'Stingray' Phone Tracker Fuels Constitutional Clash

Originally posted by gariac
reply to post by RestingInPieces

 

mac.softpedia.com...

If you have linux, load up kismet. It is a free packet sniffer. You can spot all the wifi activity. If you are setting up a wireless network, you really need to do this. Some networks are stealth (no SSID broadcast). You don't want to interfere with that stealth network, even though the admin was a bit of a jerk by not broadcasting the SSID. [Those Symbol barcode readers are notorious for being stealth.] Some newer routers can fine stealth networks. If you want to do a complete site survey, you need to scan for wireless video too. It is in the same band. If you are doing a commercial set up, you'd probably want to monitor for a few days since some people turn their router on and off.

I sniffed my own packets and found a few security holes in my Blackberry that I fixed. Basically the phone was probing every place I ever used wifi and had saved the configuration. Most phones have this feature. So the phone was spewing out coffee shops and hotels where I had used wifi. Now Starbucks isn't all that unique, but if you pair up your wifi with WAPs that have unqiue SSIDs, then you are revealing your hangouts. [Suppose you save a wifi profile at some unsavory place. Strip club, brothel, Ron Paul for President office, etc.) [Hey, that was a joke.] Computers do this too (windows, mac, even linux) depending on how you save your wifi profiles. It is not a security risk in that you will get hacked, but it does show a bit about your habits, or at least geeky habits.

Windows XP is just the worst at spewing out wifi junk. The classic is "hpsetup".
blog.chron.com...
You see this all the time. In general, the worse thing you can do is connector your wireless device to some random ad hoc network, which is what hpsetup is. I'm not sure if it is a security issue for the person running XP. Blackberry will "see" an ad hoc, but will never pair up with one. The OS blocks it because it is way too risky even if you think you know who the ad hoc network is.
www.airdefense.net...

The iphone will connector to an ad hoc right out of the box. No hacking needed. Android as far as I know needs a bit of hacking to connect to an ad hoc network. Seriously, this is a bad idea.

The iphone doesn't have a battery door to save money. If you ever design some electronic product, cases are just insanely expensive. A slide off door...hey, that will cost you. Same goes for sockets. [No SDHC for apple either.] Some really cheap notebooks solder the memory chips just to avoid buying sockets.

Thanks for that information, but I still don't understand how you figure they can find your location from your MAC address, since MAC addresses are locally significant and don't cross edge routers. They would have to have gotten your MAC address some other way and also know your general geographical area in the first place before they could pinpoint you using a wi-fi positioning method.

reply to post by RestingInPieces


They would have to know your MAC already. Not all that tough if they have been following you before. Hey, Google knows your MAC address thanks to that damn google spy car. ;-) If you have any wifi profiles stored on your phone and don't take precautions (assuming your phone has the needed features), you are chirping your MAC all the time.

This is a slightly altered version of the kismet report of my own phone while it is doing a wifi probe. I wasn't connected at the time. The BSSID is my MAC, all X'd out of course.

Network 7: BSSID xx:xx:xx:xx:xx:xx
Manuf : Rim
First : date/time
Last : date/time
Type : probe
BSSID : xx:xx:xx:xx:xx:xx
Channel : 0
Frequency : 2422 - 1 packets, 0.59%
Frequency : 2427 - 79 packets, 46.75%
Frequency : 2437 - 70 packets, 41.42%
Frequency : 2447 - 18 packets, 10.65%
Frequency : 2452 - 1 packets, 0.59%
Max Seen : 2000
LLC : 169
Data : 0
Crypt : 0
Fragments : 0
Retries : 0
Total : 169
Datasize : 0
Last BSSTS : 0

The question is how did they get your IMEI without a warrant. I assume they had to do surveillance to get that too.

Incidentally, given the law enforcement budgets, certainly at the federal level, they can just buy a GSM test set.
cp.literature.agilent.com...
A test set is probably too complicated for your average cop, but they can be integrated with a PC and the software can dumb things down a bit. Note that all the time congress was placing restrictions on the frequency ranges that scanner could cover, they NEVER stopped anyone from buying a test set. It was assumed the price of a test set was so obscene that this wasn't an issue.

Here is the kismet report from some clown spewing out the old HPSETUP.

