They say you can tell a lot about a woman by what’s in her purse. More generally, you can tell a lot about any person by what they always carry. In my case, I never leave the house without my keys, my wallet, and my cellphone. The keys are pretty self-explanatory – I’ve never left home without planning to get back in later – and my wallet is there so I can buy lunch. My phone, though, seems to just tag along to cause stress. Powered on, but idle, I wonder why it uses so much more battery than, say, a tablet. A partial answer to that question is that, several times per minute, my phone sends a small message to the cell tower1. Much as I would love better battery life, this makes sense. Without that “ping” to the cell tower, my phone would have no way to know of, for example, incoming text messages.
Unfortunately, the procedure a cellphone uses to connect to the tower is completely unauthenticated, meaning so-named Man-in-the-Middle (MITM)2 attacks are relatively easy to carry out. The basic idea of a MITM attack is very simple: Say I tell you I am someone I am not. For example, a police officer. You would probably want to see some identification for me to prove it. Many software systems do not ask for this identification, meaning they will just send data to anyone who asks for it.
Not this kind of Stingray…
(Source: http://eskipaper.com/stingray-4.html)
This is bad for two reasons: First, whoever owns the Stingray can record calls, (SMS/MMS) messages, and any unencrypted data. Secondly, your phone can be requested to send triangulation data about other cell towers in range, making it possible to track location with very good accuracy in real-time3.
Neither of these things sound great for privacy but, as we’ve
already talked about in class, we aren’t too uncomfortable when
such aggressive tracking is used in a criminal case. Of course, this
is where everything starts to get messy. The first problem is that
these Stingrays are often used without a warrant1, despite
having precedent from other cases that real-time tracking amounts to
a fourth-amendment search, and thus requires a warrant4.
Added to this is that in cases where Stingrays are used, law
enforcement often tries to conceal that fact, even going so far as to
drop cases when they would potentially be forced to reveal the use of
a Stingray.
The second privacy problem is that everybody’s
cellphone within the Stingray’s range of operation is intercepted.
This is by necessity – the way a Stingray works means it’s not
possible to target an individual phone – but that doesn’t make it
any less of an invasion of privacy. When court orders do authorize
the use of Stingrays, there is often very little mention of what
happens to the “collateral” data collected5.
It may be immediately deleted, but it could also all be shoveled into
some database. Given the secrecy surrounding law enforcement’s use
of such devices, we have no real reason to choose one over the other.
However, as the NSA was willing to collect massive amounts of data
about American’s phone calls under the Patriot Act, it wouldn’t
be unreasonable to believe that they collect and store information
gathered by stingrays from unknowning citizens.
However, the
worst news is yet to come. Although it would be, at best,
questionably legal to own such a device, they are relatively easy to
build and are available for purchase outside of the US6.
This means that, quite aside from law-enforcement, it isn’t beyond
belief that other individuals or organizations have the capability to
perform mass surveillance by use of cell site simulators.
Given that, what can you do to protect yourself? Unfortunately, very little. The obvious answer is to switch your phone off and remove the battery. This is foolproof but impractical. Alternately, you could write to your cellphone provider and complain that they need to upgrade their security. This is not likely to be effective because it would cost the company money and because they would most likely have to retain the older, insecure system for backwards-compatibility.
Given the vast amounts of data it is possible to obtain using a Stingray, including live location information and calls, messages, and data, I think it is clear that law enforcement should require a warrant before using a Stingray, keeping in mind a plan for what to do with “collateral” data. However, this does not address the privacy concern that anyone can build a cell-site-simulator for $5007. Though a warrant should definitely be required to use this technology, the real problem is that cellular authentication and encryption are both totally broken and ought to be upgraded.
