ICE confirmed using cell site simulators to capture undocumented immigrants
M373
M373 at riseup.net
Sun May 21 18:01:57 PDT 2017
This is unsurprising but it's now confirmed via search warrant
documentation that ICE is using a cell site simulator/IMSI catcher
described as a Hailstorm or a Stingray
http://www.detroitnews.com/story/news/local/detroit-city/2017/05/18/cell-snooping-fbi-immigrant/101859616/
to surveil and prosecute undocumented immigrants. Journalists and ACLU
https://www.aclu.org/news/aclu-seeks-documents-ices-use-cell-phone-trackers
(probably others) are making FOIA requests and will likely need to sue.
Cell site simulators were kept mostly secret for about a decade after
introduction for domestic use and local departments were required by FBI
or manufacturer to conceal their use from judges and defense counsels.
https://gizmodo.com/ice-agents-are-using-stingray-surveillance-tech-to-capt-1795377902
In some cases, such as St. Louis, prosecutors dropped charges against
defendants who had cell site simulators used against them. Cell site
simulators are *strongly* suspected of being used against protesters in
Chicago, St. Louis/Ferguson, and Minneapolis, and known to have been
used in Standing Rock
http://geekswobounds.org/sites/default/files/Security%20at%20Resistance%20Camps.pdf
http://gwob.org/security-at-resistance-camps-lessons-from-standing-rock/ ,
including delivering malware payloads. ICE joins dozens of state and
local law enforcement agencies, and FBI, USMS, ATF, DEA, IRS, FCC, NSA,
and various military entities.
https://www.aclu.org/map/stingray-tracking-devices-whos-got-them
https://theintercept.com/surveillance-catalogue/
http://graphics.wsj.com/surveillance-catalog/
Given the military-industrial-surveillance complex and that a moderately
skilled hacker can construct one, they are no doubt in use by private
security and intelligence agencies, as well, with G4S and
Academi/Xe/Blackwater certainly coming to mind.
So use the crypto (Signal or others), to the extent that it protects
content in transit. Some cell site simulators' imitation convinces
phones to decrypt the carrier's encryption. If a device can be infected
then even measures like Signal may be circumvented. We need more
privacy-by-design and hardened devices.
More information about the cypherpunks
mailing list