edit: if you've ever spent some time sitting on a plane (non domestic) and your phone was on during the time-window when boarding is ongoing and just before the aircraft taxis to the runway, then there is a very good chance that you've connected to one of these before. It's a way to match known cell numbers of individuals where an arrest warrant has been issued (or otherwise individuals that are monitored) against actual passengers phones (who might be traveling with a fake ID). If somebody on your flight was ever lifted off the plane by LEA (but obviously has made it through security into the plane) they are very likely the target of such a dirtbox intercept.
Just anecdotal evidence, however, while I almost never got false positive alerts from this app (once at the arrival of an international flight), the one time it triggered a notification, it was in a highly probable situation.
Communication between our devices and these base stations being so opaque (closed-source baseband processors/OS not helping there) and sensible, I'm glad these projects exist and I just installed this one, blaming myself for not doing so earlier.
It will reveal a catcher nearby if you are already familiar with the local area.
Of course, it will only be a matter of time before the stingray-users figure out how to fool them...
Still, some 'other' interested parties that have reasons not to use the standardised interfaces.
For 5G at lot of additional security measures CAN be enabled, but you can guess who started to complain about that.
The bigger and more important issues are that (a) our police forces are becoming more militaristic and are acting more like invading armies without themselves conforming to the law not to mention the fact that they are also acting underhandedly and by stealth (which leads the citizenry to distrust them), and (b) the issue of citizens' right to privacy has not been properly or adequately addressed by legislators.
The fact that our governments have precious little oversight of and exercise even less control over their various agencies is also of great concern.
"An international mobile subscriber identity-catcher, or IMSI-catcher, is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users."
Not that it's not still egregious but it's described in this thread as an "eavesdropping" device so it would be helpful if we could be explicit.
If my supposition above is accurate then the rationale is likely the fact that you are traveling in public is not considered protected against unreasonable search.
Besides that, this way doesn't need any soldering, which is nice.
A 12 V lead acid battery ranges from around 12.7 volts when fully charged down to around 12.2 at 50% (the minimum recommended charge level for typical car batteries). When starting the car, the voltage will drop below that. When the alternator is running to charge the battery it is around 14 V.
Is there any regulation or filtering on the 12 V ports on cars, or do devices plugged into them see it all--the alternator voltage when it is running, a big drop when starting, and 12.7-12.7 at other times?
You will probably find a lot, but mostly from SMS spammers
https://m.alibaba.com/product/1600220614935/detail.html
IMSI catchers are pretty much freely available for everybody to use, and now closing on becoming tiny, and portable: https://m.alibaba.com/product/1600226966011/detail.html
P.S. The company has quite an interesting list of buyers: https://www.exporthub.com/shenzhen-thinkwell-digital-co-ltd-... . Including one "eternal friend" of US who has recently been caught red handed stingraying the state department, and the whitehouse.
Link is to a motorcycle mp3 player. What am I missing?
Telit GT-864 QUAD/PY GSM modem $65
External antenna $25
Raspberry Pi 2B+2 $35
GPS (GlobalSat BU-353) $30
Bait Phone (Motorola Moto-G 4G LTE) $95
4G Hotspot (ZTE Z917) + 3 month plan $100
DC/AC inverter $26
Powered USB Hub $17
Pi accessories $15
SD Card (32 GB) $17
Modem accessories $30
Cables $35
Box $12
Total $502
https://seaglass-web.s3.amazonaws.com/SeaGlass___PETS_2017.p...
Glad things like these are being done
EDIT: This should have a 2017 tag, as the code is 4 years old and I assume the same is true for the website.
We used to build them for fun (no profit) many moons ago.
Basically what you do is place a couple of (1, 2 or whatever) sensors (we used to use these Motorola C123 with osmocom) and just keep taps on signal strength and antenna ID over time, and inspect changes.
" > Mobile network operators must ensure security authorities can use IMSI Catchers without the end user becoming aware of this. According to the TKG-E, mobile operators must continue to allow IMSI catchers in accordance with statutory investigative measures. Until now, it's unnecessary for operators to act so that members of the Security authorities can use IMSI-Catchers, as they "simply" pretend to be a base station. In new mobile networks, devices brought into the network must be actively "accepted" by the network and otherwise cannot be used. As a result, it will no longer be possible to insert IMSI catchers of "previous design" into the new networks. We acknowledge that in the future unauthorised persons, such as foreign intelligence services can no longer use them. At the same time, it will no longer be possible for German security authorities to use an IMSI catcher without the cooperation of the mobile operator. The necessary regulations for the participation of the mobile operator are already included in the draft TKG, but the necessary addition is missing that the introduction of an IMSI catcher by security authorities may not be known to the end user."
Most people will think this is a fringe scenario which will never affect them. But they are very common in international airports:
> At Trudeau airport, Radio-Canada detected the catcher's presence through the use of a CryptoPhone — a cellphone look-alike that emits red alerts when a fake antenna tries to catch its signal. Several red alerts were received, throughout the afternoon and early evening, in the section of the airport for U.S. departures.
https://www.cbc.ca/news/canada/montreal/trudeau-airport-spyi...
> For two months last year, researchers at the University of Washington paid drivers of an unidentified ridesharing service to keep custom-made sensors in the trunks of their cars, converting those vehicles into mobile cellular data collectors. They used the results to map out practically every cell tower in the cities of Seattle and Milwaukee—along with at least two anomalous transmitters they believe were likely stingrays, located at the Seattle office of the US Customs and Immigration Service, and the Seattle-Tacoma Airport.
https://www.wired.com/2017/06/researchers-use-rideshares-sni...
> The devices are operated out of at least five U.S. airports, "covering most of the U.S. population". It is unclear whether the U.S. Marshals Service requests court orders to use the devices.
source: https://en.wikipedia.org/wiki/Dirtbox_(cell_phone)
For a "modern" take on this subject (info relevant to 3G is outdated unless they do a downgrade attack on you first), see this article and the linked videos that go into the issues LEO face with 4G/5G and the "crocodile hunter" software that is an EFF project to identify them: https://www.pcmag.com/news/police-spying-on-your-phone-ask-c...
