The FBI's Stingray Secrecy May Be Aimed At Preventing Law Enforcement From Overusing A Key 'Exploit'

from the running-the-wheels-off-a-Stingray dept

An interesting angle on the FBI's Stingray secrecy has emerged from -- of all places -- a Princeton gathering of cryptographers that included Edward Snowden via his "Snobot."

Generally speaking, the FBI is a very secretive agency, as can be readily gleaned from its tendency to answer FOIA requests with page after page of fully-redacted documents. That it has managed to rope so many law enforcement agencies -- including prosecutors and states' attorneys' offices -- into highly-restrictive non-disclosure agreements is somewhat of a surprise, considering its position as a partner in law enforcement, rather than an overseer of local agencies like the DOJ.

These NDAs keep almost all information about Stingray device usage out of our nation's courts. The desire to protect these specifics is all-encompassing, resulting in prosecutors and police departments cutting suspects loose (including those who have already pled guilty) rather than allowing information to make its way into the public domain.

But there could be more to it than just a naturally-secretive agency being secretive. It may be that it fears law enforcement agencies -- if left to their own devices -- will destroy the effectiveness of IMSI catchers by deploying the devices too often and with too little care.

In a discussion about the NSA's use of exploits, the following observations were made.

FBI operations can be opaque because of the care they take with parallel construction; the Lavabit case was maybe an example. It could have been easy to steal the key, but then how would the intercepted content have been used in court? In practice, there are tons of convictions made on the basis of cargo manifests, travel plans, calendars and other such plaintext data about which a suitable story can be told. The FBI considers it to be good practice to just grab all traffic data and memorialise it forever.

The NSA is even more cautious than the FBI, and won’t use top exploits against clueful targets unless it really matters. Intelligence services are at least aware of the risk of losing a capability, unlike vanilla law enforcement, who once they have a tool will use it against absolutely everybody.
IMSI catchers are "top exploits." While there's plenty of information out there on its capabilities, very little of it has been confirmed by the FBI or other law enforcement agencies. What makes the "exploit" better is that almost every deployment has been successfully hidden… from everyone. Parallel construction, abuse of pen register orders, dismissal of cases -- all of it works together to keep actual usage details out of the public's hands.

Because of this, there's very little anyone can do to avoid being swept up by Stingray devices other than avoid using cell phones. Most criminal enterprises require communication and cell phones are the cheapiest, easiest way to maintain contact. While spoofers can be sussed out with tools and apps, it requires the sort of proactive effort that often isn't present -- or practical -- in many criminal ventures. Yeah, you can sweep a hotel room for bugs, but you can't stop anyone from parking nearby and hoovering up call data and communications.

If this assessment is accurate, the FBI may be applying this intense pressure simply to prevent "vanilla" law enforcement agencies from using Stingrays as often and as carelessly as possible. Every deployment increases the risk of exposure. Tying cop shops up in NDA strings keeps dissemination to a minimum and encourages at least some form of risk analysis before deployment. It's the FBI saving law enforcement agencies from themselves, and protecting itself and its tool of choice at the same time.

[Or not. The Baltimore PD deploys its Stingrays around 600 times a year, so there are exceptions to this theory… or some agencies simply just don't care whether the effectiveness of this "exploit" suffers from diminishing returns.

And definitely click through to read the entire piece by Ross Anderson. It also discusses how intelligence agencies work around crypto they can't crack -- very germane to the discussion of the FBI's current decrypt-or-else complaints.]

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: enforcement, fbi, imsi catcher, law enforcement, overuse, secrecy, stingray, transparency


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Blackfiredragon13 (profile), 7 May 2015 @ 3:06pm

    How com

    reply to this | link to this | view in chronology ]

  • identicon
    avideogameplayer, 7 May 2015 @ 3:10pm

    They realize that sooner or later, the information is gonna be put out there...either by another Snowden or at a trial...

    reply to this | link to this | view in chronology ]

  • identicon
    AnonCow, 7 May 2015 @ 3:21pm

    I think that Feds are worried that the Barney Fifes will use the Stingray data openly in court without parallel construction and this evidence will start to get thrown out by lower courts and then slowly work its way up on appeals until Stingray usage is crippled by a growing body of case law that limits or blocks its usage.

    reply to this | link to this | view in chronology ]

  • identicon
    justme, 7 May 2015 @ 3:53pm

    B.S.

    The way they are currently using them doesn't meet Fourth Amendment requirement's. So every possible tactic, including dropping cases, is used to ensure no court is ever in a position to rule on it!

    reply to this | link to this | view in chronology ]

  • icon
    DV Henkel-Wallace (profile), 7 May 2015 @ 8:04pm

    Antibiotics

    It's like antibiotics: overuse breeds immunity.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 May 2015 @ 12:22am

    I still think the NDA is there because the FBI knows Stingray's sucking up everyone's information in a square mile radius constitutes the equivalent of a general warrant. The FBI will do everything in it's power to prevent granting a defendant 'standing' and allowing a constitutional challenge against Stingray usage.

    It's game over for the FBI's unconstitutional and lawless behavior if a defendant has standing and brings a constitutional case against Stingrays. The FBI's top lawyers must feel the same way, thus the NDA.

    I also believe Stingrays allow law enforcement to plant malware on the cellphone of any target of their choosing. Especially if they're flying Stingray equipped UAV drones over people's houses and have everyone's SIM card keys in their possession. Which we know they do thanks to the Intercept's "Great SIM Heist" news story.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 May 2015 @ 7:47am

    The paranoid little man yelling inside my head tells me the government doesn't want general knowledge of stingrays to be known because of their military capabilities - intercepting and blocking cell phone signals, in particular their use as IED triggers. They're using these things against the general population; it's like using a tank to put down a rowdy gathering. Oh wait, they do that too...

    I don't often listen to the voices in my head. but the little fuckers have been right too often lately.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 8 May 2015 @ 10:58am

    why does Tim and others at TD seam so clueless when they write about stingrays? Dig deeper- the info is public knowledge; and yet TD still treats the 'official story' like it might have merit. IMSI catching isn't an exploit- it's a standard basband function- so is dumping (uploading) and changing specified sections of RAM- with no interaction with/from the OS... You want exploit potential, think about what can be done with that.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 8 May 2015 @ 11:53am

    Cell phone monitoring is defeated by the same communications obfuscation tactics that have been in use for decades.

    Someone in the FBI needs to read up on The Pizza Connection. E.g. you run your illicit business correspondence through the same channel as a legitimate business, and use code that sounds a lot like that business.

    The tactic was used in Harris' Hannibal. C'mon, guys! This is old news!

    Or maybe they just enjoy snooping on ordinary citizens doing ordinary things.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 8 May 2015 @ 5:12pm

    The obvious point

    If a technology is so secretive that you have to distort the justice system so you can employ it without disclosure, then you should not be employing it.

    This stuff used to be called "common sense".

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.