There is a lot of information on this page so it can take a little while for all of it to load. Please be patient.
In addition to the concerns about bureaucracy out of control, inexpensive Cell Phone Spyware is available on the internet that makes it possible for anyone to do the same things the government can do. This Cell Phone Spyware allows anyone to have undetectable backdoor access to you or a loved ones GPS location, microphone, camera, text, email, stored information, etc.
We are pretty good at staying on top of things, but If you know of something we don't have listed and you think it should appear here, please contact us and let us know.
In the early morning hours of September 13, 2008, a woman notified the Tallahassee Police Department (TPD) that she had been raped and that her purse, containing her mobile phone, had been stolen. Within 24 hours, the Florida capital’s police had contacted Verizon and obtained real-time ping information, which gave the police a “general area” where they might find the phone and thus, hopefully, the perpetrator of the crime. But that general area still covered plenty of ground—where exactly was the phone?
This newly released transcript (PDF) provides what is likely the first-ever verbatim account of how stingrays are used in actual police operations. And it shows that stingrays are so accurate, they can pinpoint the very room in which a phone is located.
"Every door and every window"
After learning the phone's general location, Tallahassee cops deployed a vehicle-mounted stingray and cruised the streets. Verizon had already provided them with the phone's unique IMSI identifier, which told the stingray exactly which handset to track. (“Stingray” is a trademarked product manufactured by Florida-based Harris Corporation, though it has since come to be used as a generic term, like Xerox or Kleenex.)
Such searches are controversial in part because stingrays necessarily capture data about all other compatible phones nearby. Christopher Corbitt noted that the gear evaluates "all the handsets in the area" as it searches for its target. When in use, stingrays force a connected phone to transmit at full power—depleting a handset’s battery faster than normal.
"We emulate a cellphone tower,” Tallahassee investigator Corbitt told a court during his testimony about the incident. “So just as the phone was registered with the real Verizon tower, we emulate a tower; we force that handset to register with us. We identify that we have the correct handset and then we’re able to, by just merely direction-finding on the signal emanating from the handset—we’re able to determine a location.”
The vehicle-based tracking eventually pointed to a particular apartment complex called Berkshire Manor, but police still had no idea which apartment might house the phone (and, hopefully, the woman's attacker). Corbitt deployed a team of officers with a handheld stingray to scour the complex.
“Using portable equipment, we were able to actually basically stand at every door and every window in that complex and determine, with relative certainty you know, the particular area of the apartment that that handset was emanating from,” Corbitt told the court.
Such searches are common; Corbitt said he had personally used the equipment “200 or more times” and that it worked with “100 percent” accuracy.
Eventually, Corbitt and his colleagues detected the phone inside apartment 251, the residence of a woman who was also hosting her boyfriend, the suspect James Thomas. Officers knocked on the door; when it opened, one inserted his foot in the opening to keep it from being closed again. Police then conducted a "protective sweep" of the apartment and waited while a search warrant was obtained.
Police did find the victim’s phone, purse, underwear, and ID card at the apartment, but was their "protective sweep" justified in the name of "exigent circumstances?" For investigators, the move had seemed necessary to prevent the destruction of evidence. At trial, the judge agreed and denied Thomas' motion to suppress the search evidence; Thomas was eventually convicted. Late last year, however, a state appellate court overturned that conviction on the grounds that the search had been improper (though without commenting specifically on the use of a stingray). It ordered a new trial.
“Testimony that a cell phone could be flushed down the toilet does not meet the test [of exigent circumstances],” the District Court of Appeal for Florida, First District, found, in a two to one decision.
“Really aggressive and invasive”
In an interview with Ars, ACLU attorney Nathan Freed Wessler said that having this level of detail about a stingray was highly unusual.
“I think it provides a vivid illustration of how invasive this technology is and how the courts regulate its use. It’s one thing to have a generic description of how it’s used; it’s another thing to read a first-hand account of how people are walking up to people’s doors and windows sending powerful signals to cells inside. This transcript illustrates both the fact that bystanders' phones were being tracked and that the police operating the device knew that’s what the device was doing.”
The Tallahassee Police Department did not immediately respond to our request for comment.
However, TPD Chief Michael DeLeo told the Tallahassee Democrat newspaper in March 2014 that he had ordered a full review of all incidents involving stingrays.
“My first concern as the new chief is what are we doing right now, are we doing it properly, do we need to change how we are doing it,” the paper quoted him as saying.
An initial inquiry of the cases from 2013, he noted, showed that warrants were obtained in 90 percent of the cases; the remainder involved emergency cases.
“What I’m seeing right now is the same process that is applied to any other search by the police department is being followed,” he said.
Still, the main issue that the ACLU has with this technology, as is the case with similar new digital surveillance tools, is that they might function more like "general warrants" than specific searches.
“That is a major concern that we have with this technology,” Wessler added. “We’ve tried to advance two general legal arguments about why the Fourth Amendment has something to say about stingrays: there’s an unsettled question as to whether use of these devices is like a general warrant, in that it could never be used. If there's no way to use a stingray without sweeping up hundreds or thousands of other phones, than maybe it’s not a reasonable search. At the very least, police need to go to a judge to demonstrate probable cause and get a warrant, and the judge needs to provide privacy guidelines.”
Legal experts not involved in the ACLU’s efforts were equally surprised as to the newly revealed information.
“The information that’s most interesting to me is the specific details of how the stingray was used in this case specifically (via two stingray devices, one mounted on a car and one handheld device) and the frequency by which Tallahassee police have used the device,” Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation, told Ars by e-mail.
