Categories
Commentary COVID-19 and Digital Rights Intelwars mobile devices privacy

Exposure Notification Technology is Ready for Its Closeup

Since this COVID-19 crisis began people have looked to technology to assist in contact tracing and notification. Technology will never be a silver bullet to solve a deeply human crisis, even if it might assist. No app will work absent widespread testing with human follow up. Smartphones are not in the hands of everyone, so app-based COVID-19 assistance can reinforce or exacerbate existing social inequalities. 

De-centralized Bluetooth proximity tracking is the most promising approach so far to automated COVID-19 exposure notification. Most prominently, back in April, Apple and Google unveiled a Bluetooth exposure notification API for detecting whether you were in proximity to someone with COVID-19, and sending you a notice.  

Over the last month, we have seen a number of contact tracing and exposure notification apps released, including several from public health authorities using the Google-Apple Exposure Notification (GAEN) Bluetooth proximity technology. These include North Dakota Care19Wyoming Care19 Alert, Alabama Guidesafe, and Nevada COVID Trace. Some, like Canada’s Covid Alert and Virginia Covidwise, have gotten good reviews for privacy and security.

Other new apps are more concerning. Albion College required students to download and install a private party tracking app called Aura, which uses GPS location data and had security flawsCitizen, a very popular safety alert app, has added a Bluetooth-based SafePath technology. Since Citizen itself uses GPS, this raises the risk of connecting the location data to the COVID-19 data. To mitigate this concern on iOS, one has to use an add-on app, SafeTrace, which will separate the GPS used by Citizen and the bluetooth data from SafeTrace, but the technology is integrated in Android. 

Ultimately, many people may end up participating without choosing an app. Last week, Apple rolled out iOS 13.7 which allows users to choose to participate in the Apple-Google Bluetooth exposure notification system without an app, via Exposure Notifications Express (ESE). Google will be implementing a similar technology in Android 6.0 later this month, creating an auto-generated app for the local public health authority.  Independent apps will still be allowed to use the GAEN system, but the easy path for most smartphone users will be to the Apple-Google ESE system.

Whether considering a new app or the app-less system, we must not lose sight of the challenges of proximity apps, and be sure they are safe, secure and respect fundamental human rights. In summary, consent is critical, no one should be forced to use the app, and users should be able to opt-in and opt-out as needed. Strong privacy and security safeguards are also necessary. Fear of disclosure of your proximity or, worse, your location data, could harm effectiveness (insufficient adoption) and chill expressive activity. All exposure notification technologies need rigorous security testing and data minimization.

Share
Categories
all communications Coronavirus COVID-19 Future of Privacy Forum Government Headline News Intelwars locations mass surveillance mobile devices Monitored plandemic public restrictions scamdemic Smartphones spyin traced tracked

How Government Entities Use Geolocation Data To Identify Everyone

This article was originally published by Mass Private I at Activist Post

An infographic from the Future of Privacy Forum describes how mobile devices such as smartphones interpret signals from their surroundings – including GPS satellites, cell towers, Wi-Fi networks, and Bluetooth – generate a precise location measurement (latitude and longitude).

Bill Gates & Congressman Negotiated “Tracing Deal” BEFORE COVID-19 Panic

This measurement is provided by the mobile operating system to mobile apps through a Location Services API when they request it and receive the user’s permission. As a result, apps must comply with the technical and policy controls set by the mobile operating systems, such as App Store Policies.

The Worst Is Yet to Come: Contact Tracing, Immunity Cards and Mass Testing

Many different entities (including, but not limited to mobile apps) provide location features or use location data for a variety of other purposes. Different entities are subject to different restrictions, such as public commitments, privacy policies, contracts and licensing agreements, user controls, app store policies, and sector-specific laws (such as telecommunications laws for mobile carriers). In addition, broadly applicable privacy and consumer protection laws will generally apply to all commercial entities, such as the California Consumer Privacy Act, or the Federal Trade Commission Act.

LOCATION TARGETING: Your Phone Apps Are Tracking Every Step You Take and Every Stop You Make (And Then Selling It)

Share
Categories
Cell Tracking Intelwars mobile devices Technical Analysis

A Quick and Dirty Guide to Cell Phone Surveillance at Protests

As uprisings over police brutality and institutionalized racism have swept over the country, many people are facing the full might of law enforcement weaponry and surveillance for the first time. Whenever protesters, cell phones, and police are in the same place, protesters should worry about cell phone surveillance. Often, security practitioners or other protesters respond to that worry with advice about the use of cell-site simulators (also known as a CSS, IMSI catcher, Stingray, Dirtbox, Hailstorm, fake base station, or Crossbow) by local law enforcement. But often this advice is misguided or rooted in a fundamental lack of understanding of what a cell-site simulator is, what it does, and how often they are used.

While it is possible that cell-site simulators are being or have been used at protests, that shouldn’t stop people from voicing their dissent. With a few easy precautions by protesters, the worst abuses of these tools can be mitigated.

The bottom line is this: there is very little concrete evidence of cell site simulators being used against protesters in the U.S. The threat of cell site simulators should not stop activists from voicing their dissent or using their phones. On the other hand, given that more than 85 local, state, and federal law enforcement agencies around the country have some type of CSS (some of which are used upwards of  1000 times per year), it’s not unreasonable to include cell site simulators in your security plan if you are going to a protest and take some simple steps to protect yourself.

