• Government Can Kill Cell Service During “Emergencies”

    April 24, 2015 // 6 Comments »

    bars

    The government can kill all cell service in a designated area of its choice during “emergencies,” and does not want to disclose any details about how or when they might employ this.

    Implications for the First Amendment are made clear by one known local use — San Francisco’s Bay Area Rapid Transit System disabled service to quell protests in four downtown San Francisco stations over the fatal shooting of Charles Blair Hill by police.



    Standing Operating Procedure 303

    The Department of Homeland Security came up with the Federal-level plan — known as Standing Operating Procedure 303 — after cellular phones were used to detonate explosives targeting the London public transportation system in 2005. Unbeknownst at the time to the public, the government shut down cell service in various locations in New York City, primarily around tunnels to and from Manhattan.

    SOP 303 spells out a “unified voluntary process for the orderly shut-down and restoration of wireless services during critical emergencies such as the threat of radio-activated improvised explosive devices.” Since the details of SOP 303 remain secret, no one is certain when or how it might be invoked.



    FOIA Lawsuits

    The U.S. Court of Appeals for the District of Columbia Circuit in February sided with the government and ruled that the policy did not need to be disclosed under a Freedom of Information Act (FOIA) request from the Electronic Privacy Information Center (EPIC.) The court agreed with the government’s citation of a FOIA exemption that precludes disclosure if doing so “could reasonably be expected to endanger the life or physical safety of any individual.”

    EPIC asked the court to revisit its ruling. On April 10, the court ordered the government to respond, a move that suggests the appellate court might rehear the case.

    EPIC originally asked for the document in 2011 in the wake of the shut down of mobile phone service in the San Francisco Bay Area subway system during a protest. The government withheld the information, EPIC sued and won, but the government then appealed and prevailed.

    Who Decides When to Kill the Network?

    Under the direction of the so-called National Security Telecommunications Advisory Committee, SOP 303 allows for the shutting down of wireless networks “within a localized area, such as a tunnel or bridge, and within an entire metropolitan area.” That Advisory Committee is a Reagan-era, presidentially-appointed body composed of up to 30 senior executive-level representatives from communications, information technology, banking, and aerospace companies.

    Since SOP 303 is not a law, it cannot be enforced. However, the telecoms have agreed to cut off cell service voluntarily whenever the Federal government requests SOP 303 be invoked.

    The process of shutting down the cell service goes through the National Coordinating Center for Telecommunications (NCC), a coordination body set up by Ronald Reagan in 1984. The NCC, which includes representatives from the Central Intelligence Agency, Federal Emergency Management Agency, National Security Agency, every important cabinet department, and a few dozen big telecommunications and defense companies, takes shutdown requests from state and national Homeland Security officials, verifies whether they are “necessary,” and passes those requests on to wireless carriers in the affected areas.



    First Amendment Questions

    Because cutting off communications imposes a prior restraint on speech, it’s unclear whether SOP 303 is constitutional, and of course the specifics of the agreement are secret and the limits of government authority in this area have never been tested in court.

    According to Eva Galperin of the Electronic Frontier Foundation, governments in places like China regularly shut down cellphone service to quell protests. “They did it in Egypt as well,” she explained, during the protests that deposed former Egyptian president Hosni Mubarak.

    The exact decision-making process in the United States is classified. But you’ll know when it happens — check your phone for bars.




    Related Articles:




    Copyright © 2019. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Facebooktwitterredditpinterestlinkedin

    Posted in Democracy, NSA

    Mysterious Phony Cell Towers: Who is Spying on You Now?

    September 4, 2014 // 7 Comments »




    A security researcher identified multiple “fake” cell phone towers around the United States, many near military bases, designed to intercept calls and texts without your knowledge, and to potentially inject spyware into your phone by defeating built-in encryption.

    The researcher has located a number of towers; what he can’t figure out is who built them and who controls them.

    Tech

    The basics of the technology are pretty clear: your cell phone is always trying to electronically latch-on to three cell towers. Three means the network can triangulate your phone’s location, and pass you off from one set of towers to the next tower in line as you move around. The phone obviously looks for the strongest tower signal to get you the best reception, those bars. The fake towers, called Interceptors, jump into this dance and hijack your signal for whatever purpose the tower owner would like. The Interceptors then transparently pass your signal on to a real tower so you can complete your call, and you don’t know anything happened.

