Re: WIRED: One Small Fix Would Curb Stingray Surveillance
On 1/28/20 11:54 PM, Shawn K. Quinn wrote: > On 1/28/20 21:18, Razer wrote: >> Federal lawz require a cellphone without service to be able to dial 911 >> for some period of time after service is discontinued. After some period >> of time the battery is dead and no, the Stingray won't turn it on. > It might be any phone without a working SIM card (or its CDMA > equivalent); this is one reason that organizations that help domestic > violence victims ask for old phones. I have had phones which have never > had a working SIM card in them at all be able to make an emergency call > (at least according to the display; I haven't tested this). > I forget what the period of time is... Six months or a year after service ends. Rr signature.asc Description: OpenPGP digital signature
Re: WIRED: One Small Fix Would Curb Stingray Surveillance
On 1/28/20 21:18, Razer wrote: > Federal lawz require a cellphone without service to be able to dial 911 > for some period of time after service is discontinued. After some period > of time the battery is dead and no, the Stingray won't turn it on. It might be any phone without a working SIM card (or its CDMA equivalent); this is one reason that organizations that help domestic violence victims ask for old phones. I have had phones which have never had a working SIM card in them at all be able to make an emergency call (at least according to the display; I haven't tested this). -- Shawn K. Quinn http://www.rantroulette.com http://www.skqrecordquest.com
Re: WIRED: One Small Fix Would Curb Stingray Surveillance
On 1/28/20 7:10 PM, jim bell wrote: > A few years ago, I read that a disused, old cell phone (with no active > subscription) would activate in the presence of one of these Stingray > devices. I never checked that idea out, mainly due to lack of motivation, > and also since I don't know where such an operating stingray might be at any > given time. But if the power consumption of such a phone could be monitored > continuously, that might implement a cheap, easy "Stingray detector". > Jim Bell > Federal lawz require a cellphone without service to be able to dial 911 for some period of time after service is discontinued. After some period of time the battery is dead and no, the Stingray won't turn it on. Rr signature.asc Description: OpenPGP digital signature
Re: WIRED: One Small Fix Would Curb Stingray Surveillance
On Tuesday, January 28, 2020, 09:54:39 AM PST, coderman wrote: ‐‐‐ Original Message ‐‐‐ On Tuesday, January 28, 2020 7:16 AM, jim bell wrote: "WIRED: One Small Fix Would Curb Stingray Surveillance. One Small Fix Would Curb Stingray Surveillance '''The telecom and tech industries could overcome these challenges if they decided to prioritize a fix. That's a big if. Nasser points to a solution that would function a lot like HTTPS web encryption, allowing phones to quickly check cell tower "certificates" to provetheir legitimacy before establishing a secure connection. Last year,Hussain and colleagues from Purdue and the University of Iowa developed and proposed such an authentication scheme for the bootstrapping process in 5G." "As long as phones will connect to anything advertising itself as a tower,it’s kind of free-for-all," Nasser says. "This problem is biglow-hanging fruit, and there are many ways things could get better Ithink." >never gonna happen :( would be nice, though... A few years ago, I read that a disused, old cell phone (with no active subscription) would activate in the presence of one of these Stingray devices. I never checked that idea out, mainly due to lack of motivation, and also since I don't know where such an operating stingray might be at any given time. But if the power consumption of such a phone could be monitored continuously, that might implement a cheap, easy "Stingray detector". Jim Bell
Re: WIRED: One Small Fix Would Curb Stingray Surveillance
‐‐‐ Original Message ‐‐‐ On Tuesday, January 28, 2020 7:16 AM, jim bell wrote: > WIRED: One Small Fix Would Curb Stingray Surveillance. > https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authentication ''' The telecom and tech industries could overcome these challenges if they decided to prioritize a fix. That's a big if. Nasser points to a solution that would [function a lot like HTTPS web encryption](https://www.wired.com/2016/04/hacker-lexicon-what-is-https-encryption/), allowing phones to quickly check cell tower "certificates" to prove their legitimacy before establishing a secure connection. Last year, Hussain and colleagues from Purdue and the University of Iowa [developed and proposed](https://dl.acm.org/doi/10.1145/3317549.3323402) such an authentication scheme for the bootstrapping process in 5G. "As long as phones will connect to anything advertising itself as a tower, it’s kind of free-for-all," Nasser says. "This problem is big low-hanging fruit, and there are many ways things could get better I think." ''' never gonna happen :( would be nice, though... this is a warning for lawful access to encryption; once you've compromised a system "for official purpose" it's compromised forever. best regards,
WIRED: One Small Fix Would Curb Stingray Surveillance
WIRED: One Small Fix Would Curb Stingray Surveillance. https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authentication
