The FBI's Stingray Secrecy May Be Aimed At Preventing Law Enforcement From Overusing A Key 'Exploit'

from the running-the-wheels-off-a-Stingray dept

An interesting angle on the FBI’s Stingray secrecy has emerged from — of all places — a Princeton gathering of cryptographers that included Edward Snowden via his “Snobot.”

Generally speaking, the FBI is a very secretive agency, as can be readily gleaned from its tendency to answer FOIA requests with page after page of fully-redacted documents. That it has managed to rope so many law enforcement agencies — including prosecutors and states’ attorneys’ offices — into highly-restrictive non-disclosure agreements is somewhat of a surprise, considering its position as a partner in law enforcement, rather than an overseer of local agencies like the DOJ.

These NDAs keep almost all information about Stingray device usage out of our nation’s courts. The desire to protect these specifics is all-encompassing, resulting in prosecutors and police departments cutting suspects loose (including those who have already pled guilty) rather than allowing information to make its way into the public domain.

But there could be more to it than just a naturally-secretive agency being secretive. It may be that it fears law enforcement agencies — if left to their own devices — will destroy the effectiveness of IMSI catchers by deploying the devices too often and with too little care.

In a discussion about the NSA’s use of exploits, the following observations were made.

FBI operations can be opaque because of the care they take with parallel construction; the Lavabit case was maybe an example. It could have been easy to steal the key, but then how would the intercepted content have been used in court? In practice, there are tons of convictions made on the basis of cargo manifests, travel plans, calendars and other such plaintext data about which a suitable story can be told. The FBI considers it to be good practice to just grab all traffic data and memorialise it forever.

The NSA is even more cautious than the FBI, and won’t use top exploits against clueful targets unless it really matters. Intelligence services are at least aware of the risk of losing a capability, unlike vanilla law enforcement, who once they have a tool will use it against absolutely everybody.

IMSI catchers are “top exploits.” While there’s plenty of information out there on its capabilities, very little of it has been confirmed by the FBI or other law enforcement agencies. What makes the “exploit” better is that almost every deployment has been successfully hidden… from everyone. Parallel construction, abuse of pen register orders, dismissal of cases — all of it works together to keep actual usage details out of the public’s hands.

Because of this, there’s very little anyone can do to avoid being swept up by Stingray devices other than avoid using cell phones. Most criminal enterprises require communication and cell phones are the cheapiest, easiest way to maintain contact. While spoofers can be sussed out with tools and apps, it requires the sort of proactive effort that often isn’t present — or practical — in many criminal ventures. Yeah, you can sweep a hotel room for bugs, but you can’t stop anyone from parking nearby and hoovering up call data and communications.

If this assessment is accurate, the FBI may be applying this intense pressure simply to prevent “vanilla” law enforcement agencies from using Stingrays as often and as carelessly as possible. Every deployment increases the risk of exposure. Tying cop shops up in NDA strings keeps dissemination to a minimum and encourages at least some form of risk analysis before deployment. It’s the FBI saving law enforcement agencies from themselves, and protecting itself and its tool of choice at the same time.

[Or not. The Baltimore PD deploys its Stingrays around 600 times a year, so there are exceptions to this theory… or some agencies simply just don’t care whether the effectiveness of this “exploit” suffers from diminishing returns.

And definitely click through to read the entire piece by Ross Anderson. It also discusses how intelligence agencies work around crypto they can’t crack — very germane to the discussion of the FBI’s current decrypt-or-else complaints.]

Filed Under: , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The FBI's Stingray Secrecy May Be Aimed At Preventing Law Enforcement From Overusing A Key 'Exploit'”

Subscribe: RSS Leave a comment
AnonCow says:

I think that Feds are worried that the Barney Fifes will use the Stingray data openly in court without parallel construction and this evidence will start to get thrown out by lower courts and then slowly work its way up on appeals until Stingray usage is crippled by a growing body of case law that limits or blocks its usage.

Anonymous Coward says:

I still think the NDA is there because the FBI knows Stingray’s sucking up everyone’s information in a square mile radius constitutes the equivalent of a general warrant. The FBI will do everything in it’s power to prevent granting a defendant ‘standing’ and allowing a constitutional challenge against Stingray usage.

It’s game over for the FBI’s unconstitutional and lawless behavior if a defendant has standing and brings a constitutional case against Stingrays. The FBI’s top lawyers must feel the same way, thus the NDA.

I also believe Stingrays allow law enforcement to plant malware on the cellphone of any target of their choosing. Especially if they’re flying Stingray equipped UAV drones over people’s houses and have everyone’s SIM card keys in their possession. Which we know they do thanks to the Intercept’s “Great SIM Heist” news story.

Anonymous Coward says:

The paranoid little man yelling inside my head tells me the government doesn’t want general knowledge of stingrays to be known because of their military capabilities – intercepting and blocking cell phone signals, in particular their use as IED triggers. They’re using these things against the general population; it’s like using a tank to put down a rowdy gathering. Oh wait, they do that too…

I don’t often listen to the voices in my head. but the little fuckers have been right too often lately.

Anonymous Coward says:

why does Tim and others at TD seam so clueless when they write about stingrays? Dig deeper- the info is public knowledge; and yet TD still treats the ‘official story’ like it might have merit. IMSI catching isn’t an exploit- it’s a standard basband function- so is dumping (uploading) and changing specified sections of RAM- with no interaction with/from the OS… You want exploit potential, think about what can be done with that.

Uriel-238 (profile) says:

Cell phone monitoring is defeated by the same communications obfuscation tactics that have been in use for decades.

Someone in the FBI needs to read up on The Pizza Connection. E.g. you run your illicit business correspondence through the same channel as a legitimate business, and use code that sounds a lot like that business.

The tactic was used in Harris’ Hannibal. C’mon, guys! This is old news!

Or maybe they just enjoy snooping on ordinary citizens doing ordinary things.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...