Eric King: As I understand, the rumors immediately afterwards were that something called MZ-catcher was used. This is a fake mobile phone base station that authorities can use to identify people in the local area then also send text messages afterwards. However, there were reports since then that show secret code orders showing that telecommunications companies themselves were actually involved.
Tacoma police using technology to intercept cellphone data
Wednesday, Aug. 27, 2014 | Posted: 8:16 a.m. Wednesday, Aug. 27, 2014
By Essex Porter
TACOMA, Wash. —
The Tacoma Police Department has reluctantly confirmed that it uses a cellphone tracking device that critics say can invade the privacy of innocent cellphone users.
The device is called a Stingray and it tricks cellphones into giving information to it, instead of a legitimate cellphone tower.
“That's very disturbing to hear,” said Aaron Rumph of Tacoma, cellphone in hand.
“I don't like the idea of anyone being able to look at my phone and see what I'm doing at all, besides myself, without my permission,” Rumph said.
Public records first reported by KIRO-7 news partner The News Tribune, revealed the name of the device, Stingray, acquired from the federal government under a public disclosure agreement.
Those documents also say Tacoma spent $250,000 on “specialized technical equipment,” so some council members didn’t know they were buying a device that could scoop up all cellphone information in a half-mile radius.
“It's like they're kicking down the doors of 50 homes and searching 50 homes because they don't know where the bad guy is," Christopher Soghoian, principal technologist with the American Civil Liberties Union, told The News Tribune.
In a statement, Tacoma police said they had applied for warrants 180 times since June to use the device. And they said it is used to “locate suspects wanted for crimes such as homicide, rape, robbery, kidnapping, and narcotics trafficking.”
They also said, "The technology does not collect content such as voice, text, or data, and does not retain any data or other information."
Police spokeswoman Officer Loretta Cool said the non-disclosure agreement prevented Police Chief Don Ramsdell from answering questions in an interview, despite the department’s confirmation that it owns the cellphone tracking device.
So the department would not explain how the device can be used to prosecute criminal cases if it “does not collect content.”
“We put our privacy out anyways on Facebook and Twitter and Instagram, so I really don't care,” said Tacoma resident Emerald King, a cellphone in her hand.
King was at a bus stop with Cathy Triggs, “I just think if you're doing what you're supposed to be doing and obeying the law you shouldn't have a problem.”
Here is the satement and Q and A from Tacoma police:
Q: Do you have a cell site simulator? How long have you had it?
A: We have had a cell site simulator since 2008 and began using it in 2009.
Q: Why is it important for police to have a tool like this?
A: It is an investigative tool that is valuable to local law enforcement locate suspects wanted for serious felonies to include; homicide, rape, robbery kidnapping, and narcotics trafficking. It is also used to locate missing and/or endangered persons.
Q: How often have you used the cell site simulator to detect or prevent IEDs?
A: We have not used it for those purposes.
Q: How often have you used this device since you got it in 2008?
A: 180 applications since June 2014.
Q: Do you get a warrant each time you use it?
A: Yes
Q: What do you do with the data collected from non-suspects?
A: We do not collect data.
A security researcher showed in a live demo today how he can intercept cell phone calls on 80 percent of the world’s phones with just about $1,500 worth of equipment.
Chris Paget, who also showed yesterday how he can hack into radio frequency identification tags (RFID) from a distance, created a fake cell phone tower, or Global System for Mobile communications (GSM) base station. GSM is the protocol for 80 percent of the world’s phones and is used by T-Mobile and AT&T in the U.S. The demo was not, Paget said, a malicious attack in any way.
Military and intelligence agencies can intercept cell phone calls with their wiretapping technology. But Paget simply wanted to show how vulnerable the cell phone network is and how hackers could intercept calls for a small amount of money. He used a couple of large antennae (pictured with Paget) and a laptop with some other equipment.
