Stingray phone stalker tech used near White House, SS7 abused to steal US citizens' data – just Friday things Someone may have spied on smartphones in or near the White House using a fake cellphone tower – and miscreants are said to have abused SS7 weaknesses to swipe US citizens' private information, it emerged this week. On Friday, Senator Ron Wyden (D-OR) revealed a letter he received from the US government's Department of Homeland …
@AC - It is vague enough to avoid problems as does not hint who the boss is. Also, snooping on phone conversations in DC would be a smart move for any foreign spookhaus. So identifying who is spying is bit problematic as domestic spying can not be ruled out either.
Also, snooping on phone conversations in DC would be a smart move for any foreign spookhaus.
The issue with that is that in order to actually snoop on conversations and data a Stingray type device needs the cooperation of the telco. It needs to be able to ask the network for encryption keys. Otherwise there will be alerts all over the phone that the network is insecure and some phones may refuse to use the network without an end-user confirmation (OS/Customization dependent).
If a foreign power has hacked Verizon, ATT or Sprint to the point where it can get crypto keys a Stingray near the White House is the least of the potential worries for USA.
Wouldn't they be able to get them from a legit cell tower? I would be surprised - genuinely shocked to the point of fainting, actually - if those are even minimally secure against in-person attack. I'll bet it is 100000x harder to get the device key out of an iPhone than it is to get the network key out of a cell tower, because the rest of the telco network has such poor security I can't imagine anyone has paid attention to the physical security of the towers.
So the spy dresses like a tech, 'services' a tower, and then has what he needs to plop a fake tower near the White House that's able to snoop on Trump's calls. Maybe he uses the secure phone to call North Korea or China, but I'll bet he is using his insecure cell phone to call Hannity to read him a bedtime story, or his other hangers-on, and that's probably where the real juicy details are anyway since he's calling those guys for 'advice' i.e. to tell him what he should do.
If someone recorded his calls and then released them to embarrass him he'd probably blame it on the FBI like he does everything else.
> The issue with that is that in order to actually snoop on conversations and data a Stingray type device needs the cooperation of the telco. It needs to be able to ask the network for encryption keys.
Not necessarily. If I remember some older discussion correctly, the way one type of attack works it convinces the phone only GSM reception is available. This older standard does not have such a great crypto, and it does not authenticate the base station towards the phone. Snoops can thrn siphon traffic, then brute-force it later. Or was it so it can even tell the phone to skip encryption entirely (thanks, France and other countries that insisted on a cryptoless mode in GSM).
"It needs to be able to ask the network for encryption keys. Otherwise there will be alerts all over the phone that the network is insecure and some phones may refuse to use the network without an end-user confirmation (OS/Customization dependent)."
Nope. You do have to make sure your fake cell tower is 'louder' than all the legitimate ones, so that the targets phone opts to use it, but your tower claims to only support 2G (which is trivial to crack), and you can now snoop on the contents of communications to and from the phone.
As far as I can tell, no current phones warn when they roam to a cell that only has 2G. You can get applications on Android that will warn you, but it's not standard.
(example)
But how would you tell if a stingray was used in the area, presumably your own connection or a honeypot would loose the known towers id's and could register that fact. but without the stingray doesn't an SS7 access require ISPs co-operation, supposedly they'd log it. you would only know afterwards.
Stories on 5G in Australia stated that SS7 and Stingrays would not work on 5G. Which if true, presents an interesting situation as the AFP Australian Federal Police originally refused to allow digital mobile phones to be used until mechanisms were in place for them to intercept and to bug them. We had to stick with analog for months longer, but SS7 was in place by then for digital mobiles to work.
There are ETSI standards which cover interception of call information up to and including real time voice and data, they're easy to Google and surprisingly easy to read, but to summarise, the functionality is built in to the cell infrastructure and it 'only' takes a request from a duly authorised agency to the cell service provider to get your hands on it.
Honestly the thing that surprises me the most is the fact that we're all talking about how a Stringray device deployed by an unknown entity was used in proximity to the White House and yet there has not been a massive deployment of police, military, helicopters and SWAT teams to find the perpetrator.
Seems to me that such a move in a Hollywood film would be the perfect excuse for such an exercise, but in Real Life it's just "well, seems somebody has been spying on comms near our most strategic historical building, let's write a letter to the FCC to complain".
The Cold War is so last milennium I guess.
If you're using cell towers to communicate anything even vaguely important without treating it as an untrusted medium, you're a damn idiot.
For any proper scenario, it really doesn't matter if you broadcast your classified information over the 10 o'clock news. That's PRECISELY what modern encryption is designed for, and to facilitate.
As such, it should NEVER be a national security issue, and certainly shouldn't be anything even vaguely approaching important for somewhere like the White House. And tapping into SS7 etc. and redirecting people's mobiles to proxy them can be detected quite easily by the companies in question. Has anyone even asked if this is actually done DELIBERATELY to stop, say, terrorist attacks and bombs coordinated over the cellphone network near the White House?
But if you're that stupid as a secure government entity to just use a commercial network as-is, without bothering to encrypt information over it, then pretty much you've already lost anyway. You may as well just open the doors and let the Kremlin into your files.
I find it totally unsurprising. DHS couldn't narrow it to a specific group, but they're not concerned? Meanwhile, the President is using an unsecured personal phone and the tower is near the White House.
My guess would be that, far from one of the secretive three letter agencies, it's the more secretive ten letter agency: B.O.B.M.U.E.L.L.E.R.
If the email server thingy was enough for "lock her up" chanting frenzies, what sentiments does El Trump's usage of insecure phone technology evoke in his thoughtful fans?
Seriously, we have independent Central Bankers to manage interest rates. How about the US appoints a non-partisan cyber-security assessment department that makes binding decisions as to which communication usage is acceptable practice? If Trump's is, fine. If not, well then, he was elected to do his job correctly, why doesn't he start?
This would have also resolved the Clinton, and the previous Collin Powell issue too.
They didn't send in the SWAT team because they like to spread FUD and they're afraid of what they'd find.
Property of (a corp or a TLA) stamped plainly on the device. The device owners would be wanting to keep up to date on how their investments are panning out. Are a person's words private to the person, or to the party that paid for them? Notwithstanding the result of the American Civil War (1861-1865), I'm not sure what the 21st century answer is.
...The Homeland Security letter indeed said it had received reports of "nefarious" types leveraging SS7...
That's nothing!! I've received reports of little green men from mars buying up all the petrol and making the price go up..... and lizard-headed aliens taking over the Royal family... and hundreds of terrorist attempts to attack us, all of which have been foiled by our magnificent Homeland Secruity officers who really deserve a raise....
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