A CSS is a device that mimics a legitimate cellular tower. Police around the world use this technology primarily to locate a phone (and therefore a person) with a high degree of accuracy, or determine who is at a specific location. There have been reports in the past that advanced CSSs can intercept and record contents and metadata of phone calls and text messages using 2G networks, there are no publicly known ways to listen to text messages and calls on 4G networks however. Cell-site simulators can also disrupt cellular service in a specific area. However, it is very hard to confirm conclusively that a government is using a CSS  because many of the observable signs of CSS use—battery drain, service interruption, or network downgrades— can happen for other reasons, such as a malfunctioning cellular network.

For more details on how cell-site simulators work, read our in-depth white paper “Gotta Catch ‘em All.”

Interception of phone calls and text messages is the most scary potential capability of a CSS, but also perhaps the least likely. Content interception is technically unlikely because, as far as we know based on current security research (that is, research around 2G and LTE/4G networks that does not take into account any security flaws or fixes that might occur in the 5G standard), , content interception can only be performed when the target is connected over 2G, rendering it somewhat “noisy” and easy for the user to become aware of content interception also can’t read the contents of encrypted messages such as Signal, Whatsapp, Wire, Telegram, or Keybase. 

Police using a CSS to intercept content is legally unlikely as well because, in general, state and federal wiretap laws prohibit intercepting communications without a warrant. And if police were to get a wiretap order from the court, they could go directly to the phone companies to monitor phone calls, giving them the advantage of not having to be in the physical proximity of the person and the ability to use the evidence gathered in court.

One advantage law enforcement might get from using a CSS for content interception at a protest is being able to effectively wiretap several people without having to know who they are first. This would be advantageous if police didn’t know who was leading the protest beforehand. This type of mass surveillance without a warrant would be illegal. However, police have been known to use CSS without a warrant for tracking down suspects. So far, there is no evidence of police using this type of surveillance at protests.

Locating a specific mobile device (and its owner) is anecdotally the most common use of cell-site simulators by law enforcement, but conversely it may be the least useful at a protest. Locating a specific person is less useful at a protest because the police can usually already see where everyone is using helicopters and other visual surveillance methods. There are some situations, though, where police might want to follow a protester discreetly using a CSS rather than with an in-person team or a helicopter.

If a CSS were to be used at a protest, the most likely use would be determining who is nearby. A law enforcement agency could theoretically gather the IMSI of everyone at a gathering point and send that to the phone company later for user identification to prove that they were at the protest. There are other ways to accomplish this: law enforcement could ask phone companies for a “tower dump” which is a list of every subscriber who was connected to a specific tower at a specific time. However, this would have the disadvantages of being slower, requiring a warrant, and having a wider radius, potentially gathering the IMSIs of many people who aren’t at the protest.

Denial-of-service or signal jamming are additional capabilities of CSS. In fact, it has been admitted by the FBI that CSS can cause signal disruption for people in the area. Unfortunately, for the same reasons it’s hard to detect CSS use, it’s hard to tell how often they are disrupting service either purposefully or accidentally. What looks like signal jamming could also be towers getting overloaded and dropping connections. When you have many people suddenly gathered in one place, it can overload the network with amounts of traffic it wasn’t designed for. 

How to protect yourself from a cell-site simulator 

As noted in our Surveillance Self-Defense guide for protesters, the best way to protect yourself from a cell-site simulator is to put your phone in airplane mode, and disable GPS[2], wifi, and Bluetooth, as well as cellular data. (While GPS is “receive only” and does not leak any location information on its own, many apps track GPS location data, which ends up in databases law enforcement can search later.)

We know that some IMSI catchers can also intercept content, however as far as we know none of them can do this without downgrading your cellular connection to 2G. If you are concerned about protecting your device against this attack, the best thing you can do is use encrypted messaging like Signal or Whatsapp, and put your phone in airplane mode if you see it drop down to 2G. (There are plenty of legitimate reasons your phone might downgrade part of your connection to 2G but better safe than sorry.) However an important part of protests can be streaming/recording and immediately uploading videos of police violence against protestors. This is at odds with the advice of keeping your phone off/in airplane mode. It’s up to you to decide what your priorities at protests are, and know that what’s important for you might not be someone else’s priority.

Unfortunately iOS and Android currently offer no easy ways to force your phone to only use 4G, though this is something the developers could certainly add to their operating systems. If you can turn off 2G on your phone, it is a good precaution to take.

How a cell-site simulator might be detected 

Unfortunately cell site simulators are very difficult to detect. Some of the signs one might interpret as evidence, such as downgrading to 2G or losing your connection to the cell network, are also common signs of an overloaded cell network. There are some apps that claim to be able to detect IMSI catchers, but most of them are either based on outdated information or have so many false positives that they are rendered useless.

One potential way to detect cell-site simulators is to use a software-defined radio to map all of the cellular antennas in your area and then look for antennas that show up and then disappear, move around, show up in two or more places, or are especially powerful. There are several projects that attempt to do this such as “Seaglass” and  “SITCH” for 2G antennas, and EFF’s own “Crocodile Hunter” for 4G antennas.

While it is possible that cell-site simulators are being or have been used at protests, that shouldn’t stop people from voicing their dissent. With a few easy precautions by protesters, the worst abuses of these tools can be mitigated. Nevertheless, we call on lawmakers and people at all levels of the cellular communications industry to take these issues seriously and work toward ending CSS use.

Share