Law Enforcement Agencies Scramble For Pricey Cell Tower Spoofer Upgrades As Older Networks Are Shut Down

from the losing-the-tech-arms-race-to-slow-moving-service-providers dept

The surveillance device that dare not speak its name (thanks, FBI!) is on its last legs… or at least one version is. Cyrus Farivar at Ars Technica reports that law enforcement agencies are moving quickly to avoid being locked out of the cell tower spoofing racket.
Documents released last week by the City of Oakland reveal that it is one of a handful of American jurisdictions attempting to upgrade an existing cellular surveillance system, commonly known as a stingray.

The Oakland Police Department, the nearby Fremont Police Department, and the Alameda County District Attorney jointly applied for a grant from the Department of Homeland Security to "obtain a state-of-the-art cell phone tracking system," the records show.
The Stingray is Harris Corporation's most infamous product. But the original version has its limitations. While the nation's cell phone carriers have largely moved on to 3G/4G networks, Stingray devices without optional upgrades haven't. All they can access is 2G, the default connection when nothing better is available. Those looking to capture cell activity on 3G and 4G networks will need to purchase Harris' "Hailstorm" upgrade… which also means they'll need to start generating paperwork and asking federal and local governments for funds. The problem with these actions is that they have the tendency to expose those in need of new capabilities.
Other locales known to be in the process of related federally-funded upgrades include Tacoma, Wash.; Baltimore, Md.; Chesterfield, Va.; Sunrise, Fla.; and Oakland County, Mich. There are likely many more, but such purchases are often shrouded in secrecy.
FOIA requests have turned up some information, but much of it is redacted and many more requests have been refused or ignored. With the federal government itself instructing local law enforcement to cover up its acquisition and use of tower spoofers, the FOIA process becomes even more of an uphill battle.

Law enforcement can't be happy to see 2G networks being switched off. When you're in the untargeted dragnet business, 2G is a willing supplier of "business records."
2G networks are notoriously insecure. Handsets operating on 2G will readily accept communication from another device purporting to be a valid cell tower, like a stingray. So the stingray takes advantage of this feature by jamming the 3G and 4G signals, forcing the phone to use a 2G signal.
What's considered a criminal act when performed by a civilian is just SOP for law enforcement. The same can be said for the fake sworn documents (warrant requests, subpoenas) obtained to cover the use of these devices. The manufacturer with the most devices in use is no better than the agencies it sells to. When approached about this scramble for upgrades, Harris Corporation borrowed the NSA's Glomar.
"We do not comment on solutions we may or may not provide to classified Department of Defense or law enforcement agencies," Jim Burke, a spokesman for Harris, told Ars.
The timeline for 2G shutoff is still vague. Verizon says "by the end of the decade." AT&T says 2017. So there's still some time for law enforcement agencies to avoid being bypassed by the slow rollout of network upgrades. But between now and then, these agencies need to put together nearly $500,000 just to stay current. And as usual, as much as possible about the process will be obscured, because otherwise the terrorists criminals win.
"Once that's disclosed then the targets of the technology will know how to avoid it," [Alameda County Assistant DA Michael] O’Connor, the assistant district attorney, told Ars. "Once the bad guys understand how to beat it then they will."
It seems like all the bad guys would need to know is that the technology exists and is being used and just stay off their cell phones. But in this day and age, being completely unconnected while away from home is untenable, if not nearly impossible. Communication is key in criminal enterprises, and the steady disappearance of pay phones doesn't leave them with many options. O'Connor completely overstates the "exposure" danger and follows it up with this:
"It can't easily be resolved—the public's right to know, the Fourth Amendment rights of people who might be subject to this kind of analysis and the needs of law enforcement to keep sources confidential especially in a day and age when the bad guys have acquired considerable technology that is turned against good guys."
One: if it can't "easily be resolved," why not err on the Fourth Amendment/public knowledge side, rather than on the cop side? Two: the bad guys' "considerable technology" isn't lapping law enforcement's. This ridiculous claim has been used as justification for warrantless cell phone searches, and it failed to move the Supreme Court justices. Pushing this narrative now just makes the pusher look like the sort of credulous rube who would put together a Powerpoint presentation on food-trucks-as-terrorist-vehicles.

The bright side here is that more paperwork is being generated… which eventually means more of the public will know their local law enforcement is scooping up their location/connection info (most likely without a warrant) at any given time and is not above killing their network to do it.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: 2g, 3g, hailstorm, law enforcement, non-disclosure agreements, police, privacy, spoofing, stingray, tower spoofing
Companies: harris corp.

Reader Comments

Subscribe: RSS

View by: Time | Thread

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)


Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.