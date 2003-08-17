from the beware-of-COWs dept.
Modern cell phones are vulnerable to attacks from rogue cellular transmitters called IMSI-catchers—surveillance devices that can precisely locate mobile phones, eavesdrop on conversations or send spam.
Recent leaks and public records requests have revealed that law enforcement in many U.S. cities have used the surveillance devices to locate suspects or hunt for illegal activity. But despite extensive public debate about their use and privacy implications, little is known about how comprehensively International Mobile Subscriber Identity- (IMSI) catchers—also known as cell-site simulators or Stingrays—are being used by governments, hackers or criminals in any given city.
University of Washington security researchers have developed a new system called SeaGlass to detect anomalies in the cellular landscape that can indicate where and when these surveillance devices are being used. The new system is described in a paper to be published in June 2017 in Proceedings on Privacy Enhancing Technologies.
[...] To catch these IMSI-catchers in the act, SeaGlass uses sensors built from off-the-shelf parts that can be installed in vehicles—ideally ones that drive long hours and to many parts of a city, such as ridesharing vehicles or other fleets. The sensors pick up signals broadcast from the existing cell tower network, which remain fairly constant. Then SeaGlass aggregates that data over time to create a baseline map of "normal" cell tower behavior.
The team from the UW Security and Privacy Research Lab developed algorithms and other methods to detect irregularities in the cellular network that can expose the presence of a simulator. These include a strong signal in an odd spot or at an odd frequency that has never been there before, "temporary" towers that disappear after a short time and signal configurations that are different from what a carrier would normally transmit.
Source: https://m.techxplore.com/news/2017-06-imsi-catchers-seaglass-transparency-cell-surveillance.html#
(Score: 1, Interesting) by Anonymous Coward on Thursday August 03, @04:59PM (3 children)
Hurry up and standardize your sensor build and release some DIY instructions. This is the reason why the TLAs attempted to keep this technology secret. It can be stopped by exactly this! All that wasted money!
Reply to This
(Score: 3, Informative) by frojack on Thursday August 03, @05:31PM (1 child)
There are apps that do this now. Sample [google.com]
No, you are mistaken. I've always had this sig.
Reply to This
Parent
(Score: 2) by Immerman on Thursday August 03, @05:50PM
I was wondering about this - I mean you've already got practically the entire population carrying around cell-tower-signal-detectors in their pockets, why futz with dedicated hardware unless your goal is to play with theory without actually presenting any challenge to the authorities' abuses?
Reply to This
Parent
(Score: 0) by Anonymous Coward on Thursday August 03, @05:33PM
How can it be stopped? Hold up a sign out front of their van or whatever telling people? They'll still probably get the data, just with a small crowd. Which person out of the thousands nearby was being targeted???
If its legal they'll still do this, I guess criminal gangs will sweep their neighborhoods but I doubt this tech will stop LEOs from using stingrays.
Reply to This
Parent
(Score: 0) by Anonymous Coward on Thursday August 03, @05:15PM (2 children)
One of the issues with establishing a "baseline" in security is that everything recorded during the baseline is considered normal.
So this approach may be pretty handy for finding changes over time, but if there's anything shady going on now (and which may have been going on for a long time), this approach won't detect it.
So it's definitely a good thing to do, but as with any heuristic anomaly-detection scheme with a baseline, a huge "your mileage may vary" disclaimer is necessary.
Reply to This
(Score: 3, Interesting) by frojack on Thursday August 03, @05:26PM (1 child)
The Stingrays are portable devices. They aren't installed in on place for long. They are usually vehicle mounted and offer a relatively small coverage area, usually much smaller than a normal cell phone tower's coverage area.
They are usually vehicle mounted, and moved from area to area, seldom in one place for more than a few days - and usually not operating 24/7 when they are deployed.
So even if the stingray was up and running when you did your baseline, it would in all likelihood disappear before baseline was complete. It would pop-up somewhere else.
No, you are mistaken. I've always had this sig.
Reply to This
Parent
(Score: 0) by Anonymous Coward on Thursday August 03, @06:04PM
an rpg would fix that shit.
Reply to This
Parent
(Score: 2) by DeathMonkey on Thursday August 03, @05:53PM
So it's wardriving for Stingrays, essentially...
Reply to This