There used to be rules with teeth that cell carriers must be able to locate 911 callers for the operator. Cingular got a tiny fine in 2003, less than their office party spend, but it motivated them (as AT&T) and TMobile to adopt the (expensive) UTDOA technology to comply. Sprint and Verizon did not, staying on A-GPS which has indoor limitations. People kept dying indoors, but meanwhile, the regulations demanding indoor accuracy are still in "proposal" and "study" phases in 2018 .
You can still get fined a little if you drop a BUNCH of 911 calls altogether, but for wireless location, life isn't worth much.
Really? (And yes, I'm aware of many cases of trunk-kidnapping victims saved by phones. The point that everybody had to have something, so carriers and others deployed all this tracking crap, and everybody sure is making a lot of money off of it, but as it turns out, just kidding.) yay?
This is a very common situation.
That data is just not exposed through the particular API needed for 911 operators to access it.
This is damning evidence to what a regulatory captured agency looks like.
Alas, she got 44% of the vote in the primary, so I don't think that'll happen.
I think the only reason they haven't tried to push him out is because they don't want to put him in a position where his ethics will compel him to tell everyone exactly what the intelligence community has been doing.
Wyden generally tries to get the intelligence executives to come out with the truth themselves, but 99% of the time they don't or they mislead the public, and there's little he can do about it.
As a Senator Wyden has complete immunity to blow the whistle on whatever national security intelligence he wants on the Senate floor, but he's too much of a nice guy to do that - unless they force him out with their shenanigans.
It's an odd game-theoretic stalemate.
Along with Wyden, Harris and Heinrich voted against approving the renewal of Section 702, and while Feinstein didn't vote against renewal, she did before that join with Harris and others in supporting an amendment, which was defeated, which would have added a warrant requirement before accessing the contents of American’s communications pulled in in the course of surveillance under 702. So, while Wyden may be the strongest anti-surveillance voice, it is not th case that the rest of the Committee (particularly on the Democratic side) is unilaterally pro-surveillance anti-Wydens.
I'm curious if anyone knows the Washington dirt on this one.
Feinstein has a long history of being aggressively pro-surveillance, far more than basically any other Democrat. (Something to do with having her house bombed and shot at early in her career, perhaps...)
For Congresspeople with awkward positions, it's pretty standard to take the occasional favorable-looking vote on something you know is doomed to fail. So... would Feinstein have known in advance that the 702 amendment was doomed? And, harder to prove, would she have voted differently if it hadn't been?
He's a cromulent fellow, everyone else around him is just a national disgrace.
It's better than that, though. He and Udall have spent years talking about mass surveillance and telecoms abuses as major problems, and made very few friends doing so.
I agree that "in Congress but acting like a decent human" wouldn't be enough, and it frustrates me endlessly that positions like "was mostly against torture most of the time" are somehow laudable when they come out of Congress. But Wyden's access to confidential briefings means he's actually sounded a lot of alarm bells that other people couldn't, and that deserves some recognition.
You're aware he does more than just "trying to understand"?
Maybe beating this drum is worth donations and support today, I seriously hope so, but they deserve serious praise for standing on conscience all that time.
I like how the FCC exists to enforce exactly this kind of thing yet they're doing nothing.
edit: this 2014 article talks about a downgrade attack with the older stingrays, and a "Hailstorm" kind of device that works without 2G but without details: https://arstechnica.com/tech-policy/2014/09/cities-scramble-...
edit 2: It could also be implementation or design flaws, and/or backdoors, in the cellular network, courtesy of network equipment vendors.
Since 3G, there is mandatory mutual authentication [except for emergency calls] with integrity protected management traffic [except for emergency].
The problem is, identification and key agreement require prior set-up of the lower network layers. If a cell station indicates an error during the early stages (i.e., before mutual authentication) of connection establishment in 4G, the smartphone falls back to earlier generations.
Where is the disconnect here?
Stingrays (and presumably other IMSI catchers) don't actually act as a bridge to a legitimate network; they're a terminal connection, and effectively deny service to any devices connected to them. This is the default behavior, and it's how the FBI has claimed they're deployed domestically. The reason they don't cause major outages appears to be that they only accept connections from targeted phones; they could equally easily be used as mobile DoS beacons. And the reason they don't cause targets to abandon their 'broken' phone is that they don't have to run full-time for effective triangulation.
For Stingrays to collect calls, as outlined in your link, is effectively a whole new service on top of the basic behavior. The Stingray continues to be an endpoint for the targeted phone, but also extracts the GSM encryption key on the device. It then opens a new connection to a cell tower, and uses the IMSI and stolen encryption to impersonate the real device. From that point on, its a mitm attack.
So the only way a Stingray transfers calls is for targeted users, while configured in a mode that's supposedly not employed in the US. Harris is claiming they use a variant of this system to pass 911 calls, Wyden is pointing out that it's completely untested and doesn't even claim to support text-to-speech dialing.
(Source: Wikipedia is surprisingly comprehensive, primary source at: https://www.documentcloud.org/documents/1282642-07-08-29-200...)
Criminals are always looking for the next tech that gives them an edge and know immediately when the police can exploit it. Nextel direct connect (which was not interceptable for a long time) and BBM were the big ones of recent memory.
Importantly, you're going to need Apple to support this in the baseband hardware of iPhones to perform tower discrimination (some vendors exist that have proprietary software and/or baseband firmware to perform this functionality on Android).
EDIT: Maybe this could be done with bunnie and snowden's introspection engine? https://www.tjoe.org/pub/direct-radio-introspection
Some, but the vast majority of criminals do not put that much effort into their crimes, and among those that do, most wind up botching things. When criminals gravitate toward a system law enforcement agencies have trouble with it is more survival of the fittest than active planning.