Network 8: BSSID xx:xx:xx:xx:xx:xx
Manuf : Unknown
First : date/time
Last : date/time
Type : ad-hoc
BSSID : xx:xx:xx:xx:xx:xx
SSID 1
Type :
Beacon SSID : "hpsetup"
First : date/time
Last : date/time
Max Rate : 11.0
Beacon : 10
Packets : 3134
Encryption : None
Channel : 6
Frequency : 2422 - 23 packets, 0.73%
Frequency : 2427 - 848 packets, 27.06%
Frequency : 2432 - 284 packets, 9.06%
Frequency : 2437 - 879 packets, 28.05%
Frequency : 2442 - 169 packets, 5.39%
Frequency : 2447 - 872 packets, 27.82%
Frequency : 2452 - 58 packets, 1.85%
Frequency : 2457 - 1 packets, 0.03%
Max Seen : 1000
LLC : 3134
Data : 0
Crypt : 0
Fragments : 0
Retries : 0
Total : 3134
Datasize : 0
Last BSSTS : 1860711102

I don't have any "client" lists saved, but kismet will report on every device that is hooked up to your network. Not just computers, but anything wifi, such as printers, TVs, streaming devices, etc. This is true even if your network is encrypted.

If you are really hardcore, Back Track Linux has all these tools integrated into one distribution. You can just hack yourself to see your vulnerabilities. I haven't tried this myself since the learning curve for any of this stuff is steep. Wireless is certainly the biggest security issue for most home users. Everything else takes a physical connection. Remember, the iphone encryption is easily bypass if you have access to the users computer due to well known flaws in the Apple software.

www.backtrack-linux.org...

Simple,
Second or even better 3rd or 4th hand Pay as you go sim card from hopefully a bunch of teens had it first (thousands of txts an week, and data that would not be tracked assine marking by menwith hill and nsa etc already when registered and first "listened to" by the rows and rows and rows and rows of computers under yorkshire listening into to EVERY call made on cells)

Same for phone non android, no gps, old simple phone no internet, leave 3g, of just old school, second third hand phone, bought with cash.

If any details are needed ie to top up card use false name and address originally.

Always top up with cash in local shops not supermarkets, or through the ATM, never use elctronic top ups pay cash get voucher.

Be very aware of not using your actual full name on the phone or any of your friends.

Track me as much as you want have no idea who I am!

However if I was stupid enough to leave it on and bring it home to my bedroom, then log onto the net, well they would know from location (2 metres" and just check all net connections at that address, so some commonsense is needed to, like not making txts calls whilst in view of CCTV as photo recognition.

You can keep it private, is simple but an entire lifestyle.

Oh and they (the computers firstly) do listen to EVERY call EVERY txt Every Fax Every email if you make one in Europe, Arabia, North America, Canada, Australia, North Africa, most of Moscow, Bejinng etc, so to think any differant shows a complete lack or research, knowledge on this subject.

A few friends of mine have not had phones for many years, no bank accounts, no electronic tracking, no online, they are "invisible" or have very very little data on them, if been looked for would be like a black hole for last 10 years or so, and use other means of communicating that is long distance but untrackable.... leave that a secret though for a select few.

You can do this completely but as said properley it is a full lifestyle and impossible to live in the "normal" world as such.

Kind Regards,

Elf

reply to post by MischeviousElf


That's all fine, but that doesn't help here - the goal isn't to just remain anonymous, but to prevent the phone from being located. This Stingray device allows police to pinpoint the phones location, even when turned off. They weren't using it to figure out who you were and weren't even using it to snoop on the data or conversations, just to locate the phone.

All they needed was the number and approximate location, and they were in business. Even "anonymous" phones still connect to cell towers. Maybe the real solution here is to go with a true satellite phone - not the generic cheap ones either that still rely on cell towers before hitting their satellite uplink.

If you go with a Faraday cage, you can only take the phone out when you're mobile. If you need to use a phone when in your home/business you'll have to go with a satellite phone. Or maybe take a page out of "Basement Buggers Bible" and build yourself some landline relays using IR or other "disruptive' old-school tech....

reply to post by Blackmarketeer


I know that.

However this is nothing new any mobile phone provider can triangulate from just normal cell towers not 3g or internet etc to within a room in an house.

They have always had the ability, though granted it had to be turned on.

What I was trying to say was that there is nothing you can do if you are connected to an mobile provider now or in the past to stop them locating the phone.

However if the phone is not linked to "you" or has no "flags" on it, the ability is worthless anyhow.

They need to know who they are looking for or link your activity to actual name for it to be any good for them as such.

Satellite phones are as trackable as the other types.

Any thing which would preclude them being able to locate you would render the phone not operational no matter what type, so its all moot imho anyhow.

Kind Regards,

Elf

reply to post by ForeverDusk


I agree with your statement. But I totally love your avatar.

Just a FYI, plain old GSM is no longer secure. You really should be on a UMTS (AKA 3G network). They broke A5/1 a few years ago, then later A5/3. UMTS is still secure.

