NYPD Says Releasing Basic Stingray Contract Info Will Result In A Supercriminal Apocalypse

from the some-prime-ass-talking-going-on-here dept

Secrecy still continues to shroud law enforcement Stingray use, in large part because courts have been far too receptive to the government's insistence that the release of any details at all would result in the expensive tech being rendered instantly useless.

The NYPD has decided to go past the usual "law enforcement means and methods" obfuscatory tactics and push a rather novel narrative about why it would be "dangerous" for IMSI catcher info to make its way into the public domain. (I mean more so… I guess.)

Joseph Cox of Motherboard reports the NYPD's latest opacity play involves hoodie-wearing males operating laptops in underlit rooms and comic book supervillain-esque levels of coordinated criminal activity.

In a recent case, the New York Police Department (NYPD) introduced a novel argument for keeping mum on the subject: Asked about the tools it uses, it argued that revealing the different models of IMSI catchers the force owned would make the devices more vulnerable to hacking.

In the words [PDF] of the NYPD's Gregory Antonsen, hackers would be able to crack open Stingrays like OPM records if the department were to turn over Harris Corp. contract info and nondisclosure agreements to the New York branch of the ACLU in response to its FOIL request. Also: terrorism.

The purpose of this affidavit is to explain the reasons that disclosing the Withheld Records would cause grave damage to counterterrorism and law enforcement operations, and so could endanger the lives or safety of New Yorkers.

Additionally, disclosing the Withheld Records would reveal confidential and non-routine criminal investigative techniques, which would hamper ability to conduct operations and would permit perpetrators to evade detection. Moreover, disclosure of the Withheld Records would jeopardize the ability of NYPD to secure its information technology assets.

After detailing the use of Stingrays to perform a variety of heartwarming investigations (tracking down a missing elderly person, rescuing someone from sex trafficking, etc.), Antonsen gets down to business. According to the NYPD's theory, any information released about the NYPD's IMSI catcher contracts could be "scrutinized" by bad guys who would be able to infer from extremely limited information the extent of the department's cellphone-tracking capabilities. It's basically the mosaic theory, but without the mosaic.

But the far stupider assertion is the one made without any supportive citations -- just a far-fetched hypothetical.

The CSS technologies are also critical and essential information technology assets. As such, all CSS technologies require periodic software updates. Public disclosure of the specifications of the CSS technologies in the NYPD's possession from the Withheld Records would make the software vulnerable to hacking and would jeopardize ability to keep the technologies secure. Of great concern is that a highly sophisticated hacker could use the knowledge of CSS technologies to invade the CSS software undetected, thus creating a situation in which law enforcement personnel are lured into a situation based on a misleading cell-phone location and are then trapped and ambushed.

The ACLU's Chris Soghoian has responded [PDF] to the NYPD's assertions. As to the claims that providing contract information would somehow result in sophisticated criminals finding ways to route around this surveillance, Soghoian points out that every Stingray device -- no matter its capabilities -- can be defeated by even the dumbest thug… and all without having to scour a redacted invoice for clues.

The most effective countermeasure, which can be used by anyone at no cost is to simply turn off a phone or put it into airplane mode. This will thwart tracking by any model of Stingray. Knowing the models of Stingrays that the NYPD uses does not make this countermeasure more or less effective. It is 100% effective regardless of which models of Stingrays the NYPD uses.

Soghoian went easy on the "but criminals will beat our IMSI catchers" argument. The "but we'll be hacked" argument is treated with all the respect it deserves: none.

It would be a serious problem if the costly surveillance devices purchased by the NYPD without public competitive bidding are so woefully insecure that the only thing protecting them from hackers is the secrecy surrounding their model names.

He also chides the NYPD for making claims the federal government isn't even willing to make.

The Harris Corporation, which in addition to manufacturing Stingrays has been awarded public contracts for securing the President's communications and supplying secure radios used by the U.S. Army, is clearly capable of designing secure products for its government customers that does not rely on keeping secret the mere existence of the devices for their security.

Soghoian also points out that the release of other information would similarly have zero effect on the devices' capabilities. Because they spoof cell towers, it does criminals no good to know how many the NYPD has or even where they tend to deploy them. A cellphone can't tell it's connected to a BS "tower." And just because the NYPD may be more likely to deploy them in certain areas does not guarantee that avoiding those areas will allow criminals to avoid detection.

