Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
United Kingdom Cellphones Government Privacy

Fake Mobile Phone Towers Found To Be "Actively Listening In" On Calls In UK 122

New submitter nickweller writes: More than 20 Stingray fake phone towers which can collect data from passing devices and listen in on calls have been discovered operating in the UK. The Metropolitan Police have refused to say who is controlling the IMSI catchers, also known as Stingrays, or what is being done with the information they are gathering. Met Commissioner Sir Bernard Hogan-Howe said: "If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible.”
This discussion has been archived. No new comments can be posted.

Fake Mobile Phone Towers Found To Be "Actively Listening In" On Calls In UK

Comments Filter:
  • The key quote (Score:5, Interesting)

    by DingerX ( 847589 ) on Thursday June 11, 2015 @02:17AM (#49889111) Journal

    Keith Bristow, the director-general of the National Crime Agency, said: “Some of what we would like to talk about to get the debate informed and logical, we can’t, because it would defeat the purpose of having the tactics in the first place. Frankly, some of what we need to do is intrusive, it is uncomfortable, and the important thing is we set that out openly and recognise there are difficult choices to be made.”

    Translation: "It is important that we be completely transparent on this single fact: we are not transparent, and we will do bad things, because reasons."

    • by Anonymous Coward

      And where would the new be? Here in France "raison d'état" trumps everything. "State reasons". It translates as "we're doing something you won't like, which will go against the very laws of the Republic, and we're not telling you why or the details. Because it's good for the State and you cannot be trusted to understand or know what's best for yourself. End of discussion." It has been going on ever since we had kings. After a while you come to understand you can't fight city hall, much less the

      • For some reason or another, Slashdot does not like your French Fancy Accents. Unless Ãlisée is a cool nerdy l3t3spe4k cafe.
        Guess they never heard of UTF-8 storage...

    • by DarkOx ( 621550 )

      Translation: Silence citizen we are above the law and not subject to the oversight of peasants like yourself.

  • In other words... (Score:5, Interesting)

    by NoKaOi ( 1415755 ) on Thursday June 11, 2015 @02:17AM (#49889113)

    "If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible."

    Sure, we're doing a lot of bad illegal shit, but we don't have time to do as much bad illegal shit as you think we are.

    Imagine if that logic were applied by a bank robber: Sure, I robbed the bank, but I didn't have time to steal as much money as you thought I did.

    • or even
      Bank Robber: "I don't have the wherewithal to steal as much money as I want to, so you can worry a bit less about me"
    • This is the sad news, people could not save their own secrets and what help the cityzens to protect them from the attacks ! http://havin.vn/ [havin.vn]
    • by mwvdlee ( 775178 )

      How would they know it's impossible unless they've atleast researched the possibility of doing so?

      • Re:In other words... (Score:4, Interesting)

        by Xest ( 935314 ) on Thursday June 11, 2015 @04:20AM (#49889519)

        Because the fact is, our standard police forces can't deal with the things they're meant to be dealing with as is, hence why certain things have become defacto legalised because they don't have time to deal with them.

        The idea that they've then got time to dick around doing something like mass spying on top makes little sense.

        Any such spying would typically be carried out by the security services, or by one of the new pseudo security forces that are effectively national police agencies like SOCA or whatever name they're going by nowadays.

        So frankly I believe Hogan-Howe, I don't think it's his guys doing this, I think he's probably exactly right when he says it's nothing to do with him and his force. I think they genuinely have neither the resources or the will to do this.

        That doesn't mean it's not another branch of the government of course, and it most likely is. When he refuses to comment it's probably because he knows it's nothing to do with him and doesn't want anything to do with the political debate of who is doing it or the rights and wrongs of it.

        Frankly, whoever approached the met to ask who is operating them approached the wrong person. It's like asking the chief of a hospital why some members of parliament support homeopathy. How the fuck are they meant to know why they support what they do and vote for what they do? it effects them but they have no real control over it, nor can they say why the MPs think or do what they do. It's a question best put to the MPs themselves, not some unrelated chief of a hospital.

        • Re:In other words... (Score:4, Interesting)

          by AmiMoJo ( 196126 ) on Thursday June 11, 2015 @06:45AM (#49889859) Homepage Journal

          Don't be mislead about the lack of resources to violate privacy on a massive scale. They may not have operators actively listening to every call, monitoring every URL accessed and every form submitted, but they certainly can capture all of that data. They certainly capture all the metadata, and that's where the real danger lies.

          For example, they like to see who is visiting an area by collecting the IMEIs of all phones that connect to their fake tower. Say there is a political event, or a protest or some other gathering of people they dislike. They record every IMEI that was anywhere near it. Then when the next one happens they do the same thing and compare the two lists, eventually creating a master list of known dissidents and unfortunate people who happened to be in the wrong place at the wrong time.