But let's not lose sight of the original post. Take a look at this link:
egov.ci.miami.fl.us...

The Stingray not only spoofs your mobile network, but it has direction finding (DF) equipment in it. They are probably getting away with transmitting on bands in which they are not licensed using the so-called law enforcement exception. LEO can use just about any frequency (aviation bands excluded) without a license if they use it at very low power.

The wireless companies could add software to snag this Stingray spoofing. The Stingray is just as unauthorized as any other spoofer out there.

What isn't clear to me about the Stingray is what happens if you actually need to make a call? Does the Stingray route your call through the wireless network? It is one thing to spoof being a cell site, it is another thing to provide service.

Lastly, there are cell site databases on the internet. Google has one. It is possible to know based on your location if your phone is affiliated with the proper tower, i.e. a cell site ID that covers your location.

Two programs that may be of interest.
www.cellumap.com...
f5bbutils.fairview5.com...
There are a few others, especially for Android. For the iphone, well, you are kind of screwed (so what else is new) unless you jailbreak it. Here is a video showing a similar tower sniffer.
www.youtube.com...

Originally posted by Domo1

I certainly see the need for LE to have this kind of technology. Helping track down a very dangerous fugitive or kidnap victim is a noble goal for this kind of tech. On the flip side, I highly doubt there is any oversight whatsoever in using these devices. I had no idea that local Sheriffs office had access to this thing. I'm also a little surprised that there is no warrant needed to use one. They apparently can't listen in on the phone calls, but I have trouble believing that. I am also troubled that they wipe the things before thy have to go to court. Perhaps not as sinister as the FBI's Carnivore, but still...

Just goes to show that all of our technology, the things we think make are life easier are actually making it easier to be oppressed/ spied on by our own government.

online.wsj.com
(visit the link for the full news article)

edit on 23-9-2011 by Domo1 because: (no reason given)

This sort of technology is new to you?
I hate to tell you, but there are worse things.

You can actually readily buy devices and software to track, listen, and view others without their knowing about it.
There is software you can buy that when uploaded to a persons phone, can allow you to listen to their phone calls, track their whereabouts in real time, and even allows you to call their phone and listen in on what's being said in that room(the target phone wont actually ring so they wont know it's happening).

You can even buy tiny GPS trackers that can be hidden absolutely anywhere on someones vehicle.

You think if you delete your text messages from your phone, that they are gone? If someone gets a hold of your SIM card, there are devices that will recover any text messages deleted straight off your sim card.

This is only a small example of what's out there, and this isn't even the scarier stuff that's available.

reply to post by BLV12


SMS is not secure. BBM is secure, though that may be in doubt in India.

If you are not using a blackberry, you can get some security with PGP addons for unsecure smart phones.

Note that it has always been legal without a warrant to have the wireless provider locate the tower that your phone is using. In the old days of bumper beepers, the feds would use the heads-up from the wireless provider to get close to the subject's vehicle, then DF with the bumper beeper. GPS trackers made that more or less obsolete.

The GPS tracker lawsuit in Santa Clara county is either before a judge or close to it.

Remember, the cops can always download your phone with the UFED unless you password protect it. Even then. there are hacks to get around iphones. If your phone is capable of encryption, turn it on.

www.cellebrite.com...

Originally posted by Domo1
reply to post by Blackmarketeer

 

I think you're right. As I understand phones have another battery in addition to the main one. I don't know if there is much you can do to avoid the tracking.

I didn't know that. Two batteries? Where?
SnF

reply to post by Violater1


'm not 100% that there are 2 batteries. If there is an extra one you probably can't get to it.

reply to post by Violater1


Cell phones do not use bridging batteries. Take an old one apart for the hell of it.

apps.fcc.gov...

This above link dates back to when this dubiously legal technology was being tested. This is conclusive proof the devices are not passive (as in a sniffer), but active (as in a spoofed cell site).

Phoenix Global Support, located in Fayetteville NC, now provides training on how to spy on innocent Americans.
www.pgsup.com...

Fayetteville is well known for CIA activity, namely rendition aircraft were based there.

Just thought I would put this here...

link

The state of Florida would rather plea out a defendant than risk violating a non-disclosure agreement with the FBI to reveal how the technology works - since doing so would likely prove it violates Fourth Amendment rights.

link

“No matter how the StingRay is used — to identify, locate or intercept — they always send signals through the walls of homes,” which should trigger a warrant requirement, Soghoian said. “The signals always penetrate a space protected by the Fourth Amendment.”

a reply to: kosmicjack

Stingray probably falls under the FBI's Data Intercept Technology Unit (DITU). Don't ask me how I know lol.

Google FBI and DITU.

Tinfoil everything..