And this wonderful paragraph snarkily deflates the NYPD's paranoid ravings its tech officers deploy as justification for continued secrecy.

Inspector Antonsen also claims that knowing the number of Stingrays owned by the NYPD may enable an extremely well-resourced criminal group to orchestrate a greater number of simultaneous hostage situations than the number of Stingrays available to the NYPD. Even assuming that such a sophisticated criminal group made the unlikely decision to rely on its knowledge of the number of Stingrays in the possession to use cell phones in executing such a hypothetical event, knowing that number will not help them as it is almost certainly the case that one, if not multiple, federal law enforcement agencies would step in and assist the NYPD with their own cellular surveillance technology. Moreover, this hypothetical is no different from saying that at some point some criminal group may be able to overwhelm the number of police cars that the NYPD owns or the number of police officers on the force.

It's hard to believe law enforcement is still throwing out these tired arguments after nearly a decade of incremental exposure of Stingray information. The NYPD wants publicly-available information (Stingray names, suggested retail prices) to somehow be the first cat successfully stuffed back into the bag. Since it has no legitimate arguments to justify this cat stuffing, tech officers are resorting to hypothetical scenarios even the most-handwavingest of sci-fi writers wouldn't feel comfortable inserting into their speculative fiction.



Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: criminals, foia, hackers, imsi catcher, nypd, stingray, transparency


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 23 Sep 2016 @ 10:56am

    the government's insistence that the release of any details at all would result in the expensive tech being rendered instantly useless.

    Only if the release resulted in its use being banned...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 10:59am

    No one believes the NYPD anymore, I wonder why.

    link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 24 Sep 2016 @ 1:19pm

      "No one believes the NYPD anymore"

      If that were the case, this wouldn't be news.

      Granted, each of these claims weakens the hackers and terrorists argument and NYPD credibility.

      But there will always be people who want to believe that the police keep them safe and are virtuous above reproach.

      link to this | view in chronology ]

      • icon
        That One Guy (profile), 24 Sep 2016 @ 4:07pm

        "Criminals like that get what they deserve, but that would never happen to me..."

        But there will always be people who want to believe that the police keep them safe and are virtuous above reproach.

        ... right until they're on the receiving end of police abuse of power/lawbreaking, and they look around proclaiming their innocence and wondering why no-one believes them, instead brushing aside their claims of innocence as baseless attempts by a criminal, attempting to tar the good name of the paragons of virtue that are law enforcement.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 11:12am

    Probably True

    revealing the different models of IMSI catchers the force owned would make the devices more vulnerable to hacking.

    Most likely far too true. Probably completely open communication protocol with no authentication required to get in.

    Would explain the secrecy too, if anyone knowledgeable of the protocols would get the facts into the courts - they'd all but be thrown out because of how easily the records could be falsified ... explains a bit too much don't ya think?

    link to this | view in chronology ]

    • icon
      orbitalinsertion (profile), 23 Sep 2016 @ 11:24am

      Re: Probably True

      The thing about this is... if one wanted and remotely needed to hack at IMSI catchers, they would make exploits and tools for all of them. Then they could go warstrolling to their little supercriminal terrorist hearts' content.

      Next up: Gov demands nerding harder from vendors so phones respond to an "IMSI bit" when in airplane mode, off, and the battery out. Sort of a super-RFID.

      link to this | view in chronology ]

    • icon
      crade (profile), 23 Sep 2016 @ 1:04pm

      Re: Probably True

      If they rely on security through obfuscation at all, best assume they are already being hacked if anyone cares.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 11:13am

    Gregory Antonsen has missed his calling. He should be writing comic-books wherein our fearless NYPD officers defeat Galactic Humungous Yuge Lime Green Super Monster Fire Breathing Universe Killing Scarey Villains using only one Super Spider Hero-branded wet noodle and Smelly Villain Repellent pink toenails.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 11:31am

    "thus creating a situation in which law enforcement personnel are lured into a situation based on a misleading cell-phone location and are then trapped and ambushed."

    Someone who wanted to do this could just take the actual phone to the ambush location. No hacking needed.

