Fwd: [Discuss-gnuradio] IMSI Catcher Catcher?

grarpamp grarpamp at gmail.com
Thu Jun 16 18:27:24 PDT 2016 

---------- Forwarded message ----------
From: "Ronald F. Guilmette" <rfg at tristatelogic.com>
Date: Thu, 16 Jun 2016 18:15:14 -0700
Subject: [Discuss-gnuradio] IMSI Catcher Catcher?
To: discuss-gnuradio at gnu.org


[[ Up front confession:  I know essentially nothing about radio. ]]

Just a short while ago, I saw a Vice News video titled "State of Surveillance"
in which Snowden brought up the fact that some journalists had found and
outted some stingrays (IMSI Catchers) which had, apparently, been operating
in some very sensitive areas of Oslo, Norway, for an unknown amount of time,
managed by unknown people, for unknown purposes.

That was the first that I personally had ever heard about that, so I googled
it and found a lot of information about it online.

I started to wonder about the fact that these Norwegian journalists were
able to pull together the hardware and software necessary to detect the
various anomalies that indicated the presence of these multiple stingrays
in the Oslo city center.

I googled some more and found the following blog article, written by
Bruce Schneier, in which he notes that these days, pretty much anybody
could easily build their own stingray, presumably out of an off-the-
shelf computer and a reasonably cheap ($330 USD) little box called a
"HackRF":

https://www.schneier.com/blog/archives/2015/04/the_further_dem_1.html

So, after that I was thinking that perhaps someone already has!  Or better
yet, perhaps someone has already written the code necessary to turn, for
example, an ordinary laptop plus a HackRF box into a portable device that
could *detect* the presence of stingrays, i.e. an "IMS-Catcher Catcher".

For me at least it would be really a lot of fun to have one of those,
i.e. an IMS-Catcher Catcher (stingray detector).

I am not far from the State Capitol in California, and I, for one, would
love nothing better than to wardrive down around the Capitol (and
associated state government buildings), checking to see if there are
any active stingrays operating in the area.  (In the Oslo incidents,
it was reported that several of the stringrays seemed to be strategically
placed near major government building, including the Prime Minister's
residence.)  Of course, if I found any, I would immediately try to share
that info with the few journos I know... and everybody else who I could
get to pay attention.

So, anyway, finally, my quuestion:

Do any of you folks here know if anybody has created any publically
available software (copyleft or otherwise) that would allow, e.g. a
HackRF or any other inexpensive SDR to be turned into a stingray
detector?  If so, I'd love to receive a link to that.

I have a laptop and $330 USB burning a hole in my pocket.


Regards,
rfg


P.S.  I did do some googling for what I'm asking for (before posting here)
but the closest thing I found way an academic paper from Q3 2014 that
seemed to say that the software these guys developed wasn't even up to
what could be called "Beta quality":

https://www.sba-research.org/wp-content/uploads/publications/DabrowskiEtAl-IMSI-Catcher-Catcher-ACSAC2014.pdf

They made their code freely available, but it appears that it has been
stagnant and languishing since they did their paper in Q3 2014. :-(

https://sourceforge.net/projects/icc/

P.P.S.  In an ideal world, I'd like to see great massive hoards of people
running around city centers all over the world... wardriving for a new
generation...  triangulating the exact locations of any stingrays they
find, and then making all that info public someplace, e.g. on some single
web site.

I mean nobody knows where these things are *or* who might be operating
them!  (Anybody can buy one now for only $1800 USD off of alibaba.com...
or probably build one themselves for much less with a laptop and a HackRF.)

P.P.P.S.  It really is too bad that the journalists who broke the Oslo
stingrays story didn't do the sensible thing and follow-up properly on
their initial finding, i.e. by *triangulating* until they had the exact
locations of the various stingrays they found.  If they had done that,
then it might have been a LOT harder for the Powers That Be to just
dismiss and deny their published findings, as they did, thus effectively
sweeping the whole thing under the rug as far as the public was concerned.


_______________________________________________
Discuss-gnuradio mailing list
Discuss-gnuradio at gnu.org
https://lists.gnu.org/mailman/listinfo/discuss-gnuradio

More information about the cypherpunks mailing list