On Tuesday, January 28, 2020, 09:54:39 AM PST, coderman wrote: ттттттт Original Message ттттттт On Tuesday, January 28, 2020 7:16 AM, jim bell wrote: "WIRED: One Small Fix Would Curb Stingray Surveillance. [1]One Small Fix Would Curb Stingray Surveillance '''The telecom and tech industries could overcome these challenges if they decided to prioritize a fix. That's a big if. Nasser points to a solution that would [2]function a lot like HTTPS web encryption, allowing phones to quickly check cell tower "certificates" to prove their legitimacy before establishing a secure connection. Last year, Hussain and colleagues from Purdue and the University of Iowa [3]developed and proposed such an authentication scheme for the bootstrapping process in 5G." "As long as phones will connect to anything advertising itself as a tower, itтs kind of free-for-all," Nasser says. "This problem is big low-hanging fruit, and there are many ways things could get better I think." >never gonna happen :( would be nice, though... A few years ago, I read that a disused, old cell phone (with no active subscription) would activate in the presence of one of these Stingray devices. I never checked that idea out, mainly due to lack of motivation, and also since I don't know where such an operating stingray might be at any given time. But if the power consumption of such a phone could be monitored continuously, that might implement a cheap, easy "Stingray detector". Jim Bell References 1. https://www.wired.com/story/stingray-surveillance-cell-tower-pre-authentication 2. https://www.wired.com/2016/04/hacker-lexicon-what-is-https-encryption/ 3. https://dl.acm.org/doi/10.1145/3317549.3323402