    Because phones use various types of encryption, the Interceptors need to get around that. There are likely complex methods, but why not go old-school and save some time and money? The towers do that by dropping your modern-day 4G or 3G signal, and substituting a near-obsolete 2G signal, which is not encrypted. That is one way researchers can find the Interceptor towers, by identifying a phone using a 2G signal when it should be 4G or 3G.

    More Tech

    Want more tech? Popular Science magazine has it:

    Whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor. The baseband processor functions as a communications middleman between the phone’s main O.S. and the cell towers. And because chip manufacturers jealously guard details about the baseband O.S., it has been too challenging a target for garden-variety hackers.

    But for governments or other entities able to afford a price tag of $100,000, high-quality interceptors are quite realistic. Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured devices like the VME Dominator, available only to government agencies, not only capture calls and texts, but actively control the phone, sending out spoof texts, for example. Edward Snowden revealed the NSA is capable of an over-the-air attack that tells the phone to fake a shut-down while leaving the microphone running, turning the seemingly deactivated phone into a bug. And various ethical hackers have demonstrated DIY interceptor projects that work well-enough for less than $3,000.

    Those VME Dominators are quite a piece of electronics. In addition to ho-hum listening in, they allow for voice manipulation, up or down channel blocking, text intercept and modification, calling and sending texts on behalf of the user, and directional finding of a user. The VME Dominator, its manufacturer Meganet claims, “is far superior to passive systems.”


    Stingray

    Police departments around the U.S. have been using such tech to spy on, well, everyone with a cell phone. The cops’ devices are called Stingrays, and work off the same 4G-to-2G exploit mentioned above.

    The tech does not require a phone’s GPS and was first deployed against America’s enemies in Iraq. Then it came home.

    Also available is a version of Stingray that can be worn by a single person like a vest.

    Because the antiquated 2G network in the U.S. is due to be retired soon, the Department of Homeland Security is issuing grants to local police agencies to obtain a new, state-of-the-art cell phone tracking system called Hailstorm. The key advantage is Hailstorm will work natively with 4G, rendering current layperson detection methods ineffectual.


    Who is Spying On You Now?

    The technology is important, but not the real story here. The real question is: who owns those Interceptor towers and who is spying on you?

    Is it:

    — The NSA? A likely culprit. While post-Patriot Act the NSA can simply dial up your cell provider (Verizon, ATT, etc.) and ask for whatever they want, the towers might be left-overs from an earlier time. The towers do have the advantage of being able to inject spyware. But their biggest advantage is that they bypass the carriers, which keeps the spying much more secret. It also keeps the spying outside any future court systems that might seek to rein in the spooks.

    — Local law enforcement? Maybe, but the national placement of the towers, and their proximity in many cases to military bases, smells Federal.

    — DEA or FBI? Also likely. Towers could be established in specific locations for specific investigations, hence the less-than-nationwide coverage. One tower was found at a Vegas casino. While the NSA shares information with both the DEA and the FBI, what self-respecting law enforcement agency wouldn’t want its own independent capability?

    — The military? Another maybe. The military might want the towers to keep a personal eye on the area around their bases, or to spy on their own personnel to ensure they are not on the phone to Moscow or Beijing.

    — Private business? Unlikely, but the towers could be testbeds for new technology to be sold to the government, or perhaps some sort of industrial spying.

    The mystery remains!



    Related Articles:




    Copyright © 2019. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Facebooktwitterredditpinterestlinkedin

    Posted in Democracy, NSA

    Stung: Government Disappears Stingray Spying Records

    July 14, 2014 // 3 Comments »




    We’ve heard variations on the phrase “If you have nothing to hide, you have nothing to fear” from the government for quite some time. It appears this may be true, at least if you are the government.

    In the case of Stingray, a cell phone spying device used against Americans, the government does have something to hide and they fear the release of more information. Meanwhile, the Fourth Amendment weeps quietly in the corner.

    Stingray

    Cell phone technology is very useful to the cops to locate you and to track your movements. In addition to whatever as-yet undisclosed things the NSA may be up to on its own, the FBI acknowledges a device called Stingray to create electronic, “fake,” cell phone towers and track people via their phones in the U.S. without their knowledge. The tech does not require a phone’s GPS. This technology was first known to have been deployed against America’s enemies in Iraq, and it has come home to be used against a new enemy– you.

