Cop Invents Device That Sniffs MAC Addresses To Locate Stolen Devices
from the just-the-MACs,-ma'am dept
Law enforcement continues to look for a tech edge. (Whether it actually needs it as badly as it claims it does is still open to debate…) Techdirt reader Brig C. McCoy sends in news that an Iowa law enforcement officer is putting together yet another piece of in-car equipment -- one that will sniff MAC addresses to locate stolen electronics. (via Slashdot)
Next month, an Iowa City police officer will introduce technology at the International Association of Chiefs of Police Conference in Chicago that could help law enforcement recover Wi-Fi-capable devices.Weirdly, the thing that it could do best (caveats forthcoming) isn't the thing Officer David Schwindt wants it to be used for. Sure, recovering the occasional stolen cellphone or tablet is cool. But you know what's really cool? Whatever the hell it is that Schwindt thinks it could be used for, but would rather not discuss in detail.
[...]
Law enforcement officers using L8NT would plug the USB device into their in-car laptops. The device would scan MAC addresses, looking for matches to known stolen items. The device has a range of about 300 feet and can be attached to a directional antenna to allow police to determine where the signal is coming from and obtain a warrant.
“I foresee law enforcement using L8NT software to solve higher-level crimes,” said Schwindt, a 14-year veteran of the department.Even though it could be used passively to run MAC addresses against a hot sheet, it probably won't be. Instead, it will take a criminal act of more severity before officers will even think about plugging the device in. Or it could just be used to perform an "audit" of any home's electronic devices… because child porn is a problem.
“If your cellphone is stolen from a bar ... that’s not necessarily what L8NT is intended for. But, if your home is burglarized and your cellphone is stolen, now, as a police chief, I’m interested” in that technology.
Schwindt said the idea for the product came to him after taking a Small Office/Home Office investigations class. The class discussed child porn investigations and doing a “wireless audit” of a suspect’s residence to look for devices that would hold evidence and illegal material. The class taught investigators to scan for MAC addresses.Schwint does point out that his invention won't be able to pick up any additional information sent from devices. It will only acquire the MAC address. (I imagine future law enforcement clients will soon be making efforts to take the governor off the data hauler...) Locating stolen devices via L8NT "wardriving" could lead to the recovery of more stolen electronics. Or it may prove mostly useless.
As is pointed out at Slashdot, MAC addresses can be easily spoofed. Once criminals know devices like this are in use, they could make more proactive efforts to alter addresses on purloined devices. The other issue is that a MAC address isn't really like a fingerprint: it isn't necessarily unique.
Manufacturers re-use MAC Addresses and they ship cards with duplicate addresses to different parts of the United States or the world so that there is only a very small chance two computers with network cards with the same MAC Address will end up on the same network.Now, the odds are small that police will run into conflicting, duplicate addresses, but this fact makes it impossible to guarantee that tracking down a MAC address actually means tracking down a stolen device. For that reason alone, L8NT's architecture may be changed to grab more identifying info… which will lead to more questions about the constitutionality of the device, which will act like a low-level search of a home's electronics. Its impact will also be blunted by the information it seeks, considering not every device is assigned a MAC address and addresses are unobtainable unless they're turned on and connected to a Wi-Fi network.
I wouldn't necessarily bash this officer's idea, as it does achieve certain law enforcement goals without having to carve another slice out of the Fourth Amendment. But I'm hardly convinced this will remain a low-level surveillance device subject to built-in limitations. The best evidence for this is the officer's statements themselves. It's an electronics-sniffing device conceived during a discussion of child porn investigations and which has triggered happy visions of high-profile busts in its inventor's head. Nothing about that combination bodes well for the built-in limitations surviving future iterations of L8NT. Add in the fact that a MAC address isn't a perfect identifier and you've got a recipe for trouble.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: iowa city police, law enforcement, mac address, stolen devices, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
Until...
Sorry, we all know how this one goes, it will be abused... guaranteed!!!
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
How many know their MAC
Whole thing sounds like a smoke and mirrors to me.
[ link to this | view in thread ]
Conflicted
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
http://www.theblaze.com/stories/2013/11/12/seattle-installs-homeland-security-funded-white-box -mesh-network-capable-of-tracking-cellphones/
[ link to this | view in thread ]
Re: How many know their MAC
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
https://www.washingtonpost.com/news/the-switch/wp/2014/09/25/apples-new-feature-to-curb-phone-tr acking-wont-work-if-youre-actually-using-your-phone/
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: How many know their MAC
MAC addresses probably aren't too hard to guess though. Spoofing a few thousand source MACs from Apple's block might be enough to annoy the police with false positives.
