SoylentNews is people
SoylentNews
Ars Technica reports about a case in Missouri that may have been dropped to law enforcement's use of Stingray:
A woman accused of being a getaway driver in a series of robberies in St. Louis has changed her plea from guilty to not guilty after finding out that a stingray was used in her case.
Wilqueda Lillard was originally set to testify against her three other co-defendants, whose charges were also dropped earlier this month. As a result of changing her plea, the local prosecutor dropped the charges against her on Monday.
Terence Niehoff, Lillard’s attorney, explained to Ars that she pleaded guilty before learning about the use of the stingray. When her co-defendants’ attorneys challenged a police detective during a deposition, and that officer refused to provide further information, the case was eventually dropped.
However, Lauren Trager, the spokeswoman for the St. Louis Circuit Attorney’s Office denied to Ars that the dropping was related:
I am unable to provide the information you requested. Despite the opinion of the defense attorney in this matter, the dismissal of the cases was not related in any way to any technology used in the investigation."
(Score: 3, Interesting) by zugedneb on Friday May 01 2015, @10:25PM
I wonder, if the basic problem might be the fact that the entire system is made to be hackable.
It should not be possible to introduce fake towers, but here we are...
People might find out that a lot of things are made to be hackable...
For one company in communication/computing to become world leader, there needs to be a foundation of trust, it seems. The big companies might sink, and commerce fail if it is found out that there is backdoor in many things by default...
Also, the biggest failure of the EU is that they never had any political initiative for a "domestically" developed operating system, communication system, "internet"...
Engineers know that it is all cords between computers, but here people still think that USA can take down the entire internet... They don't seem to understand, that "internet" can be replaced by other "internet", that has nothing to do with continent on other side of the ocean...
On a parallel topic, here is some Numberphile videos on youtube, on encryption and how and why NSA managed to brake it, and blindly using recommendation by NIST...
https://www.youtube.com/watch?v=ulg_AHBOIQU [youtube.com]
https://www.youtube.com/watch?v=1O69uBL22nY [youtube.com]
old saying: "a troll is a window into the soul of humanity" + also: https://en.wikipedia.org/wiki/Operation_Ajax
(Score: 0) by Anonymous Coward on Saturday May 02 2015, @07:14PM
"It should not be possible to introduce fake towers, but here we are..."
Perhaps there should be some sort of 'end to end' encryption or at least from the cell phone to some cell phone company data center well beyond the towers. Cell phone signals shouldn't be unencrypted over the air and if they're not a relevant question is where do these signals get decrypted? If the signals are encrypted with a reasonably implemented cryptographic system it seems like someone shouldn't be able to easily execute a 'man in the middle' attack. Yet a fake cell phone tower would have to be just that, it would have to somehow bridge the connection between one cell phone and another cell or landline phone. So how are they doing it? Are they routing the traffic through the cell phone network? How exactly? Are they somehow doing a MITM attack and routing the signal from the fake tower to a real tower wirelessly? Is it through some hard wired connection (suggesting the cell phone companies are in on it)? If they are performing a man in the middle attack without the consent of the wireless service providers it would suggest a vulnerability that would potentially allow anyone to perform such an attack and use that to snoop on anyone's cell phone. Otherwise they are probably somehow working with the wireless network providers.
(Score: 2) by zugedneb on Saturday May 02 2015, @07:43PM
Either there is a conspiracy or there is indifference.
I do not know the standard, but generally the phone tries to get the closest tower.
If the towers are crowded, you either do not get a line, or you company has some negotiation, so that you can use others network without showing on the bill.
So of it is question of indifference, than it is up to the phone to pick a tower - in that case, the stingray reports itself as closest, and route the call in such a way, that you will never know that you used other network.
Also, when the stingray connects, it must lie about itself by giving the identity of some other known provider.
There is no need for documents, it should be enough to compare connection records of different providers - you might find that there are some fake entries in one database, where two legitimate providers never actually made a connection.
Good luck getting the connection records out from the companies.
old saying: "a troll is a window into the soul of humanity" + also: https://en.wikipedia.org/wiki/Operation_Ajax
(Score: 0) by Anonymous Coward on Friday May 08 2015, @04:08PM
(the comment you were responding to).
"the stingray reports itself as closest"
If the signal is properly encrypted the stingray can't get much useful information from it. Perhaps some metadata like call duration. A relevant question becomes are sender and recipient phone numbers encrypted in transit? If not why not? Encrypting such information would make it more difficult for the feds to acquire it.
I suppose the feds can 'guess' who you're probably talking to and if you're talking to a landline they could insert a bug in between the landline caller and the phone company without the phone companies knowing (since those signals are, AFAIK, unencrypted). In that sense they can collect metadata (if the call durations and times of the cell phone calls match with the person you're tapping and they know you are affiliated with them they can guess that you are probably talking to them) and they can even tap your lines.
Or if the recipient is also on a stingray cell phone tower and they already have a good idea who you're talking to they can match call times and durations across different stingray cell phone towers to guess who's talking to whom.