1https://www.eff.org/deeplinks/2012/10/stingrays-biggest-unknown-technological-threat-cell-phone-privacy
2Personal knowledge supported by https://en.wikipedia.org/wiki/IMSI-catcher
3https://www.eff.org/sls/tech/cell-site-simulators/faq#faq-What-data-can-a-cell-site-simulator-collect?-
4https://www.eff.org/deeplinks/2016/04/eff-and-aclu-expose-governments-secret-stingray-use-wisconsin-case
5https://www.eff.org/sls/tech/cell-site-simulators/faq#faq-If-I%E2%80%99m-not-a-target-of-a-criminal-investigation,-why-do-I-have-to-worry-about-cell-site-simulators?
I can see how a stingray system would be beneficial in a criminal investigation. However, I believe a warrant should be issued (directly stating what they are looking for, the means, and the system(s) they will be using). The stingray system can trespass upon a person's home. Like the thermal camera case Professor Dryer mentioned earlier in the semester, if this system is directed at a person's home, it is infringing upon their privacy. A person has a reasonable expectation of privacy in their home. The ability to search whole neighborhoods and know who is located where is an infringement of basic privacy rights and should be considered when deciding whether or not to use these systems.
ReplyDeleteI agree with Kali, the stingray system could potentially stop many criminals and aid law enforcement in investigations but there should be some type of regulatory plan to keep this technology out of the wrong hands. Stingrays allow the user to access very sensitive information about a person, and I think a warrant should be required. You can't just walk into someone's home looking for something without a warrant, why should you be able to go through someone's phone data without permission? Any information can potentially be incriminating in the right context so the person should understand why someone else wants to know something about them.
ReplyDeleteI think that there should be strong regulation of the use of this stingray technology. It seems like it could be very helpful in some situations of law enforcement. However, the technology seems too powerful to not be well regulated. I agree with Simon that law enforcement should be required to have a warrant to use the stingray system. I think that law enforcement should be required to delete any extra information that is captured besides that from the phone that is being tracked. I don't really know how to make sure that cell phone companies will upgrade their security/authentication practices. I guess maybe if enough people care, the phone companies might change, but that might only be if they would lose enough business if they didn't.
ReplyDeleteThis is really interesting and I agree that you should need a warrant to do anything with a stingray. I knew that law enforcement could track phones but I didn't know that it was so easily accessible to others in the community. I am also shocked that you don't need a warrant to use one. The regulations for what requires a warrant may be hard to define because of the mass amount of data collected. I think that any information gathered that was not used to help the case or whatever the law enforcement needs it for should be deleted. There is no reason that the government should have access to the private information that I keep on my phone.
ReplyDeleteTo be clear, I don't believe the government has access to information stored on the phone (Photos, Message, etc.) beyond what it sends as part of communicating with the tower (The phone's unique identifiers, and, apparently, location information...). However, information not stored on the phone (Photos downloaded, messages sent/received, websites visited & potentially website contents) are all susceptible to interception.
DeleteGiven that so much of our personal information is increasingly stored and transferred via cloud computing, rather than kept on the phone itself, it seems that Stingrays could get access to much more information than originally imagined.
DeleteGood clarification, Simon, noting that a Stingray does not access information stored on one's phone, but it is not accurate that a Stingray accesses photos, websites visited, etc. We will discuss and clarify this in class on Monday.
DeleteIt sounds like cell phone companies are way too vulnerable, considering how much personal information we pour into our devices everyday. I know that people will always be able to find their way around any security they set up, but I think that it is the phone companies' responsibility to at least attempt to secure all their customers' data. Phone companies should be required to create a more extensive security system. Stingrays should only be used for law enforcement when given an explicit warrant to do so. Law enforcers should only be able to see the suspect's phone information when they implement the Stingray. I know those are a lot of big statements, but I feel like most cell phone users would agree if they were aware of just how easy it is for Stingrays to compromise their privacy with security and policies as flexible as they are now. I think it could really be to a phone company's advantage if they were to educate the public about Stingrays and explain to the public how their newly drafted security policy could protect them from such invasions.