          Whenever they have the opportunity they match the IMEI up with an identity. If they ever examine a phone they make sure they get the IMEI. They also like to try to tie it up with things like car number plates and patterns of movement. The information is shared with other police forces, and stored indefinitely.

          The police are building vast databases on everyone. The DNA database, for example, includes millions of innocent people. We must keep up efforts to get these databases wiped, permanently, and the people who built them brought to trial and punished.

          • by Xest ( 935314 )

            Do you have any evidence for any of that whatsoever, or is it all just conspiracy theory?

            The met's entire budget is £4.1bn, and the price tag on GCHQ's equivalent system was £6bn. Where are the police getting the money for this exactly?

            The only evidence of police overuse of phone records is that some providers are giving the police free reign of call logs:

            http://www.theguardian.com/wor... [theguardian.com]

            That's a far cry though from having their own database that also tracks and compares location dat

            • They told you to piss off it's non of your damn business, not where the data is going or how it's being used. If you believe anything that you are told by a Government which has a proven track record of lying to the public (and not giving a shit) you are a fool.

              Your speculation that it's perfectly innocent because police are busy is worth the same amount as the conspiracy speculation of the next guy. You don't know what they are doing the the data, nor do you know who the collection point is sharing data

              • by Xest ( 935314 )

                No, you've entirely missed the point.

                I'm not saying it's not a concern, I'm not saying it's not a problem. I'm saying going after the people who have neither the time nor the budget, nor the technical skills to operate this sort of thing is pointless, when you should instead be focussing on the government organisations that can do this - i.e. the people who will actually be running it.

                The problem is that our general police forces are for the most part actually quite good and reasonable in the UK. My point i

    • "If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible."

      Sure, we're doing a lot of bad illegal shit, but we don't have time to do as much bad illegal shit as you think we are.

      Imagine if that logic were applied by a bank robber: Sure, I robbed the bank, but I didn't have time to steal as much money as you thought I did.

      Actually, this is a quintessential part of the debate. The Supreme Court considers it now on technology cases that involve the ability to do dragnet surveillance on large numbers of people or over an extended time period on the same person. The idea is basically that what used to be okay because cops were practically limited by the cost of extensive surveillance might no longer be okay when they are able to collect a LOT of surveillance data cheaply.

      This came up in a GPS tracking case a few years back.

      • by NoKaOi ( 1415755 )

        So it's okay to violate the law by listening on telephone calls as long as you don't do it too much, because back in the day it wouldn't have been possible to do it too much? So then it's okay if I rob a bank and only steal a thousand dollars, because back in the day (because of inflation) that's all the teller's drawers would have had?

        • So it's okay to violate the law by listening on telephone calls as long as you don't do it too much, because back in the day it wouldn't have been possible to do it too much? So then it's okay if I rob a bank and only steal a thousand dollars, because back in the day (because of inflation) that's all the teller's drawers would have had?

          Differences of degree matter to everyone except idiots and those spouting religious dogma.

          That intrusion into the individual sphere of liberty that is only slightly concerning when so extremely limited by impracticality that it cannot be employed in practice becomes much more concerning when it is done to everyone all the time.

          The scope of an intrusion matters. Listening to one phone call at a time isn't good, but listening to all of them at the same time is a fundamental threat to society.

    • I know it's overused on Slashdot, but this really is a classic case of these aren't the droids you're looking for

    • Re:In other words... (Score:5, Interesting)

      by gsslay ( 807818 ) on Thursday June 11, 2015 @04:26AM (#49889539)

      But isn't it reassuring that the first thing stopping them doing surveillance that comes to Sir Bernard's mind is the lack of resources? Not things like legality or moral justification?

      Lack of money; the police's new moral compass.

      • by Anonymous Coward

        The underlying problem is this: The police HAS to use all available tools, unless these tools are declared illegal.

        Why?
        Because if they don't and some criminal gets away, then they have to answer some tough questions.

        So the only solution is to declare all this mass surveillance illegal. Which is exactly what our Leaders will never do.

  • by Anonymous Coward

    Categorizing people by various political and ideological inclinations, fapping, gathering "leverage", fapping, obtaining various bits of time and location data to avoid being caught in a web of lies by physical impossibilities when planting evidence to dispose of people "legally", fapping, enhancing and increasing their collections of various phone or IM sex, fapping, revelling in the very fact that they hold such unaccountable power over the worthless rabble they use it on, and general acts of genital self

  • Thanks Sir (Score:4, Interesting)

    by Demonoid-Penguin ( 1669014 ) on Thursday June 11, 2015 @02:44AM (#49889207) Homepage

    "If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible.”