    Stingray, also known as an International Mobile Subscriber Identity, or IMSI, catcher, works like this. The cell network is designed around triangulation and whenever possible your phone is in constant contact with at least three towers. As you move, one tower “hands off” your signal to the next one in your line of motion. Stingray electronically inserts itself into this process as if it was a (fake; “spoofed”) cell tower itself to grab location data before passing your legitimate signal back to the real cell network. The handoffs in and out of Stingray are invisible to you. Stingrays also “inadvertently” scoop up the cell phone data of anyone within several kilometers of the designated target person. Though typically used to collect location metadata, Stingray can also capture conversations, texts and mobile web use if needed.

    Stingray offers some unique advantages to a national security state: it bypasses the phone company entirely, which is handy if laws change and phone companies no longer must cooperate with the government, or simply if the cops don’t want the phone company or anyone else to know they’re snooping.

    This has led the Electronic Frontier Foundation (EFF) to warn “A Stingray— which could potentially be beamed into all the houses in one neighborhood looking for a particular signal— is the digital version of the pre-Revolutionary war practice of British soldiers going door-to-door, searching Americans’ homes without rationale or suspicion, let alone judicial approval… [Stingray is ] the biggest technological threat to cell phone privacy.”


    Trying to Learn about Stingray

    Learning how Stingray works is difficult.

    The Electronic Privacy Information Center filed a FOIA request for more information on Stingrays, but the FBI is sitting on 25,000 pages of documents explaining the device that it won’t release.

    The device itself is made by the Harris Corporation. Harris makes electronics for commercial use and is a significant defense contractor. For Stingray, available only to law enforcement agencies, Harris requires a non-disclosure agreement that police departments around the country have been signing for years explicitly prohibiting them from telling anyone, including other government bodies, about their use of the equipment “without the prior written consent of Harris.”

    A price list of Harris’ spying technology, along with limited technical details, was leaked online, but that’s about all we know.

    Though the non-disclosure agreement includes an exception for “judicially mandated disclosures,” there are no mechanisms for judges even to learn that the equipment was used at all, thus cutting off any possibility they could know enough demand disclosure. In at least one case in Florida, a police department revealed that it had decided not to seek a warrant to use the technology explicitly to avoid telling a judge about the equipment. It subsequently kept the information hidden from the defendant as well. The agreement with Harris goes further to require law enforcement to notify Harris any time journalists or anyone else files a public records request to obtain information about Stingray and also demands the police department assist Harris in deciding what information to release.



    Something to Hide

    An evolving situation in Florida shows how hard the government is working to keep the details of its Stingray spying on Americans secret.

    The ACLU originally sought Stingray records in Sarasota, Florida after they learned a detective there obtained permission to use the device simply by filing an application with a local court, instead of obtaining a probable-cause warrant as once was required by the Fourth Amendment of the Constitution. It became clear that the Sarasota police had additionally used Stingray at least 200 times since 2010 without even the minimal step of even notifying a judge. In line with the non-disclosure agreement, very rarely were arrested persons advised that Stingray data was used to locate and prosecute them.

    The ACLU, which earlier in 2014 filed a Florida state-level FOIA-type request with the Sarasota police department for information detailing its use of Stingray, had an appointment with the local cops to review documents. The local police agreed to the review. However, the June 2014 morning of the ACLU’s appointment, U.S. Marshals arrived ahead of them and physically took possession of the files. The Marshals barred the Sarasota police from releasing them. The rationale used by the federal government was that having quickly deputized a Sarasota cop, all Sarasota records became federal property.

    “This is consistent with what we’ve seen around the country with federal agencies trying to meddle with public requests for Stingray information,” an ACLU spokesperson said, noting that federal authorities have in other cases invoked the Homeland Security Act to prevent the release of such records. “The feds are working very hard to block any release of this information to the public.”

    A Court Says the Feds Can Hide the Records

    Following the feds’ seizure of the Stingray records, the ACLU filed an emergency motion with a Florida court that would require Sarasota to make its Stingray records available. However, in a decision issued June 17, 2014, a Florida state circuit court judge found that his court lacked jurisdiction over a federal agency, allowing the transfer of the Stingray documents to the feds and de facto blocking their release.

    The ACLU plans further appeals. Unless and until they succeed, details of another way of spying on Americans will remain secret. The government does indeed have something to hide.



    Related Articles:




    Copyright © 2019. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Facebooktwitterredditpinterestlinkedin

    Posted in Democracy, NSA