ReplyDeleteIt is the unfortunate state of many technologies that have been around for awhile that they are either not secure because they were not designed to be secure (the Internet in the 1980s was a much more friendly place) or because there was a flaw in the design. In this case, there is a mix of both, in that cellphones are susceptible to a MITM attack, which I imagine was just not considered, but GSM (T-Mobile & AT&T) phones encrypt their traffic. It just happens that the encryption is totally broken vs. modern attacks.
DeleteI agree that the use of stingrays should be extremely regulated, with their use being allowed only under a warrant. But given that they can pull in data from anyone else's phone in the vicinity of the person being tracked, there also need to be regulations on the storage and usage of that information, such as requiring any extraneous information to be automatically deleted. The fact that our data can be so easily compromised and anyone can do it for a relatively cheap price also doesn't bode well for peace of mind. Cell phone companies should do more to protect customers' data, but in the meantime, we are stuck with the possible effects of our data being stolen.
ReplyDeleteI agree that law enforcement should have more restrictions (warrants) when using this technology, and have the requirement to delete collateral data (immediately or possibly after a period of time depending on relevance to a crime). This technology should not be allowed outside of regulated law-enforcement use. Overall an increase in security with cell phones would be ideal.
ReplyDeleteIt seems like the information about Stingrays is suppressed well enough to prevent much of a reaction over the privacy infringements they cause. People only tend to act out against these governmental privacy violations when there is some kind of big outrage, and even that only lasts while the issue is able to hold the mob’s attention. Nowadays much more personal information is passed through the internet and text messaging than by calls and if people don’t think that Stingrays are used to monitor citizens then they are naïve. Not to be a conspiracy nut, but it is common sense that for every NSA privacy violation we are informed about, there are probably dozens of other successful projects that haven’t been leaked. The only thing we can do to prevent government inspection is to ensure that third parties like cell phone companies encrypt their data and secure their keys.
ReplyDeleteWell written, Simon. I agree that it would put our minds more at ease if a warrant were to be required before using a Stingray in a criminal investigation. However, it would make some of the possibly useful information collected by stingrays before the warrant was issued invalid. Also, I think it's safe to say your post (and most of these) raise a lot more concerns than they answer. It is a bit of a burden to know this information about possible surveillance, truth be told.
ReplyDeleteOne thing I would like to know is if there is an advantage to using stingrays by the law enforcement agencies in criminal investigations that cannot be achieved through the use of cell towers alone. Is it just the accuracy of the location, or the actual recording of texts and calls that make these devices unavoidable in criminal investigations? Or are they unneeded?
p.s. The University Model European Union team says hi from Seattle!
Because anyone with the correct knowledge or resources could build one of these "stingrays," I think that the only effective remedy may be to require all cell phone providers to encrypt all data that is sent automatically to their towers. Then, criminal investigators would be forced to go through the cell phone company to obtain data, which these companies would not give without a valid warrant. By creating and enforcing this new standard, I think that the issue of stingrays would be greatly decreased.
ReplyDeleteI think the use of Stingray technology should be more strictly curtailed. If you see phone privacy as analogous to home privacy or mail privacy, it becomes clear where the level of invasion becomes too much. As others have said, invading the information on a phone is like opening and reading someone's mail or entering a home and looking around without a permit; although I would liken it more to the use of thermal imaging and magnified listening devices used on homes in the movie "V for Vendetta." On the other hand, I think it is more reasonable to confine the scope of surveillance to only making note of how many calls/messages are being sent out and to whom. I liken that to keeping watch on a house to see who enters and leaves a house and when, or the volume and frequency of mail being sent to someone from individuals without looking at its contents. Due to the nature of the technology, however, I don't think it is reasonable to expect agencies that use Stingray tech to limit their depth of investigation unless there is some legal enforcement which I don't see happening. Even then, the fact that people can buy their own Stingray for $500 means that there is no way to stop them from using the tech to its full capabilities. Once a door is opened anyone can walk through it. Since cell phone companies cannot be held responsible for the security of their patrons' information it looks like it falls on the individual to make sure their information is secure. If I was really paranoid about someone eavesdropping on me I would use a VPN and make all my phone communication through the internet by using messaging apps like Skype or Facebook for messages or calls.