    I'm confused. 20 Stringrays in the U.K. And no one should worry because the Chief of Metropolitan Police says they don't have the resources to do as much intrusion as "they" worry about. If that's right - how much less intrusion? Is that because of the 20% budget cuts - or because his area of command is not the entire U.K. (London only, excluding The City of London)? Or maybe because the Metropolitian Police don't have primary access to the Stingray traffic? Is that because the story is wrong - or is one of those Stingrays in The City of London? Is this just bullshit or maybe a ploy to increase funding so that the level of intrusion is something to worry about e.g. if it weren't for the budget cuts he could implement his plan for "total war on crime" and "total policing".

    Given the past accuracy [wikipedia.org] of some of the statements from his office I'm still cynical.

  • It used to be said that 'when America [meaning USA, sorry] sneezes the UK catches cold'. So, as a Londoner, I'm not at all surprised. Probably some of this data [because it's not information] is being 'exported' too, the data version of special rendition.

    At the moment our 'imports' are TTIP, private healthcare, GMO crops, US banks, mall-shopping as an activity, cops as thugs, empty celebrity culture, reality TV, US payday lenders [quickquid, for example, is US owned] gangster rap and US style gangs etc.
  • Possible! (Score:5, Interesting)

    by thegarbz ( 1787294 ) on Thursday June 11, 2015 @02:55AM (#49889257)

    If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible.

    Based on the fact that there are 20 operating Stingrays I would say that not only is it possible, but you have actually put your resources to good use doing exactly as much intrusion as we're worrying about.

    • Yea this totally proves it's not only possible, they've been doing it for years!
  • by Roodvlees ( 2742853 ) on Thursday June 11, 2015 @03:12AM (#49889299)
    They probably don't really know. It's probably anyone in the UK or US with a security clearance or who works on the system as an engineer. And what they are doing with it? Who knows? It certainly seems like the politicians don't care, they only care about fake protections against terrorism.
  • Translation (Score:4, Insightful)

    by tinkerton ( 199273 ) on Thursday June 11, 2015 @03:20AM (#49889331)

    Met Commissioner Sir Bernard Hogan-Howe said: "If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible.”

    In other words, "
    If people think we're trying to screw them as much as possible with the limited resources we have, I would reassure them we are."

  • Wrong authority (Score:4, Informative)

    by johnjones ( 14274 ) on Thursday June 11, 2015 @03:31AM (#49889355) Homepage Journal

    The metropolitan police are not responsible for GSM interference

    Doing so legally they would be run by Government Communications Headquarters ( GCHQ)
    It matters not most UK communications are intercepted quite legally by the NSA and shared back to UK.

    They are most likely test towers or towers created by individuals illegally

    The British have always allowed intercepts legally

    Regards

    John Jones

    • by Anonymous Coward

      The article MENTIONS THAT THE MET BOUGHT STINGRAYS, so we know who uses them.

      Whether its legal or not, well UK is a joke when it comes to privacy protection and MET is at the forefront of pushing the boundary beyond even that the law, so who knows.

      What we know is they're not confident its legal enough to explain to Joe public (and Judge Public) why they're using them and under what legal circumstances. His excuse is rubbish, explaining in vague terms the legal use so be what the public law does. Most likely

      • ok I'll bite...

        the report states :
        "Scotland Yard was said to have bought some of the IMSI towers in 2009 and began using them last November, according to reports"

        If thats a journalist ever hedging their bets... I believe they are there is no proof at all and no statement within the article that the met are doing anything as low sophistication as "stingrays"

        There is absolutely no reason for the force such as the metropolitan police to use or invest in such equipment when all data collation is done by

    • by coofercat ( 719737 ) on Thursday June 11, 2015 @07:01AM (#49889937) Homepage Journal

      Hmm... test towers...?

      I use Llama to turn on my phone's wifi when I get near home. I live in a village, so I would assume there can't be more than a handful of cell towers in range of my house. The thing is, I have found I'd get home and my wifi wasn't on, so I get Llama to 'learn' the area, and all is well again until the next time. I think I got to 23 cell IDs before I cleared them all and then started from scratch. Over a period of a few months, I've got 22 in there right now.

      One thing Llama doesn't do is tell you when a cell ID was last seen - but in the absence of better information, does anyone know what could be going on here?

      • the cell towers that you connect to depending on the connection type can be "named" differently and in a rural setting you may well see many attempts to connect to geographically far away towers by several providers

        you would need to understand the carrier and software sorry I have no clue to what Llama software is and google is not much help, either way invest in a software defined radio to easily and cheaply scan your environment

        regards

        John Jones

  • Let me guess... (Score:5, Insightful)

    by fuzzyfuzzyfungus ( 1223518 ) on Thursday June 11, 2015 @03:33AM (#49889361) Journal
    I'm assuming that their ever-so-coy stance on whether or not the stingrays are their stingrays would evaporate rather quickly if somebody were to climb up, cut one down, and make off with it...