Law enforcement fought to keep stingrays a secret for two reasons: pressure from the manufacturer, and a desire to avoid public scrutiny (which is likely the reason the manufacturer pressured them to keep it secret). The police would greatly prefer that the general public not spend too much time thinking about stingrays to avoid the risk of a stricter warrant process being required. It is also helpful if judges and defense lawyers are not familiar with the device and do not know what questions to ask.
Or OS vendors. crickets
This sounds like a lawsuit waiting to happen, especially now that this information is public. There is some emergency, someone calls 911, help doesn't arrive, victim and relatives sue the police who say "911 call? What 911 call?". Someone finally puts two and two together.
The current emergency responder trunked radio networks are extremely fragile, shitty systems. I have no hope that the transmitter at Columbia Tower in Seattle will be of any use to emergency personnel after a major event. Too few channels available, not enough staff to route and handle the channels we do have either.
Even if just checking IF a cell-phone works for that connection in a given location.
Secondly, it's equipment. Most officers have a cell phone and a radio, which isn't really capable of taking calls from their cell-site simulators. Furthermore, they wouldn't be able to record your call, redirect it to fire or EMT, nor dispatch another officer in another jurisdiction.
Or we’d have to train every single officer to have the right skills all the time for something they’ll almost certainly never use.
Requiring a 911 dispatcher be on hand to field 911 calls intercepted by the stingray would probably work and in many cases it would have the side benefit of involving a person accountable to a different chain of command. Having an outside observer like that could slightly discourage stingray abuse (all use is abuse IMO) depending on how they're used in practice.
Edit: It's interesting to see this bounce between positive an negative votes. Why do people disagree? I don't see why this isn't a reasonable opinion.
Edit2: I think firearm usage is a good parallel to a non-911 operator fielding a 911 call while using a stingray. Cops get a scheduled training/test on weapons usage (monthly,annually or somewhere between) but there's still a chance that the situational details result in poor performance because you're not trained on the edge cases and you can't expect every officer to do everything perfectly. Likewise a 911 operator is a specialist job that most cops can probably do an ok job at in typical cases but the risks of poorly handling an edge cases are high enough to be unacceptable. It's much more practical to have a dedicated 911 operator on the job than it is to tell cops to just not get in situations where they have to draw a gun.
Cops behavior when using firearms isn’t really germane to the training required to handle 911 calls.
Your second paragraph is a good comment. That’s probavly balancing out the downvotes from the first.
I agree with you that would have the effect of discouraging Stingray use (especially since departments like to hide that they get used), but I’m not sure that’s a bad thing.
1) where are you located? (critical)
2) what's your emergency? (optional)
then a police car and fire truck and maybe EMT are dispatched.
That’s off the top of my head. I imagine a trained dispatcher could come up with WAY more.
That's not even close to how a call goes..
It would defeat the intent of police/Executive Branch to defraud and deceive Judicial oversight over the usage of the devices and their implication of illegality in the face of the Constitution of the United States of America
I am sure there are some legal loop holes out there that is why the government can use the CSS.
Leaves the question what happens when they move or turn off the stingray.
The only reason to go through such expensive regulatory certifications is that you believe you have a legal obligation to.
The last I heard that the FCC authorization was only for use in emergency situations. If that is still the case then law enforcement has not been allowed to use these technologies in the way they actually do.
Law enforcement has been doing off the books surveillance pretty much forever. It isn't likely they are going to suddenly stop. The article has it right, this is entirely a technical problem at heart...
> Harris Corporation claims that they have the ability to detect and deliver calls to 911, but they admit that this feature hasn’t been tested.
The fact that the feature isn't tested is a serious concern, and should be addressed, but this headline is completely inaccurate, frankly dishonest, and reduces my faith in the EFF.
I understand where the EFF is coming from, and for the most part believe in their causes, but this sort of willfully dishonest headline just serves to reduce credibility. In the future when I see EFF articles with dramatic headlines I'm going to assume they're probably not what they seem and be less likely to read the article.
Fans of he EFF will forgive these sorts of inaccuracies. Skeptics will not - this sort of article just serves to drive reasonable but undecided people away from your cause.
Stingrays by their very nature interfere with other users.
There are many "social layers" - arguably more than the four Indian castes. They are treated very differently by everyone, including the legal system.
I think the reason you cannot fathom seasoned criminals not using encryption is that you are not a seasoned criminal.
(In the process, letting criminals go free, because the evidence will eventually be invalidated.)
Or, more probably, locking up innocent people.
Are you saying there are mad dog vigilantes out there who you would like to know everything about you?
I'm 100% certain that I don't want bloodthirsty vigilantes knowing anything about me or any of my family. Frankly, it's just principle for me, so I'll be honest, I don't even want the government to have the ability to track me.
>Moreover, while the company claims its cell-site simulators include a feature that detects and permits the delivery of emergency calls to 9-1-1, its officials admitted to my office that this feature has not been independently tested as part of the Federal Communication Commission’s certification process, nor were they able to confirm this feature is capable of detecting and passing-through 9-1-1 emergency communications made by people who are deaf, hard of hearing, or speech disabled using Real-Time Text technology.
From a legal perspective, not certified means the feature doesn’t exist. So it is technically an accurate statement.
I guess almost all of the software developers here have never really built any features then. Imagine that, all that code and the features “don’t exist”. I didn’t realize the law had such ontological power. Not certified means not certified. Not believing you have a legal obligation to get certified is a great reason to avoid that expensive and bureaucratic process.
As an example, If you’re providing services to the government or other organization that include encryption, you must use FIPS 140-2 validated crypto. If you fail to do so, and something happens (where something ranges from audit to breach) from a legal perspective, it’s not encrypted. This is true even if you used equal or better tools to encrypt the data.