, researcher Chris Paget demonstrated his homemade IMSI-catcher. The whole thing cost $1,500, which is cheap enough for both criminals and nosy hobbyists.
It's even cheaper and easier now. Anyone with a HackRF software-defined radio card can turn their laptop into an amateur IMSI-catcher. And this is why companies are building detectors into their security monitoring equipment.
Two points here. The first is that the FBI should stop treating Stingray like it's a big secret, so we can start talking about policy.
The second is that we should stop pretending that this capability is exclusive to law enforcement, and recognize that we're all at risk because of it. If we continue to allow our cellular networks to be vulnerable to IMSI-catchers, then we are all vulnerable to any foreign government, criminal, hacker, or hobbyist that builds one. If we instead engineer our cellular networks to be secure against this sort of attack, then we are safe against all those attackers.
Me:
We have one infrastructure. We can't choose a world where the US gets to spy and the Chinese don't. We get to choose a world where everyone can spy, or a world where no one can spy. We can be secure from everyone, or vulnerable to anyone.
Like QUANTUM, we have the choice of building our cellular infrastructure for security or for surveillance. Let's choose security.
IMSI-catchers:
http://www.extremetech.com/mobile/...
Government secrecy around Stingray:
http://www.newsweek.com/...
http://www.wired.com/2014/06/...
https://www.aclu.org/blog/...
http://www.wired.com/2014/06/...
http://www.stltoday.com/news/local/crime-and-courts/...
http://arstechnica.com/tech-policy/2015/04/29/...
http://motherboard.vice.com/read/...
Baltimore police using Stingray:
http://www.baltimoresun.com/news/maryland/crime/...
Stingray is not very secret; everyone is using them:
http://papers.ssrn.com/sol3/papers.cfm?...
Rogue IMSI-catchers in the US:
http://www.wired.com/2014/09/...
http://venturebeat.com/2014/09/02/...
http://www.washingtonpost.com/world/...
http://gizmodo.com/...
http://www.washingtonpost.com/world/...
IMSI-catcher detector:
http://arstechnica.com/information-technology/2015/...
Building your own IMSI-catcher.
http://www.wired.com/2010/07/...
How Stingray illustrates the importance of a secure infrastructure.
https://www.schneier.com/blog/archives/2014/09/...
Here's an IMSI-catcher for sale on alibaba.com. At this point, every dictator in the world is using this technology against its own citizens.
http://www.alibaba.com/product-detail/...
They're used extensively in China to send SMS spam without paying the telcos any fees.
http://www.ibtimes.co.uk/...
On a Food Network show called Mystery Diners -- episode 108, "Cabin Fever" -- someone used an IMSI-catcher to intercept a phone call between two restaurant employees.
https://www.youtube.com/watch?v=CmoVbaJBPsM
The new model of the IMSI-catcher from Harris Corporation is called Hailstorm. It has the ability to remotely inject malware into cell phones.
https://www.insidersurveillance.com/...
Other Harris IMSI-catcher codenames are Kingfish, Gossamer, Triggerfish, Amberjack, and Harpoon. The competitor is DRT, made by the Boeing subsidiary Digital Receiver Technology, Inc.
Here's an IMSI-catcher called Piranha, sold by the Israeli company Rayzone Corp. It claims to work on GSM 2G, 3G, and 4G networks (plus CDMA, of course). The basic Stingray only works on GSM 2G networks, and intercepts phones on the more modern networks by forcing them to downgrade to the 2G protocols. We believe that the more modern ISMI catchers also work against 3G and 4G networks.
http://www.rayzoneg.com/brochure_piranha.pdf
So much for being secure in your person or papers.
Is it time for the snoopers to have “accidents” yet?
Codeword ... StingRay!
SS 396 is their call ... respond appropriately ...
The basic Stingray only works on GSM 2G networks, and intercepts phones on the more modern networks by forcing them to downgrade to the 2G protocols.
My phone did that while I was visiting my son at Marine Camp Pendleton.
That day is sadly long gone. I'm keeping my ammo dry for immediate use.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.