Canada's Mounties use a 6-year-old "interim policy" to justify warrantless mass surveillance

In 2016, Motherboard used public records requests to receive 3,000 pages of documents from the Royal Canadian Mounted Police detailing the federal police agency's longstanding secret use of IMSI Catchers (AKA "Stingrays" -- the fake cellular towers that silently capture data on every cellphone user in range). Read the rest

It's not hard to think of ways to outsmart Stingray-detector apps

A group of researchers from Oxford and TU Berlin will present their paper, White-Stingray: Evaluating IMSI Catchers Detection Applications at the Usenix Workshop on Offensive Technologies, demonstrating countermeasures that Stingray vendors could use to beat Stingrays and other "cell-site simulators" (AKA IMSI catchers). Read the rest

Wardriving for Stingrays with rideshare cars

Well, there's a second-decade-of-the-21st-century headline for you! Read the rest

Stingray for criminals: spreading mobile malware with fake cellphone towers

Police who rely on vulnerabilities in crooks' devices are terminally compromised; the best way to protect crime-victims is to publicize and repair defects in systems, but every time a hole is patched, the cops lose a tool they rely on the attack their own adversaries. Read the rest

EFF is gathering data on illegal surveillance of Dakota Access Pipeline water protectors

During the Standing Rock confrontations, the Electronic Frontier Foundation got reports of police use of IMSI Catchers -- secretive surveillance devices used to gather data from nearby cellphones, often called Stingrays or Dirtboxes -- so it dispatched lawyers and technologists to monitor the situation, and filed 20 public records requests with law enforcement agencies. Read the rest

Virginia State cops have blown a fortune on useless cellphone spying gear

Muckrock has been sending Freedom of Information requests to state police forces to find out how they're using "cell-site simulators" (AKA IMSI catchers/Stingrays), and they hit the motherlode with the Virginia State Police. Read the rest

The FCC helped create the Stingray problem, now it needs to fix it

An outstanding post on the EFF's Deeplinks blog by my colleague Ernesto Falcon explains the negligent chain of events that led us into the Stingray disaster, where whole cities are being blanketed in continuous location surveillance, without warrants, public consultation, or due process, thanks to the prevalence of "IMSI catchers" ("Stingrays," "Dirtboxes," "cell-site simulators," etc) that spy indiscriminately on anyone carrying a cellular phone -- something the FCC had a duty to prevent. Read the rest

Baseband vulnerability could mean undetectable, unblockable attacks on mobile phones

The baseband firmware in your phone is the outermost layer of software, the "bare metal" code that has to be implicitly trusted by the phone's operating system and apps to work; a flaw in that firmware means that attackers can do scary things to your hone that the phone itself can't detect or defend against. Read the rest

The US Government's domestic spy-planes take weekends and holidays off

If you spend enough time looking at Flightradar24's data about fly-overs of American cities, you can figure out where and when the feds are flying domestic spy-aircraft, watching for the tell-tale circling patterns and mapping the planes' owners to companies that investigative journalists have revealed to be fake cut-outs for the FBI. Read the rest

Maryland's Attorney General: you consent to surveillance by turning on your phone

Maryland attorney general Brian E Frosh has filed a brief appealing a decision in the case of Kerron Andrews, who was tracked by a Stingray cell-phone surveillance device. Read the rest

Anaheim: the happiest surveillance state on earth

Orange County has many claims to fame: Richard Nixon, the S&L scandal, subprime boiler-rooms, Disneyland, an airport honoring a cowboy named Marion, and now, the revelation that its police force secretly uses low-flying surveillance aircraft to break the encryption of thousands of cellphone users, track their movements, and intercept their communications. Read the rest

DHS admits it uses Stingrays for VIPs, vows to sometimes get warrants, stop lying to judges

The DHS's newly released policy statement on the use of Stingrays (stationary fake cellphone towers used to track people in a specific location) and Dirt Boxes (airplane-mounted surveillance that tracks whole populations) represents a welcome, if overdue, transparency in the use of cellphone surveillance by federal agencies. Read the rest