Who is really listening?
September 22, 2014 8:32 AM   Subscribe

An international mobile subscriber identity (IMSI) is a unique number, usually fifteen digits, associated with Global System for Mobile Communications (GSM) and Universal Mobile Telecommunications System (UMTS) network mobile phone users. An IMSI catcher is a device, used by the NSA drone program, the police, criminals, Chinese spammers and spies all around Washington DC and the world to spoof the identity of a GSM cell tower and intercept cellular voice and data communication. They come in all sizes and flavors, from tiny or body-worn professional surveillance devices, to easy to order off the shelf solutions, to Chinese DIY (links in Chinese) and have spawned efforts to retaliate with an IMSI-catcher-catcher. IMSI-catcher technology has become increasingly widespread, with far-reaching constitutional and technical implications.
posted by T.D. Strange (13 comments total) 37 users marked this as a favorite
I have no interest in doing the "give up all technology thing".

On the other hand, the "give up all one-to-one communications that don't use strong, peer-reviewed, open-source encryption end-to-end" thing? Yes, actually, let's go ahead and do that one, for all of the reasons T.D. Strange was so kind as to link to, above.

Even that is a starting point, not a solution in and of itself.

There's a lot of middle ground between "give up all technology" and "pay to wear an electronic dog-leash 24 hours a day". Suggesting that the latter should not be a default setting does not, in fact, mean there are looms someplace I should be smashing.
posted by sourcequench at 9:06 AM on September 22, 2014 [2 favorites]

A well-maintained and peer reviewed VOIP app (not Skype, obviously) with end-to-end encryption would help with the problem of eavesdropping on the conversation itself, unless of course your phone is compromised in some way; e.g. by something tapping into the audio stack.

Privacy about who you called is different problem, as the means by which the peers find each other operates at several different layers and goes through non-private infrastructure. It's a pretty complicated problem.

Location tracking is effectively not thwartable at all the way the technology is currently implemented, except by leaving your phone at home or switched off and carried in a faraday cage sleeve.
posted by George_Spiggott at 9:41 AM on September 22, 2014

A well-maintained and peer reviewed VOIP app (not Skype, obviously) with end-to-end encryption - Here you go.
posted by el io at 12:29 PM on September 22, 2014 [2 favorites]

I didn't know the police were running IMSI catchers at marches and demonstrations (not just riots). That's nice.
posted by yoHighness at 3:41 PM on September 22, 2014

marches and demonstrations (not just riots)

Indistiguishable to cops.
posted by ChurchHatesTucker at 5:32 PM on September 22, 2014

Go to a demonstration. Record the IMSI codes present in the area.
Go to another demonstration and do the same.
Repeat this a few times.
Find the codes that represent phones present at (almost) all the demonstrations. Mark those codes for future reference.

The people carrying those phones are most likely to be the ones organising the demonstrations. You have never scrutinised them directly, but you already know a lot about them. You can pick them for special attention if they are arrested. You can flag them when they go through airports. You can deduce the fact of a political meeting from the close proximity of several marked IMSI codes.

At some point you may wish to present this evidence publicly. A court order will provide you with lawful records of the phones' location and the connections they have made. It would be impossible to trace every phone within range of the same cell towers, but you already know which of those are significant; you request them too. You now have lawfully-obtained surveillance of your suspects, including their movements, calls made, comrades encountered.

Welcome to the panopticon.
posted by Joe in Australia at 6:32 PM on September 22, 2014 [6 favorites]

That's nice totalitarian.

posted by el io at 6:47 PM on September 22, 2014

Oh, no El io, calm down. It's all for the good of the country money.
posted by Goofyy at 7:34 AM on September 23, 2014

People line up around the block every time the next generation of the iDevice comes out. They are eager to purchase a machine designed to keep track of exactly where you are, who you're with and what you're doing at all times.

Maybe Winston Smith wouldn't have minded the telescreen so much if he had been able to play Candy Crush on it.
posted by double block and bleed at 1:49 PM on September 23, 2014

db&b, grab today's WSJ, if you still can. The village is *not* pleased that Apple is adding encryption by default.
posted by ChurchHatesTucker at 5:23 PM on September 23, 2014

Go to cryptoparties if you need help learning about tools like OtR, ZRTP, etc.
posted by jeffburdges at 7:14 PM on September 25, 2014

Stanford Promises Not to Use Google Money for Privacy Research (mashable, propublica, slashdot)
posted by jeffburdges at 7:32 PM on September 25, 2014

« Older The Fake Abortion Clinics of America   |   True Hollywood Story: The Shawshank Redemption Newer »

This thread has been archived and is closed to new comments