recentpopularlog in

pierredv : stingray   15

City-Wide IMSI-Catcher Detection - SeaGlass
"SeaGlass is a system designed by security researchers at the University of Washington to measure IMSI-catcher use across a city."

"For more details on the SeaGlass sensors, data collection system, detection algorithms, and results see our technical paper published at Privacy Enhancing Technology Symposium 2017" https://seaglass-web.s3.amazonaws.com/SeaGlass___PETS_2017.pdf
UW  surveillance  cellular  security  cyber-spectrum  IMSI-catchers  StingRay 
16 days ago by pierredv
[1510.07563] Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems, Aug 2017
Altaf Shaik, Ravishankar Borgaonkar, N. Asokan, Valtteri Niemi, Jean-Pierre Seifert

Abstract

Mobile communication systems now constitute an essential part of life throughout the world. Fourth generation "Long Term Evolution" (LTE) mobile communication networks are being deployed. The LTE suite of specifications is considered to be significantly better than its predecessors not only in terms of functionality but also with respect to security and privacy for subscribers.
We carefully analyzed LTE access network protocol specifications and uncovered several vulnerabilities. Using commercial LTE mobile devices in real LTE networks, we demonstrate inexpensive, and practical attacks exploiting these vulnerabilities. Our first class of attacks consists of three different ways of making an LTE device leak its location: A semi-passive attacker can locate an LTE device within a 2 this http URL area within a city whereas an active attacker can precisely locate an LTE device using GPS co-ordinates or trilateration via cell-tower signal strength information. Our second class of attacks can persistently deny some or all services to a target LTE device. To the best of our knowledge, our work constitutes the first publicly reported practical attacks against LTE access network protocols.
We present several countermeasures to resist our specific attacks. We also discuss possible trade-offs that may explain why these vulnerabilities exist and recommend that safety margins introduced into future specifications to address such trade-offs should incorporate greater agility to accommodate subsequent changes in the trade-off equilibrium.
IMSI-catchers  StingRay  4G  LTE  cyber-spectrum  Arxiv 
16 days ago by pierredv
DHS admits rogue stingrays in Washington, DC. - TechSpot, Apr 2018
In a letter obtained by the Associated Press from the Department of Homeland Security to Senator Ron Wyden (D-Oregon), the United States government formally acknowledges they have found unauthorized IMSI catchers in different parts of Washington DC and possibly other areas of the country.

IMSI catchers, commonly known as stingrays, are most commonly used by the FBI and other law enforcement agencies around the country to locate a particular phone by essentially acting as a legitimate cell tower that the targeted phone attaches to. Stingrays also have the capability to intercept text messages and even phone calls.

"Overall, [DHS' National Protection and Programs Directorate] believes the malicious use of IMSI catchers is a real and growing risk," wrote acting undersecretary, Christopher Krebs.
TechSpot  cyber-spectrum  spectrum-vulnerability  cybersecurity  StingRay 
february 2019 by pierredv
3G & 4G Networks Are Prone to Stingray Surveillance Attacks - Jul 2017
"3G and 4G LTE devices deployed worldwide have a critical security vulnerability that could be used by Stingray devices, security researchers revealed at the Black Hat Conference in Las Vegas. Researchers said all the modern and high-speed networks have a protocol flaw that enables mobile devices to connect with the cell operator, allowing attackers to track and monitor users."

"Many believe that the modern protocols, unlike 2G, protect users against easy-to-use tracking and surveillance. However, latest research reveals a flaw in the authentication and key agreement, which enables a phone to communicate securely with the user’s cell network."

"While this flaw doesn’t reportedly allow attackers to intercept calls or messages, it does enable them to monitor consumption patterns and track the phone location."
StingRay  IMSI-catcher  3G  4G  cellular  spectrum-vulnerability  cyber-spectrum  spoofing 
february 2019 by pierredv
New security flaw impacts 5G, 4G, and 3G telephony protocols | ZDNet, Jan 2019
"A new vulnerability has been discovered in the upcoming 5G cellular mobile communications protocol. Researchers have described this new flaw as more severe than any of the previous vulnerabilities that affected the 3G and 4G standards."

"Further, besides 5G, this new vulnerability also impacts the older 3G and 4G protocols, providing surveillance tech vendors with a new flaw they can abuse to create next-gen IMSI-catchers that work across all modern telephony protocols."

According to "a research paper named "New Privacy Threat on 3G, 4G, and Upcoming5G AKA Protocols," published last year. ..., the vulnerability impacts AKA, which stands for Authentication and Key Agreement, a protocol that provides authentication between a user's phone and the cellular networks."

"Instead of intercepting mobile traffic metadata, this new vulnerability reveals details about a user's mobile activity, such as the number of sent and received texts and calls, allowing IMSI-catcher operators to create profiles for each smartphone holder."

"For example, two other academic studies from French and Finnish researchers also found that IMSI-catcher attacks are still possible against the upgraded 5G-AKA protocol, despite 3GPP's claims."
ZDNet  cyber-spectrum  cybersecurity  spectrum-vulnerability  3G  4G  5G  StingRay  IMSI-catchers  3GPP 
february 2019 by pierredv
APNewsBreak: US suspects cellphone spying devices in DC, Apr 2018
"For the first time, the U.S. government has publicly acknowledged the existence in Washington of what appear to be rogue devices that foreign spies and criminals could be using to track individual cellphones and intercept calls and messages."

