Operation battery death
So presumably anybody on the affected network has their phone battery flattened as the thing shouts away at the top of its voice? That could add up to a lot of inconvenience before we consider the legal aspects ...
The FBI's long battle to keep details of its controversial Stingray mobile phone-snooping kit under wraps has escalated, with US Marshals raiding Florida police to prevent their records being released, while a Florida judge was busily unsealing court evidence covering the IMSI-catchers. The American Civil Liberties Union had …
So presumably anybody on the affected network has their phone battery flattened as the thing shouts away at the top of its voice?
*****
No, only the phone with the correct ID.
Seems to me that if the user monitored transmit power relative to signal strenght then they might have an easy indicator that the phone is not connected to a normal base station.
Seems to me that if the user monitored transmit power relative to signal strenght then they might have an easy indicator that the phone is not connected to a normal base station.
...but wouldn't the "make em shout" ruse be achieved by turning down the strength of the transmission (or a key part thereof)? So the handset would appear to be shouting appropriately
Does it also handshake and forward calls/texts/data to the real network - or does everyone on the same network who connects to this fake cell (presumably at least ~1/2 mile radius to cover a building) get no calls/texts/data for the duration?
And if it does forward calls/texts/data what logging does it do? How are these managed and destroyed?
Im hoping this is just a basic bit of kit that does just enough to capture a phone signal - ie basic challenge response on the network level. The cynic in me suggests it could be much more complex.
Surely this is the same as any other bit of police kit - the public have a right to know that its safe and used legally.
"Does it also handshake and forward calls/texts/data to the real network"
Doesn't that just make it a variant of the $50 or less (mfg not retail) femtocells (or is it Peco, I forget) now widely available, eg as offered by multiplay comms providers who want to keep you as a broadband and cellular customer even though there's poor cellular coverage where your broadband is??
What stops a femtocell from being reverse engineered by 'interested' members of the public?
that contract hasn't been signed yet, don't forget. Until then, they won't recognize sarcasm, even if you tell them it's sarcasm. In fact, when you tell them it's sarcasm, they'll look it up in a dictionary, and as sarcasm is not there, they'll assume you try to use the sarcasm to hide the fact it's not sarcasm. And when it's not sarcasm for them (regardless of whether it's sarcasm or not for you), then it's no longer sarcasm for you either.
That will make it harder to find the phone, not easier. Cell phone base stations can use the power negotiation to determine the phone's distance, and if they are using a directional aerial to triangulate the phone a stronger signal makes it harder to identify the "null" which pinpoints the transmitter's direction.
What they should be doing (and probably are) is to have the phone reduce its power to the lowest level where it can still be communicated with, the amount of signal reduction will identify distance, and the weaker signal is much easier to locate directionally.
Isn't that a little risky though, in an ideal world sure that would make sense, but seeing as this technology can only work if the phone chooses that base station as the strongest, having it transmit on just good enough power makes it extremely likely another base station is going to become the best candidate for the phone at any random time and fairly frequently. This would make tracking impossible, you could only do this if you have control of the networks base stations in the area. So I guess they have to make do with what is guaranteed to work, rather than what would theoretically work in a lab.
I think he is right on the power thing, when I connect to my femtocell @ home my phone battery lasts twice as long as if I am away from home, its inverse to your logic, the stronger the signal from base station, the weaker signal is needed to transmit back..
if the phone chooses that base station as the strongest, having it transmit on just good enough power
Not what I meant. The base station can still transmit on full power, but it would ask the phone handset to reduce power to a minimal required level.
POS: "Cell phone base stations can use the power negotiation to determine the phone's distance..."
The Inverse Square Power Law is a *very* crude indicator of distance. When you add up all the unknown variable ±X dB, you'll end up with a range error bar that is enormous. This is an EE 101 fact and there's no point in further debating it.
A much better and simpler method for the base station is to simply query the time-of-flight offset value. The TDMA architecture needs to adjust for distance, so approximate distance is already known.
Given that the documents were apparently a part of a current court case and that the judge was just in the process of unsealing them, I'd have thought that the actions of the US Marshals might be considered by the judge as a clear case of Contempt of Court.
After our actual civil war the answer is a big fat No. A federal law enforcement agency will always have authority over a State authorized law enforcement agency. Everybody gets caught up in romantic notions of abolitionists battling evil slave owners in order to unshackle the people who were kidnapped from their home country and sold as property.
But that all came later. The actual fight was about this very sort of thing. The States lost.
This isn't much different to a normal wire tap, it's just closer to the targets handset. Normally a trace/tap would be applied at the switch level which would tell the authorities which base station the suspect is connected to. This is pretty much doing the same thing but because you can force the user onto your mobile (i.e. movable) base station you are also able to more accurately locate the suspect via triangulation.
To be honest you could achieve pretty much the same results by (a) capturing the timing advance on Basestation X,, (b) kicking him off of basestation X so that he's handed over to Basestation Y, (c) capturing the timing advance from basestation Y, etc until you have a statistically accurate triangulation. This of course requires the mobile operator to do this on your behalf and can take time to arrange and implement. Much quicker, easier and more secret if you can do this without the operator knowing...
I would have thought that whatever US laws apply to standard wiretaps also apply to Stingray, as it's fundamentally the same thing/
I suspect the whole point of Stingray is that they can casually omit to apply for a wiretap warrant. After all, otherwise they could indeed just tap at the switch inside the provider but for that they need both permission, and a budget (as they get billed for it). Stingray is more like a one-off CAPEX hit on the budget, and nobody the wiser when it is used.
As I have said before, I have no problem with law enforcement having the tools for the job but it has become very clear that transparency on how it's used is absolutely essential. Only transparency enables them to prove they're using it legally.
You are possibly right - I can't see any difference between Stingray and normal wiretapping, so if they are using it as an excuse to circumvent the warrant process, then they deserve to be strung up. I agree with you, the ability to monitor 'persons-of-interest' is vital, but it must be a transparent formal process with the usual checks and measures.