[ link to this | view in thread ]
If that signal happens to originate within a person's residence then any warrants or evidence collected based on the usage of this device would be fruit of the poisonous tree, in my opinion.
The majority opinion in Kyllo v. United States, 533 U.S. 27 (2001) didn't allow the use of a device to detect heat levels emitting from a house where marijuana was being grown, so why would radio signals emitting from a private residence be any different?
Kyllo v. United States, 533 U.S. 27 (2001)
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
http://www.bbc.com/news/technology-23665490
http://qz.com/112873/this-recycling-bin-is-following-you/
[ link to this | view in thread ]
[ link to this | view in thread ]
Hack 5 is a great youtube channel...
https://hak5.org/episodes/hak5-1703
[ link to this | view in thread ]
MAC addresses may not be unique
[ link to this | view in thread ]
Re: Re: How many know their MAC
[ link to this | view in thread ]
MAC sniffer
A MAC address does not contain IP data, nor headers or an legally required information in order to obtain a warrant.
The 'tool' will be misused/abused.
Suspicion is not good enough to obtain a warrant, nobdy saw anything, no witness, no real evidence exists, so a warrant would not be issued.
The target might be able to sue based on the fact his computer might have been compromised by an illegal search.
There is no immunity to any criminal act, no matter who you are.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
I believe that was for intercepting data, not collecting MAC addresses. AP MAC collection is standard for dozens of geolocation companies, and if you have a Google Android phone with location services enabled it's collecting them right now.
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Cop invents device... that the private sector has been using for years
i.e. http://www.libelium.com/products/meshlium/smartphone-detection/
[ link to this | view in thread ]
Well, they need something, and that is mostly smarter and more ethical people, and an agenda to pursue actual crime. There really doesn't seem to be much improvement the last 10-15 years in tackling real IT-orientated crimes. They just keep buying into certain sorts of IT to continue with their overall surveillance mindset and pursue mostly petty crime that they like to build up into some major deal by tacking on endless charges from poorly written laws.
If the police (or other LEOs and national security apparatus) were as good as they say they are, and as smart and tech-savvy as they claim, with all their fun little toys, they would be taking down a lot more criminal organizations which sell and lease malware, botnets, etc., used to do things like commit identity fraud. But no, they are more interested in teenage sexting or whatever, and just general invasiveness.
[ link to this | view in thread ]
Re: How many know their MAC
If it's a stolen cellphone that has been reported to the police (and he mentions "if your home is burglarized and your cellphone is stolen") then from your phone service provider, presumably. And if you're the owner, it might be on your online account info or the provider could tell you and so it might be possible for the person to give the MAC address to the police. Otherwise they'd have to obtain it from the service provider (presumably with consent).
[ link to this | view in thread ]
Re: How many know their MAC
Nothing has ever been recovered. Little hope now.
[ link to this | view in thread ]
ummm
now it dont take a genious how ot mod this to movile phones etc.
[ link to this | view in thread ]
[ link to this | view in thread ]
I just see this as another variation of LPR's; they'll track all the MAC addresses along with their locations and keep them around for searching at their leisure (for some unspecified period of time) with no oversight.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Amateurs!
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re: How many know their MAC
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
Re: Amateurs!
[ link to this | view in thread ]
So... they have wifi and computers with mac addies so therefore they're suspect?
High-ranking official owns a beermaking business, but try as he might, his brews are not as good as those made by the local brewmeister. The locals buy Brewmeister beer, not HRO beer.
HRO needs Brewmeister out of the picture, and tells the commissioner to dispose of him. Brewmeister is a bit of a lush but otherwise relatively clean. However, an L8NT scan of Brewmeisters home reveals eleven mac addresses, some of which are probably phones and computers that might include child porn or other illegal content.
So they SWAT his house on probable cause, wipe out his family, take him in, beat a confession out of him and have the local DA plea bargain with him to six years in prison.
Meanwhile HRO repeats the process for all of the key officials in Brewmeister's brewery until it can be bought for a song and put under HRO management.
The locals now buy HRO beer.