    Feds have this funny habit of suddenly getting really possessive of things that previously didn't exist if you start touching them.
  • Democratic institutions are still in place but freedoms are constantly shrinking
  • by Anonymous Coward

    So uproot and walk away with them. If the police don't want to tell you who owns them, I guess you own them now.

    Who knows, perhaps they're worth a bit on eBay.

    AC

  • by Anonymous Coward

    All we have for evidence is the word of a for-profit company and a 50MB RTF log file of meaningless crap, no GPS locations, no photos, nothing.
    its trivial to triangulate the location of them yet out of 20 "detections" no physical devices or their locations have been found.

  • by auric_dude ( 610172 ) on Thursday June 11, 2015 @05:46AM (#49889699)
    “A Question of Trust”, the report of my Investigatory Powers Review under DRIPA 2014 s7, was laid before Parliament today. It is available here in print and web accessible versions, together with the accompanying press release and (so far as the authors were willing for it to be published) the evidence submitted to the Review in writing. https://terrorismlegislationre... [independent.gov.uk] which may be of interest to some who are viewing this thread.
  • by Anonymous Coward

    Obviously since no one is admitting to setting them up, they must have spontaneously formed from the ether, and are fair game for whomever reaches them first.

    Here's the public's chance to get a free Stingray. Just find, or make, a way to track them, and once you reach them they are all yours.

  • Criminal towers? (Score:5, Insightful)

    by hairykrishna ( 740240 ) on Thursday June 11, 2015 @05:57AM (#49889721)

    It was publicly demonstrated not long ago that it's possible to listen into a given persons GSM calls relatively easily with cheap, consumer grade, equipment. If there's a bunch of these impostor towers knocking about and the police's position is that it's not them using them then I'd quite like them to be making an effort to find out who they do belong to ASAP. Shrugging and saying “we don't have the resources to bother tapping your phones” is not an acceptable response even if it's true.

    • by Bruce66423 ( 1678196 ) on Thursday June 11, 2015 @06:31AM (#49889801)
      Given that there is a defence to a charge of criminal damage of preventing a crime - as demonstrated in the damage done to some jets on their way to an oppressive regime, break one and see who complains. The TLA that emerges will be upset, whilst the defence you proffer will force a discussion of their actual use in a court

      Rather you than me...
  • Tear them down!
  • All the more reason that end-to-end encryption should be used for cell phones. Blackberry got this right on their [initial] messaging implementation. I'm guessing Uncle Sam would fight this to the death...
  • Where are the apps (Score:3, Interesting)

    by HiThereImBob ( 3935253 ) on Thursday June 11, 2015 @08:26AM (#49890571)

    What surprises me most is that we haven't seen a comprehensive software solution for this yet. Sure, i've seen an implementation or two that only work on specific chipsets with Android, but where is the app that detects these stingrays, notifies all users in the area then triangulates the devices position and tracks it's movements using crowdsourced data? Maybe even an option to shutoff your phones radio or broadcast nonsense identification until it's gone.

    It seems to me that if turning one of these on aways resulted in nearly instant identification of the vehicle carrying it, this nonsense would end pretty quick.

  • Lots of philosophical masturbation going on over this. Anyone bother to notice the election results? The people over there want this stuff and are more concerned about closing the border.

  • "If people imagine that we’ve got the resources to do as much intrusion as they worry about, I would reassure them that it’s impossible.”

    Basically this is dancing around actually answering "Is your department doing this?" and "Do you know who is setting these up?"

  • As far as I've heard, in the US Stingrays are used selectively in a given area from mobile platforms for brief periods. From the details in this story, it sounds like they're at fixed locations, which says to me that they're intended as a tool of constant and permanent surveillance. Since the legit tower IDs for an area are known, it should be a straightforward matter to build hardware (or maybe just run an app in a phone) that detects when a Stingray -- which will present an anomalous ID -- is operating an
  • ... how paranoid the FBI was over the possible release of information regarding Stingray capabilities was. But the British made no point of saying, "Only metadata." These things can listen to your calls and SMS messages.

    On a related note, the British press is also pointing out how easily this equipment can make it onto the gray market and into the hands of criminal organizations. At least the Brits are being honest.

    Frankly, some of what we need to do is intrusive, it is uncomfortable, and the important thing is we set that out openly and recognise there are difficult choices to be made.

    But at least they get to debate those choices, rather than have law enforcement lie to the

  • Have you considered the possibility that this could be a private network for law enforcement(people who think of the children and care about us, those) to use for riot control/panics(situations when other towers are DoSed because of the sheer number of people connecting to them)?
    I mean, In some countries, they have their own roads, their own phone models, their own whatever...

"Why should we subsidize intellectual curiosity?" -Ronald Reagan

Working...