“I’ve heard about stingrays attached to drones but seeing them on a typical police car (combined with being used 200 times) suggests the device is far more frequently used and deployed than we’ve known before. The other thing that’s interesting is that the way these devices are configured and physically used shows how invasive they are. They force the phone to use more battery, capture all the information in the area around it and then require police to go from door to door to capture signals. These aren’t simple innocuous devices but really aggressive and invasive ones.”
A newly published letter from FCC Chairman Tom Wheeler to Rep. Alan Grayson (D-FL) states that Wheeler has created a task force that recently took “immediate steps to combat the illicit and unauthorized use of IMSI catchers. The mission of this task force is to develop concrete solutions to protect the cellular networks systemically from similar unlawful intrusions and interceptions.”
Relatively little is known about how stingrays are used by law enforcement agencies nationwide, although documents have surfaced showing how they have been purchased and used in some limited instances. Worse still, cops have lied to courts about the use of such technology. Not only can stingrays be used to determine location, but they can also intercept calls and text messages. Grayson seems primarily concerned with stingray use by criminals, terrorists, and foreign government agents.
Grayson’s office did not immediately respond to further requests for comment.
The FCC didn't have much to add, either.
"I don’t have a lot to give you right now," Bartees Cox, an FCC spokesman, told Ars. "As the announcement was made only yesterday, but the task force will draw on expertise from across the agency."
“I am disturbed”
Grayson appears to have only been made aware of stingrays recently. The congressman does not seem to know that the best-known manufacturer of stingrays, the Harris Corporation, is based in Melbourne, Florida—just 70 miles from the congressional district that he represents.
Last years, Ars reported on leaked documents showing the existence of a body-worn stingray. In 2010, Kristin Paget famously demonstrated a homemade device built for just $1,500.
“Americans have a reasonable expectation of privacy in their communications and in information about where they go and with whom they communicate,” Grayson wrote to Wheeler on July 2, 2014. “It is extremely troubling to learn that cellular communications are so poorly secured and that it is so easy to intercept calls and track people’s phones.
“I am disturbed by reports which suggest that the FCC has long known about the vulnerabilities in our cellular communications networks exploited by IMSI catchers and other surveillance technologies. According to the Associated Press, the FCC licenses to American companies that manufacture such interception technology.”
Foxes guarding the henhouse
Christopher Soghoian, a technologist with the American Civil Liberties Union and one of the nation's experts on stingrays, told Ars that he applauded the FCC task force.
However, he also pointed out on Twitter that the FCC partially denied a Freedom of Information Act request filed by the ACLU to learn more about prior FCC discussion and actions pertaining to stingrays.
"They're still suppressing public discussion and debate about these issues and that combination is troubling because what it shows is that the FCC and many other parts of our government still consider it to be a secret technology even though graduate students and others have shown that they can build them themselves," Soghoian said.
"It was a secret 20 years ago; it's not a secret anymore," he continued. "What's happening is that the government wants to have its cake and eat it too. It's pretty unrealistic that this thing will remain a secret forever. Our view is that once you can buy these things online, once there are PhD dissertations describing the stuff in detail, and once you can download stuff from the Internet, then it's not a secret anymore, and the FCC should stop treating it as one."
Stephanie Pell, a professor at the Army Cyber Institute at the West Point Military Academy told Ars that she believed the task force is a "positive first step."
"Ultimately, however, a solution that is only focused on further 'outlawing' the unauthorized, unlawful use of the IMSI-catcher technology is not a strong, or likely successful solution," she said. "The FCC will need to examine the vulnerabilities in cellular networks that allow the technology to intercept our communications. Chinese spies and tech-savvy criminals won't be deterred because their use of the technology is illegal—they will be deterred and hopefully thwarted if cellular networks aren't vulnerable to IMSI catchers."
As far as the task force is concerned, Soghoian said he was not aware of the details of what precisely it would entail. He hoped that it would include bona fide technical experts who have well-known credentials in mobile security and privacy.
"If the task force is just NSA, FBI, and the Secret Service, then that's like asking a group of foxes to guard the henhouse," he said. "Really what we would hope that the task force would include the Federal Trade Commission, the Department of Commerce, the National Institute of Standards and Technology, and agencies that have a more protective mission with regard to protecting consumers from hackers and other threats to their privacy. What's clear is that the FCC has known about these things for 20 years. The only way you will protect members of Congress, journalists, lawyers, or doctors is through encryption. Any effort to go after the devices is futile."
Researchers from Stanford University in conjunction with National Research & Simulation Center Rafael Ltd. show that the gyroscopes found in most modern phones are sensitive enough to detect sound in the vicinity of the phone. Using filters and signal processing they can "identify speaker information and even parse speech".
iOS and Android require no special permissions to access the gyroscope, allowing apps and active web content that cannot access the microphone the ability to still eavesdrop on speech in the vicinity of the phone.
We'd love to hear from you. Call us at 888-783-5502 and we'll be happy to answer any questions you have.
This is an archive of educational materials relating to cell phones and privacy.
There is a lot of information on this page so it can take a little while for all of it to load. Please be patient. In addition to the concerns about bureaucracy out of control, inexpensive Cell Phone Spyware is... read more
ARS Technica - How Florida cops went door to door with fake cell device to find one man
Best picture yet of how police use "stingrays." by Cyrus Farivar - June 4 2014, 11:38am CST starkej2 In the early morning hours of September 13, 2008, a woman notified the Tallahassee Police Department (TPD) that she had been raped and... read more
ars technica - FCC to examine “unauthorized” cell snooping devices
Meanwhile, FCC won't give stingray documents to ACLU, saying they're classified. by Cyrus Farivar - Aug 12 2014, 2:40pm CST The 15 states in which the ACLU knows that police use cell phone tracking devices. ACLU A newly published letter from... read more