Christopher Krebs, DHS, “noted in the letter that DHS lacks the equipment and funding to detect Stingrays”

"Every embassy “worth their salt” has a cell tower simulator installed, Turner said. They use them “to track interesting people that come toward their embassies.” The Russians’ equipment is so powerful it can track targets a mile away, he said."

"Shutting down rogue Stingrays is an expensive proposition that would require wireless network upgrades the industry has been loath to pay for, security experts say. It could also lead to conflict with U.S. intelligence and law enforcement."
surveillance  security  privacy  sellular  StingRay  cellular  cyber-spectrum 
january 2019 by pierredv
Experts see 5G as defense to 'Stingray' spying | TheHill
"Security experts and privacy advocates are hopeful the rollout of the new 5G wireless network could eliminate a glaring surveillance vulnerability that allows spying on nearby phone calls."

"Stingrays exploit cell towers that are the backbone of the current 4G network. ... 5G networks would be less reliant on those towers and also would require new security standards for communications. The new network would be built using smaller cells, which are about the size of refrigerators and located every few blocks."

"Lucca Hirschi and Ralf Sasse, two authors of a recent paper on 5G surveillance risks, told The Hill that their analysis of new standards for 5G found that the guidelines will limit the impact of existing stingrays. ... But the fix won't not cover all stingrays, Hirschi and Sasse told The Hill in an interview. The standards would block so-called passive devices, which just pick up communications, but different kinds of active tracking devices, which can force phones to disconnect from their networks, could still get through in 5G."

"That slow rollout means that for a period of time, multiple networks may be active at once. And that means devices built for 5G may have to connect to earlier networks like 4G, exposing those devices to vulnerabilities they weren’t designed to combat, experts told The Hill."
5G  cybersecurity  surveillance  StingRay 
october 2018 by pierredv
Long-Secret Stingray Manuals Detail How Police Can Spy on Phones
HARRIS CORP.’S STINGRAY surveillance device has been one of the most closely guarded secrets in law enforcement for more than 15 years. The company and its police clients across the United States have fought to keep information about the mobile phone-monitoring boxes from the public against which they are used. The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet.
Harris  TheIntercept  stingray  cellular  surveillance  IMSI-catcher 
september 2016 by pierredv
New App Detects Government Stingray Cell Phone Trackers - Slashdot - Jan 2015
"SnoopSnitch scans for radio signals that indicate a transition to a stingray from a legitimate cell tower. "SnoopSnitch collects and analyzes mobile radio data to make you aware of your mobile network security and to warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates." say German security researchers Alex Senier, Karsten Nohl, and Tobias Engel, creators of the app which is available now only for Android. The app can't protect people's phones from connecting to stingrays in the first place, but it can at least let them know that there is surveillance happening in a given area."
SDR  hacking  cellular  IMSI-catchers  Stingray  Slashdot 
august 2016 by pierredv
How To Detect And Find Rogue Cell Towers | Hackaday Aug 2016
"From what we saw at HOPE in New York a few weeks ago, we’re just months away from being able to put a femtocell in a desktop computer for under $3,000. In less than a year, evil, bad hackers could be tapping into your cell phone or reading your text message from the comfort of a van parked across the street. You should be scared, even though police departments everywhere and every government agency already has this capability."
"For the last few months [Eric Escobar] has been working on a simple device that allows anyone to detect when one of these Stingrays or IMSI catchers turns on. With several of these devices connected together, he can even tell where these rogue cell towers are."
"To build his rogue-cell-site detector, [Eric] is logging this information to a device consisting of a Raspberry Pi, SIM900 GSM module, an Adafruit GPS module, and a TV-tuner Software Defined Radio dongle."
SDR  Hackaday  cellular  IMSI-catchers  Stingray  hacking 
august 2016 by pierredv
Hacker Spoofs Cell Phone Tower to Intercept Calls | WIRED Jul 2010
"A security researcher created a cell phone base station that tricks cell phones into routing their outbound calls through his device, allowing someone to intercept even encrypted calls in the clear."
Only works for 2G GSM
SDR  cellular  IMSI-catchers  Stingray  Wired  GSM  hacking 
august 2016 by pierredv
This machine catches stingrays: Pwnie Express demos cellular threat detector | Ars Technica Apri 2015
At the RSA Conference in San Francisco today, the network penetration testing and monitoring tool company Pwnie Express will demonstrate its newest creation: a sensor that detects rogue cellular network transceivers, including "Stingray" devices and other hardware used by law enforcement to surreptitiously monitor and track cell phones and users.
ArsTechnica  cellular  hacking  IMSI-catchers  Stingray 
august 2016 by pierredv
Local law enforcement deploying fake base stations for tracking, eavesdropping - FierceWirelessTech
"Fake base stations have been used by the federal government for years but now have been adopted by local law enforcement agencies, and privacy advocates are not happy about it." "When one of these types of devices is deployed correctly, every smartphone or portable computer served by a particular cellular network in a given area will recognize the stingray as just another cell site on that network, automatically connecting to it. The fake cell site can then gather information about those devices and the locations of their users."
surveillance  base-stations  law-enforcement  FierceWireless  privacy  ACLU  StingRay  Harris 
march 2014 by pierredv

Copy this bookmark:





to read