SoylentNews is people
SoylentNews
Submitted via IRC for Fnord666
Senator Ron Wyden (D-OR) wants to know if cell-site simulators, also known as Stingrays, have the potential to interfere with mobile communications, and he's asked the FCC to share any research it has done into the matter. In a letter sent to Chairman Ajit Pai today, Wyden asked what steps the agency had taken to ensure the devices -- which track mobile devices by mimicking cell towers -- don't interfere with the communications of targeted and non-targeted devices or calls to 911, specifically. "The FCC has an obligation to ensure that surveillance technology which it certifies does not interfere with emergency services or the mobile communications of innocent Americans who are in the same neighborhood where law enforcement is using a cell-site simulator," he wrote.
Wyden asks for information about any testing conducted by or required by the FCC regarding the disruption of communications and if no tests have been performed, he wants to know why. Along with 911 call interference, he also asks about the potential disruption of wireless internet access, effects on the battery life of mobile devices as well as interference with Real Time Texting devices, hearing aids, cochlear implants and Wireless Emergency Alerts.
Earlier this year, the Department of Homeland Security informed Wyden that it found what appeared to be Stingrays in Washington DC, though the agency failed to say how many they found evidence of, who might be operating them or why. In his letter to Pai, Wyden said that DHS also told him that it doesn't conduct any tests of the cell-site simulators it uses, nor does it fund outside testing of communication interference. He added that the Department of Justice refused to provide any publicly accessible information on the matter.
Source: https://www.engadget.com/2018/06/26/senator-fcc-stingray-interfere-911-calls/
(Score: 5, Interesting) by DannyB on Wednesday June 27 2018, @08:46PM (3 children)
That sounds nice if you're thinking is stuck in the analog era of an AM or even FM modulated signal on a carrier wave.
GSM and no doubt LTE are far more sophisticated that that. The transmission in both directions is digital. Encrypted. Assigned to a specific frequency and time slot that constantly changes according to information known to both the base station (eg tower) and mobile set (eg, cell phone).
In other words, it is no small task indeed to attempt to isolate, capture and listen to a particular person. Even with a warrant.
The mobile sets only talk to base stations that it is authorized to talk to. Prioritizing base stations based on economic cost. (eg, An AT&T phone will prefer an AT&T base station, unless it must roam and use another carrier's tower -- in which case which one is the cheapest to connect to right now.)
A Stingray must jump through an enormous amount of hoops to trick a mobile phone into connecting to it.
I have offered two theories on SN before (multiple times) that this works either by:
1. using stolen crypto keys / credentials
2. using knowledge of some vulnerability in how this sophisticated system works
In either case, if the "secret sauce" of Stingray were known then every teenager would have a Stingray -- and the credentials would be revoked / changed. In the case of (2) it may take years to move everything to a newer version of a protocol that does not have the vulnerability. The reason I believe either (1) or (2) are the case is because of the EXTREME secrecy of Stingray. At first, they wouldn't even admit it existed. The mere mention of it in court would be enough to not prosecute and let the accused go free. Later is was parallel construction to avoid bringing up Stingray in court. (Parallel Construction: a euphemism for a conspiracy to commit perjury before the court by lying about what the actual evidence was and how the investigation was conducted, denying the defendant crucial evidence.)
The SIM card contains tamper proof private keys so that the SIM can sign something to prove to the base station that this really is the actual SIM given to the authorized account holder / service subscriber. The SIM is no doubt involved in working with the base station to establish a session key for encryption of this particular call or transaction with the base station.
"Broadcasting" and "Listening to a broadcast" are so far removed from the reality that it is just wrong.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Thursday June 28 2018, @11:37AM (2 children)
I dunno why you got modded so high for posting so much bullshit and misinformation.
What the Stingray does is it pretends to be a much closer cellular tower (your "base station"). So your phone connects to it in preference to other towers.
From then on the comms aren't encrypted. The encryption if any is between the phone and the tower. It's not like you're getting endpoint to endpoint encryption by default.
So all your texts are plaintext to the Telco (or the FBI/etc pretending to be the Telco), similar for your voice.
(Score: 2) by DannyB on Thursday June 28 2018, @01:15PM (1 child)
I would be glad of you correcting any misinformation. Especially my two THEORIES on why the extreme secrecy behind Stingray such that entire prosecutions are flat dropped. That Everyone who even hears about Stingray has to sign extreme NDAs, etc. Please enlighten.
That one single sentence which I quoted, can EASILY be interpreted to suggest that anyone can casually listen in on a cell phone conversation, or pluck text messages out of the air. If that is so easy, then please do explain.
Your message I am replying to seems to concede that there is at least encryption to the base station (eg, Stingray). But you don't refute the sophistication it would require to implement the various layers of protocols including management and assignment of which frequency and time slot the next packet should be sent in. Every packet changes frequency and time slot. Thus both the base and mobile must be very frequency agile, re-tuning to a different "channel" constantly.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Wednesday July 04 2018, @08:29AM
A cellphone tower has to do the exact same "sophisticated" thing. There no need to "jump through an enormous amount of hoops" - if your "tower" aka stingray is "nearer" the phone will connect to your tower.
There's no end-to-end encryption. After the tower/"tower" the telco (or your fake) has the plaintext. Where they can do stuff like: https://www.gl.com/trauemulation.html [gl.com]
I'll give you your point 2 about "knowledge of some vulnerability", there might be exploits that could convince more phones to stop using their current station ASAP and so reconnect to the "nearest" station (your stingray). BUT it's not 100% necessary if you're willing to breach regulations to make your "tower" look "nearer".
The stingray has to be a tower at one end and be multiple phones when talking to a real tower. But that's not really a huge problem.