Re: Your phone is a gateway for spying on you by anyone - Eric King,data security exp
Mysterious Fake Cell Phone Towers Could Be Intercepting Your Calls
in News / by Brandon Walker / on September 2, 2014 at 8:51 pm /
Mysterious Fake Cell Phone Towers Could Be Intercepting Your Calls
When one company decided to take on data leaks to prove their new cell phone technology was the best, they discovered a great mystery. A series of over 17 fake cell phone towers that are capable of intercepting your cell phone signal have been discovered throughout the United States.
In the wake of the Edward Snowden revelations of the government spying on the US and even being able to turn on your cell phone remotely, companies have started a virtual “arms race” of trying to protect cell phone data from hacking and intrusion. One company was bound to prove their product was the best. ESD America built their new cell phone to look like the Samsung Galaxy and then added their software to remove over 468 vulnerabilities their programmers found in the cell phone technology.
What they discovered was even more alarming.
To show Popular Science just what their technology could do, the company director pointed to a map. He and the customers of the new technology have discovered over 17 fake cell phone towers, known as “interceptors”, found in the month of July, 2014, alone. (The map above is the one they provided the magazine for the month of August.)
Each of these “interceptors” look like ordinary cell phone towers, but they are far from innocent. Once your phone connects to one of these fake towers, they launch a series of attacks on your phone. They can launch anything from listening in on your conversations, to reading your text messages, and even pushing spy-ware programs onto your normally hard to hack cell phone so they can access it remotely in these “over the air” attacks.
“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says. “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip. We even found one at South Point Casino in Las Vegas.” ~Popular Science
While the origin of these towers are a mystery, Goldsmith says he has a pretty good idea of who is trying to spy on some of the most populated areas of the United States.
“What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases. So we begin to wonder – are some of them U.S. government interceptors? Or are some of them Chinese interceptors?” says Goldsmith. “Whose interceptor is it? Who are they, that’s listening to calls around military bases? Is it just the U.S. military, or are they foreign governments doing it? The point is: we don’t really know whose they are.” ~Popular Science
And the cost of setting up these mobile spying bases is not cheap. The technology is not easy to get and has been too challenging a target for your garden variety hacker. The equipment and baseband processor needed come at a price tag that most can not afford. However, some have demonstrated that you can do the remote basic interceptor for a little less then $3,000, but they are not near as sophisticated as these. Could a foreign government really be attacking our communications, or is it our own?
“The baseband processor is one of the more difficult things to get into or even communicate with,” says Mathew Rowley, a senior security consultant at Matasano Security. “[That’s] because my computer doesn’t speak 4G or GSM, and also all those protocols are encrypted. You have to buy special hardware to get in the air and pull down the waves and try to figure out what they mean. It’s just pretty unrealistic for the general community.”
But for governments or other entities able to afford a price tag of “less than $100,000,” says Goldsmith, high-quality interceptors are quite realistic. Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured devices like the VME Dominator, available only to government agencies, can not only capture calls and texts, but even actively control the phone, sending out spoof texts, for example. Edward Snowden revealed that the N.S.A. is capable of an over-the-air attack that tells the phone to fake a shut-down while leaving the microphone running, turning the seemingly deactivated phone into a bug. And various ethical hackers have demonstrated DIY interceptor projects, using a software programmable radio and the open-source base station software package OpenBTS – this creates a basic interceptor for less than $3,000. On August 11, the F.C.C. announced an investigation into the use of interceptors against Americans by foreign intelligence services and criminal gangs. ~Popular Science
While the normal person probably shouldn’t worry about going out and spending $3500 for the new encrypted cell phone, what it found is alarming. While they won’t reveal who their customers are for security reasons, the company sells around 400 cell phones a week, mostly to fortune 500 companies. It does reveal an alarming trend on spying on American Citizens bigger then what was previously thought. Just who is building these things and why they want our information remains a mystery.
Should you worry?
One company that specializes in threat security says it depends.
“There’s this thing in our industry called “threat modeling,” says Day. “One of the things you learn is that you have to have a realistic sense of your adversary. Who is my enemy? What skills does he have? What are my goals in terms of security?”