[ link to this | view in thread ]
Why on earth would I expect police not to abuse this technology to spite other people that refuse to lick their boots
[ link to this | view in thread ]
Re: Re: How many know their MAC
[ link to this | view in thread ]
Re:
If you do not like police corruption do not use anything that would enable them to keep being a dirty cop.
[ link to this | view in thread ]
Writing software for a power equipment distributer a decade or so ago, I offered to add a stolen item tracking database. The serial numbers of mowers and other equipment sent to the dealers was already being tracked. They were tracked again from warranty cards came back from the end users. And again when warranty repair claims were sent back from the dealers. I'd simply add a database of items reported stolen, and watch for them being brought in for repair.
The idea was quickly dropped. Many common mower and engine models would have the same serial number for all of that model made on a given day.
Worse, the way it was distributed meant that a day's run would go to the same distributor, and part of that would go to the same dealer. The same small town could easily end up with a bunch of mowers with the same serial number.
I've always wondered how many people were wrongly convicted because of that.
[ link to this | view in thread ]
how to change your MAC address
#!/bin/bash -x
MAC=00:`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 200 | md5sum | sed -r 's/^(.{10}).*$/\1/;
s/([0-9a-f]{2})/\1:/g; s/:$//;'`;
sudo ifconfig wlan0 down
sudo ifconfig wlan0 hw ether $MAC
sudo ifconfig wlan0 up
sudo service network-manager restart
[ link to this | view in thread ]
The odds of a random collision are ridiculous, but people are tricksy, so we are going to see more tomfoolery with scraping, spoofing, etc.
So, I wouldn't be too concerned with the police scraping all my devices and confusing me with a serial murderer because of an address collision, just because of the odds.
But I could totally see someone getting "SWATTED" with spoofed devices or the police using some sort of stingray device (drone?) to sniff everyone's MACs. That sounds dirty. Certainly this was ripe for privacy abuse and hackers. "Security through obscurity."
Right now I would be worried more about someone with a 20 dollar SDR dongle hooked to a tablet, driving around your neighborhood sniffing your garage door openers, keyless entry systems and vehicle key fobs. Your bluetooth headphones, not so much.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re: How many know their MAC
their seems to be allot of folks working in our respective governments who really shouldnt be working in our respective governments
A big job thats daunting to do in its immensity
I hope for the day, the day that goes down in history as the Mass Firing Of Global Government Employess 2016.......followed by the hollywood movie 6 months later with the word "reboot" in the title, in the ironic sense.........followed by the Mass Firing Of Global Media Employess 2017...........followed by an internet film 6 months later with the exact title "Hollywood!Media!Ironic, huh!?".....
Pretty sure thats how its gonna go down exactly, play by play book.....no doubts...... if im lying im dieing
[ link to this | view in thread ]
Re: Re: Re: How many know their MAC
[ link to this | view in thread ]
Re: Re:
Check out project ara, modular phone with interchangeable modules, closest thing ive found to such an ability, depending on whats packed into the exoskeleton
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: how to change your MAC address
[ link to this | view in thread ]
Re: Re: Re: How many know their MAC
I track which is which through certs.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
The funny thing is
The only "value add" the cop could be providing is to run a database of such addresses, but considering that MAC addresses are not guaranteed to be unique and are easily changeable by the user, the value of such a database is very low.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: MAC addresses may not be unique
[ link to this | view in thread ]
They can be changed
Also, if it is available via wifi instead of 3g/4g, etc., then accessing the mac address over wifi would be a violation of the law without a specific warrant allowing the police to scan the devices in a given residence/business.
[ link to this | view in thread ]
Re: Re: Re: How many know their MAC
[ link to this | view in thread ]
It's Not Worth Stealing.
I live in an apartment complex which is mostly student housing. Students, being young, are not bound by our obsolete notions of economic value. It is really rather amazing what goes into the dumpsters at term-end. The dumpsters overflow under extreme strain, so the debris is not actually in them, but on top and beside them, and it is easy to see what is being thrown out, without going to the extreme of dumpster-delving (some locals do come around to delve). There are small appliances of course, but also large quantities of clothing, books, household linens, furniture, and even items such as computers, and (in what I can only regard as satirical commentary) a set of golf clubs. The students have an accurate idea of what it costs to carry something as checked baggage on an airplane, the minimum charges of house movers, and the time-cost of running a yard sale. But they don't have the kind of puritan compulsions which make me ashamed and angry when I have to throw something out because the Salvation Army flat-out doesn't want it. That's your bottom-level truth-- in a more perfect cybernetic economy, durable goods become worth almost nothing.
