The Next Generation of Cell-Site Simulators is Here. Here’s What We Know.
The Next Generation of Cell-Site Simulators is Here. Here’s What We Know.
www.eff.org
The Next Generation of Cell-Site Simulators is Here. Here’s What We Know.
33 comments
-
-
There is no good use for this but repression. If they need to track someone, there are warrants. Cell companies are very willing to comply.
-
This is crazy and scary. I had no idea a system like that existed.
-
VPN at all times
-
The lower layers all already at least moderately well encrypted, what they're doing here is trying to pull the unencrypted device ID necessary to establish a connection. It's not really what you're sending (though traffic frequency analysis may be included) and more about just figuring out where a particular phone is so they can physically track the user.
-
Nah, encrypted communication.
-
This is the one of the few real things that make VPNs a security tool - security from thugs using a MITM attack on your phone. This is also a reason to avoid SMS messaging and port your number to a VoIP service instead of a direct cellular number, as VoIP traffic would be routed over the encrypted VPN tunnel with everything else instead of through the traditional cell network which is vulnerable to these attacks.
If government agents want to know what you're saying and doing without your consent, you should leave them no choice but to get a warrant and do some actual work.
-
They've had these systems since the 90's. There's a documentary about a guy that got caught from one of these its on Netflix. I forget the name. If I remember I will edit this. He went through an insane amount of court documents and files to uncover LE has been illegally using Stingray systems and other custom made devices in cars for decades. They pinpoint physical location down to the square foot.
Edit: Avoid all networks but 5G if possible, use reputable VPN, VOIP. There are apps the send you notifications if your connected to insecure network types one on Fdroid is 5Gcell. The documentary is called Web of make believe: Death, lies, and the internet. Daniel rigmaiden is the guy who exposed the system. Highly recommend if you wanna learn to watch it.
-
Just here to say thank goodness for the EFF. I support them, and if you live a cushy life like I do and have the money, you should too.
-
Important to the MSP contract is the modification of a Chevrolet Silverado with the CSS system.
-
I don't buy that they don't have direct access to the cell towers themselves
-
As far as I understand, RF is RF. All the truck device needs to do is operate on the same RF frequencies as the tower with the correct data form and handshakes (which I'm sure the cell companies happily provide), and boom, you're connected.
Phones naturally connect to the strongest signal, which will be these things as long as its signal is stronger than the tower, and then the transceiver on the truck connects to the cell tower and is configured to MITM snoop as traffic is passed through the truck device on to the tower and vice versa.
-
-
And this is why if you MUST take your phone somewhere "important", you leave it off until it's needed-- preferably battery disconnected, if your model still allows you access. Location data can blow an alibi just as surely as it can make one.
-
33 comments
What we need is first a way to detect these vehicles. However, that's not enough. We should detect them and then built a publicly available list of all known uses. Its time we get them on a list.
What kind of data does a CSS can collect from a smartphone?
Network traffic