If you’re not realistically of interest to the U.S. government and you never leave the country, then the CryptoPhone is probably more protection than you need. Goldsmith says he sells a lot of phones to executives who do business in Asia. The aggressive, sophisticated hacking teams working for the People’s Liberation Army have targeted American trade secrets, as well as political dissidents.
Day, who has written a paper about undermining censorship software used by the Chinese government, recommends people in hostile communications environments watch what they say over the phone and buy disposable “burner” phones that can be used briefly and then discarded.
“I’m not bringing anything into China that I’m not willing to throw away on my return trip,” says Day. ~Popular Science
However, according to Goldsmith and Snowden, the burner strategy can get you on a target list faster then your head can spin.
With the new revelation that sovereign citizens, Constitutionalists, militia, Tea-party, and Christians are thought to be more of a threat by the US government then someone wanting to start an Islamic Jihad, according to the FBI Lexicon, then perhaps all normal citizens should be worried why we are being spied upon still.
Law enforcement agencies in dozens of cities and states have suitcase-sized surveillance tools that simulate cellphone towers such as this one and can
track individual cellphones. But the devices can also disrupt emergency calls placed by individuals who are not being monitored. This week, a congress-
sional committee called for legislation to set a national standard for their use. Nati Harnik AP
It’s no secret that state and local law enforcement agencies have grown more militarized in the past decade, with armored personnel carriers, drones and robots.
But one item in their arsenal has been kept largely out of public view, to the dismay of civil liberties advocates who say its use is virtually unregulated – and largely untracked.
The device is a suitcase-size surveillance tool commonly called a StingRay that mimics a cellphone tower, allowing authorities to track individual cellphones in real time. Users of the device, which include scores of law enforcement agencies across the country, sign a non-disclosure agreement when they purchase it, pledging not to divulge its use, even in court cases against defendants the device helped capture.
Those restrictions remain in place despite a decision last year by the police in Charlotte, North Carolina, to disclose to judges more details about the device’s use in criminal cases and laws in several states that require warrants whenever the device is employed.
A report this week by the House Reform and Government Oversight Committee raised new concerns about the devices’ popularity. “Cell-site simulator use inside the United States raises far-reaching issues concerning the use, extent and legality of government surveillance authority,” it said.
The FBI is one of the major users of the device. The House of Representatives report said that agency alone had more than 194 cell-site simulators in use across the country.
Yet even as the federal government has encouraged the use of the simulators, the FBI has demanded that Harris Corp., the defense contractor that manufactures the most commonly used of the devices, provide notification every time it sells a device to law enforcement agencies. In turn, the FBI requires those agencies to sign a non-disclosure agreement that blocks them from telling the public of the purchase or acknowledging the device’s use in court proceedings.
Until recently, the FBI avoided disclosing its own use of the surveillance apparatus and also “its role in assisting state and local law enforcement agencies in obtaining the devices,” the oversight committee report said.
Cell-site simulators were developed for battlefield use, allowing roving infantry teams or airborne units to track the cellphone signatures of enemy combatants and kill them.
Their civilian use has soared, however. In addition to the FBI’s 194 devices, the report found them sprinkled among federal agencies: the U.S. Marshals Service has 70, Immigration and Customs Enforcement has 59 and even the Internal Revenue Service maintains two of the electronic tools in its investigative arsenal.
The House report provided only limited details about the spread of the devices to state and local agencies. But the American Civil Liberties Union tallies 68 agencies in 23 states and the District of Columbia that have StingRay tracking devices. States with broad usage include North Carolina, Florida, Texas and California.
Even small city police departments can obtain StingRays. The police department in Sunrise, Florida, a municipality of 90,000 people northwest of Fort Lauderdale, has two, the House report said.
Much of the federal government won’t talk about use of the StingRays.
“The FBI does not comment on specific tools or techniques,” spokesman Raushaunah Muhammad said.