Food is worth something, because it doesn't stay bought. However food generally has little or no resale value.
The most recent New York Police Department abuse scandal (the James Blake case) involves a bungled investigation for credit card fraud in respect of a neetzie-cuckoo internet company which delivers durable goods (in this case, cellphones) to customers at street-corner locations. In the first place, the obvious remedy for the credit card companies is to harden their systems (eg. Chip & Pin). As for the goods themselves, and their mode of delivery, there is an old saying, "comfortable as an old shoe." New shoes tend to involve blisters. That can be viewed as a metaphor for consumer durable goods. The enterprise of trying to deliver durable consumer goods to people so instantly that the goods cannot be delivered to their registered addresses is doomed to failure. One does not, after all, want to change into new clothes on the public street. Much the same applies to electronics, which are useless without personal data. The more expensive an electronic device is, the more complicated it is, and the more difficult to learn to use. The case would probably not have arisen if the internet business had restricted itself to delivering things to hotel guiests, either in their rooms, or via the hotel desk clerk. The natural point of delivery for stuff is to wherever the customer keeps his stuff. A company with a business model of delivering durable goods on street corners is bound to find itself drifting into conspiracy with credit-card fraudsters. I think the deliveryman was doing his best to turn State's Evidence, and therefore pointed to whoever he could see.
My experience in West Virginia is that a minimum economic order for delivered pizza is about thirty dollars. When I'm feeling sick enough that I don't want to go out, or I'm treed by winter snowfalls, I order one pizza item, and a bunch of salads, which can sit in the refrigerator for a few days. I presume prices in New York are rather higher. There seems to be a real question whether a basic "burner" cellphone, the sort of thing one might need for emergency communications, would be economically deliverable under a "pizza delivery" regime. Consulting Google, the price of a basic Tracfone seems to be about ten dollars, then once you've got it, you can use your credit card to load it up with minutes. It is not really plausible that an emergency replacement of a cellphone would be a big enough deal to be worth a courier's while.
Over the last ten years or so, the single biggest set of hassles I have had about money have involved health insurance. If you make "worst-case" sets of assumptions about your health, you can easily be talking two or three hundred thousand dollars a year. To get the insurance premium down to a more reasonable level tends to involve "stress and strain." When I was younger, I had university tuition issues. The tuition rate was not negotiable, but the number of hours of enrollment was, and likewise the meeting of specific requirements. The name of the game was to convince one's professor to allow one to enroll for one credit-hour, reading books instead of attending classes. Money worries are associated with things which, in many countries, are government benefits.
The whole economy is swinging away from a street cop's dimensions.
The future of crime is probably "crimes against the person." I don't know if you have ever heard of the case of Erica Pratt, the little girl in Southwest Philadelphia who, back in 2002, was kidnapped on the strength of a (probably false) rumor that her family had come into an insurance settlement. This was an ordinary little slum girl, whose runaway father and uncles were apparently street-corner men, involved in the usual range of illicit dealing. However she's a good girl, in spite of everything. One of her male relatives got killed in the course of business, and rumors flew around the neighborhood about a life-insurance settlement. So some men kidnapped Erica and demanded ransom. This was not particularly realistic, because as anyone who has ever dealt with insurance companies knows, they work in mysterious ways ("like God, only not half so generous," as someone put it). Being entitled to an insurance settlement is by no means the same thing as having available cash. The girl managed to escape, and of course the kidnappers were caught, as one might expect of such stupid men, and given good, solid thirty-and-forty-year prison sentences.
https://en.wikipedia.org/wiki/Erica_Pratt
Incidentally, re MAC addresses: they are 48 bits (256 trillion addresses), so the likelihood of collisions, in an area of a couple of hundred yards, with, say a thousand phones, is on the order of a hundred billion to one.
[ link to this | view in thread ]
Re: Re: Re: Re: How many know their MAC
[ link to this | view in thread ]
Re: How many know their MAC
Mac's are recorded on home wifi equipment and easily pulled by typing 192.168.0.1 or 192.169.1.1 into a web browser (for 99% of the routers out there anyway). Educate yourself before sounding like the tech ignorant troll you obviously are.
[ link to this | view in thread ]