ReplyDeleteI think the most disturbing thing about Stingray attacks is the fact that there is "collateral" data that is being gathered, due to the fact that it serves as a middle man to cell towers and collect data from multiple phones. Given that there isn't really any incentive not to do this, and that the Patriot Act gives the NSA legal leeway to work with here, it's unlikely that they wouldn't do this given the opportunity. It differentiates it from other means of surveillance that we have discussed, in that even if we recognize that there are cases where there are security interests that override privacy ones and a Stingray might be an acceptable course of action, there is still an ever-present risk of someone having their privacy unduly violated.
ReplyDeleteI watched a TED talk recently that posed a rather persuasive argument against monitoring trivial communication mediums like phone and email. What terrorist would plan anything that needed to be secret in such an obvious place? It's far more likely that communication would occur where nobody is expecting it, like in Club Penguin's virtual chat room, where nobody is going to look until it's too late. Use of these sorts of Stingrays, then, is only effective in catching the dumbest criminals, or--as is more likely the case--monitoring the public. This is something our cellphone providers should take very seriously, and as consumers we should make it clear how important it is to encrypt our data end to end.
ReplyDeleteI agree with you, Simon, in that a warrant should be required for using a sting-ray. Law enforcement should be monitored more closely to determine that they are indeed only using sting-rays with a warrant, and not hiding their usage of them. Additionally, I believe that the public should be made aware of Sting-Rays, what their role is, and how their data is being used. As we discovered last week, the public is very ignorant when it comes to these breaches of privacy. Once again, I was completely unaware of Sting rays' existence until this class. I was aware of the role of cell-towers, and that my data and information at times is collected and stored, but I believe that, like me, the public has this same, tiny amount of knowledge. If the public is more aware of sting-rays, then that places pressure on law enforcement to honestly obtain warrants to use them.
ReplyDeleteIn terms of building and accessing a sting-ray, I believe, as you mentioned, that the only solution at present is to update security and find methods to do so; however, even if security is updated, sting-rays will most likely be updated as well. So it seems that we must accept - as it seems we must do with all things made public - that any time we use our cell phones, our data could be accessed by a third party.
I think it is fine if the government uses this technology to catch criminals as long as it is used only after receiving a search warrant. Without a warrant it is clearly a violation of the fourth amendment as mentioned in the post. My biggets concern with this technology is that it only takes $500 to create a cell-site-simulator. This means that it is very easy for anyone to be able to use this technology and infringe on other's privacy. I would like to know if there is any possible way for the data to be encrypted in order to stop the person stealing the data from being able to interpret it.
ReplyDeleteMaybe I am just weird, but I think that the use of a stingray could have very interesting business uses. Imagine the second scenario that we talked about in class, but instead of a kiosk that used facial recognition, what about a kiosk that used stingray technology. As a marketing major myself, I think that this could have incredible hyper-specialization for advertisements and coupons that could be offered. And it could be activated by proximity of your phone. I, personally, think that this would help create fantastic customer experiences. As for criminal investigative services, I do not think that they need to have a warrant use a stingray. I think that in the local legislation there should be a clause that is introduced into the charter of the city or township, via amendment or rewrite, that states that the local criminal investigative services are allowed to use this technology. I say this because in a lot of ways, local government acts exactly like a business would. This just legally extends those actions on the people that live within the city or township limits.
ReplyDeleteI agree Simon's post. There are certainly circumstances where a stingray can be useful for a criminal investigation, but I don't like that just anyone can make and use one. Cell tower communication should be encrypted, and police use of stringrays should require a warrant; police getting access to someone's locked phone requires a warrant, so use of a stringray should also require a warrant.
ReplyDelete