Harris Corp., headquartered in Melbourne, Florida, was equally reticent: “We are unable to comment for your story,” spokesman Jim Burke said.
Right now, it’s the Wild West for the use of these devices.
- Mike Katz-Lacabe, director of research at the Center for Human Rights and Privacy
“Right now, it’s the Wild West for the use of these devices,” said Mike Katz-Lacabe, director of research at the Center for Human Rights and Privacy, a nonprofit group he founded in San Leandro, California. “We don’t know how often they are used, what they are used for and whether we’d consider such a use acceptable.”
Federal authorities have approved cell-site simulators from two companies. In addition to models of the StingRay by Harris Corp., a second branded device is commonly called a Dirtbox and is made by a Boeing Corp. subsidiary, Digital Receiver Technology Inc. of Germantown, Maryland. The House report said the devices cost between $41,500 and $500,000, depending on their capabilities.
The StingRay typically is mounted in a van and used with a directional antenna. Sometimes police chase the signal of a suspect’s known cellular phone number or go to the suspect’s location and sweep up all unknown signals. All cellphones with power in the area begin communicating with the cell-site simulator, as if it were a legitimate tower.
That is one of the concerns of civil liberties groups, that cellphones unconnected with a law enforcement investigation are also captured by the device. While some cell-site simulators allow 911 emergency calls to pass through to legitimate towers, other calls routinely fail. Should an emergency unfold, cell users in the vicinity probably would find their calls dropped or signals jammed.
“Even if there is a 911 pass-through feature, there are still plenty of other calls that people might want to make,” said Christopher Soghoian, principal technologist at the American Civil Liberties Union. “You might want to call your children’s school. You might want to call your wife or husband.”
Police with little training can use the cell-site simulators and affect all phones in a given area while looking for single individuals, he said. Poor minority communities, where many residents have ditched landlines, are disproportionately affected, he added.
It’s hard to know with certainty how many innocent cellphone users have experienced jamming due to police use of cell-site simulators. Federal restrictions on information about their use prevents collecting such details.
“There are real privacy interests at stake when the government sends probing electronic signals into the homes of innocent people. These devices cannot be used in a way that only enters the home of the target,” Soghoian said.
“This is not a scalpel. It is a shotgun,” he added.
This is not a scalpel. It is a shotgun.
- Christopher Soghoian, principal technologist at the American Civil Liberties Union
In the past decade or so, technologies developed by the intelligence community and military have trickled down to law enforcement, from drones and license plate readers to the armored personnel carriers visible in Ferguson, Missouri, in the 2014 protests over the fatal shooting of a young African-American male by a white police officer.
“I think (cell-site simulators) are definitely part of the police militarization trend,” said Alan Butler, senior counsel for the Electronic Privacy Information Center, a nonprofit public interest research group in Washington that focuses on democratic values in a digital era.
Federal demands that law enforcement not acknowledge the use of the devices in court proceedings has led some police to bend rules about how to use information that is gathered.
“Sometimes they would say in court filings that they had a ‘confidential informant,’ ” Butler said.
Lack of oversight is huge here.
I don’t think it can be overstated.
- Alan Butler, senior counsel for the Electronic Privacy Information Center
A trio of civil rights groups filed a complaint in August with the Federal Communications Commission against the Baltimore Police Department, saying widespread use of the cell-site simulators there had disproportionately affected black communities and disrupted 911 calls.
The House report, which said grants from the Departments of Justice and Homeland Security were widely used to provide state and local agencies with money for the simulators, said police increasingly were using the devices “for everyday crime-fighting activities.”
It cited the lack of a uniform national policy governing the devices’ use, noting that in some jurisdictions the standard for employing cell-site simulators is lower than for obtaining a search warrant. The House report called on Congress to pass a uniform nationwide standard that would require all law enforcement agencies to use “clarity and candor” with courts so that the devices are employed transparently in criminal investigations.
“Lack of oversight is huge here. I don’t think it can be overstated,” said Butler, the lawyer for the Electronic Privacy Information Center.
