
DHS Confirms Presence of Cell-Site Simulators in U.S. Capital - ivanleoncz
https://www.eff.org/deeplinks/2018/04/dhs-confirms-presence-cell-site-simulators-us-capitol
======
drawkbox
> _Law enforcement and the intelligence community would surely agree that
> these technologies are dangerous in the wrong hands, but there is no way to
> stop criminals and terrorists from using these technologies without also
> closing the same security flaws that law enforcement uses. Unlike criminals
> however, law enforcement can still obtain search warrants and work directly
> with the phone companies to get subscribers ' location, so they would not
> lose any capabilities if the vulnerabilities CSSs rely on were fixed._

Oh law enforcement might have to begrudgingly go back to warrants as described
in the 4th amendment? That would be horrible for authority overreach.

Besides the trampling of your 4th amendment rights and warrantless searches,
this is another example of backdoors/holes/trapdoors that exist for 'security'
being abused and eventually the bad actors get it.

Going with security that is backdoored or vulnerable just so 'good' actors can
get in when needed is another level of trust that can be abused and will be
seeked out by bad actors, even wolves in sheeps clothing within the good guys.

We have world class security systems, yet plenty of keys under rocks in the
backyard.

It is basically leaving your window open on vacation and putting a note that
says, _only Sally the neighbor can come in through the window, please_ (Sally
being the gov't or 'good' guys). Guess what, Sally won't be the only one
coming in.

------
ohazi
So either the secret service (or similar) is monitoring the area, but DHS
doesn't know about it and just blew their cover, or foreign spies are
hoovering up intelligence and blackmail material on top officials and whoever
is talking to them.

Either way, how are heads not rolling for this?

~~~
gesman
If you have to ask, you're not authorized to know :)

~~~
Latteland
This story was all over. I think it is a lot like google being forced to not
show clear pictures of us military bases or the white house (or lower
resolution pics). Russia has them, China has them. Only the american people
don't have them, and low grade terrorists maybe don't have them. But I'm in
the american people group, and I am questioning how much security protection
they get from this. I think things like access to these kinds of devices only
for the "official govt" plus dozens of external actors really just keeps
americans in the dark.

~~~
cinquemb
> _Only the american people don 't have them, and low grade terrorists maybe
> don't have them._

The data is out there, just gotta know who to scrape/exfil data from…

> _and I am questioning how much security protection they get from this._

Security? Maybe financial security by spending tax and money acquired from
selling T-notes/bonds on their friends def contractor firms they'll work at in
a couple of years.

------
ohiovr
Why can't they find these illegal stingrays with the following technique:

Install a small network node at each legitimate tower that can only be seen on
that tower but is always accessed the same way in secret. Only a receiver on
that tower can connect to that network segment (similar to how I can connect
to computers on my lan, but the firewall prevents others from doing the same
outside of it. This will identify positives. We can ignore that in the site
survey. Then after a dc wide survey has been complete we can identify all the
towers that don't have this official network identifier, triangulate them
using known techniques and then shut them down or prosecute?

------
ivanleoncz
This kind of technology, used by the government without serious restrictions,
it's pretty bad and the article describes by itself, situations where it was
"not exactly used" to solve crimes, but for monitoring data traffic of
cellphones used by people engaged in protests.

However, what scares me the most, is the possibility of such technology
falling in the hands of those who are playing dirty 100% of the time, against
the society (criminals, mafia, gangs, drug lords, kidnappers, terrorists,
etc.).

------
solarkraft
> So far, mobile providers, the FCC, and members of Congress have been
> reticent to address the issue

I don't know about the US, but where I live interfering with radio equipment
or any other public infrastructure is _extremely_ illegal.

How are there no processes to deal with this, find the attacker, get them? At
least remove the stations, maybe find out who's behind them?

It's astonishing.

~~~
jlgaddis
Yep, it's quite illegal in the US as well.

The FCC certainly has the equipment and know-how to locate these devices. It
almost makes me wonder if they haven't been told (by another agency) to simply
ignore them.