    "Inspector Antonsen also claims that knowing the number of Stingrays owned by the NYPD may enable an extremely well-resourced criminal group to orchestrate a greater number of simultaneous hostage situations than the number of Stingrays available to the NYPD"

    Or they could, you know, turn off their hostages' cell phones, rendering the Stringrays useless. Or they could leave them on and set up an ambush, made even more effective by the presence of the hostages. Again, why are the police worried about an ambush from a false signal and not a true one?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Sep 2016 @ 11:38am

      Re:

      These scenarios are being put forward to justify why they have to keep stingray details secret, and may not reflect the real reason, they want to keep hold of a mass spying tool by pretending that it is a targeted spying tool.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 23 Sep 2016 @ 12:42pm

        Re: Re:

        I know, but I prefer to imagine comic-book type super-villains making ill-thought-out plans.

        "Here's the plan. We know, thanks to FOIA, that the NYPD has exactly 19 stingrays. So we're going to kidnap 20 people and hold them at 20 different locations. Foolproof!"

        "But, boss, even if this works, won't they catch 95% of us?" "Yeah, but you're henchmen, you're expendable." "..."

        "But, boss, what if one person sees us enter a building and tells the police about it, and they don't have to use a Stingray there?" "Well, I guess you'll just have to be very careful, now won't you?"

        "But, boss, can't they move one Stringray once they get a location, and use it somewhere else? Aren't those things mobile?"

        "But, boss, can't they borrow one from a nearby city?"

        "... OK, OK, new plan. And this one is sheer evil genius. Using the model numbers of their Stingrays that we obtained, we hack into their system and make it appear that the hostages' cell phones are coming from a particular location. Then, we ambush the cops when they come." "But, boss, if we know which phones they're tracking, couldn't we just carry those phones to the ambush location?" "But, boss, won't they then know our exact location, and be able to surround us and send overwhelming force?" "But boss, if you could hack into military-grade hardware that easily, couldn't you just hack something more deadl-" "SHUT UP, THIS IS THE PLAN."

        link to this | view in chronology ]

        • icon
          That One Guy (profile), 23 Sep 2016 @ 1:31pm

          Re: Re: Re:

          Love the scenario, but I feel I must object to the unfair comparison. Comic book super-villains tend to employ much better logic and arguments than the NYPD, not to mention tend to be more honest and respectful of the public.

          link to this | view in chronology ]

    • icon
      TasMot (profile), 23 Sep 2016 @ 12:39pm

      Re:

      Again, why are the police worried about an ambush from a false signal and not a true one?


      Because, while exercising their god complex they have veered so far from the truth they have forgotten what the truth is, and yet, have not formed a fully detailed backstory yet for their lies.

      Also, because, convictions are now better than prevention. If the crimes would be prevented because the purported criminals knew that the NYPD would be able to catch them because of they advanced technology they could employ, then arrest rates would decline, conviction rates would decline there would be less need for so many NYPD police running around.

      Heaven forbid, that would mean a smaller budget and less prestige. We can't have that, now can we?

      link to this | view in chronology ]

    • icon
      Vidiot (profile), 23 Sep 2016 @ 1:26pm

      Re:

      Hostages! That's it! Finally, the other shoe drops... the supposedly-legitimizing use of IMSI catchers. Think of the (hostage) children!

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 11:37am

    But the NYPD also says stopping kidnapping random black people off the streets, murdering them and throwing their bodies in the Hudson will ALSO lead to A Supercriminal Apocalypse

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 12:00pm

    NOT releasing the details has ALREADY led to a supercriminal apocalypse.... See every law enforcement (and I use that term loosely) agency that secretly uses this technology.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 23 Sep 2016 @ 12:19pm

      Re:

      Prosecutors too! Let's not leave them out.

      Stingray cases lead to Parallel Construction.

      Parallel Construction is a euphemism for perjury. Criminal conspiracy to lie to the court and deprive the defense of real evidence, what actually happened.

      Releasing the details of Stingray use would reveal the supercriminals at work and how they operate. (eg, police / prosecutors) And it would be an apocalypse from their POV.

      link to this | view in chronology ]

  • identicon
    NYPD, 23 Sep 2016 @ 12:16pm

    We cannot release information on stingray use because New Yorkers' safety.

    link to this | view in chronology ]

    • icon
      DannyB (profile), 23 Sep 2016 @ 12:21pm

      Re:

      We cannot release information on stingray to protect law enforcement from prosecution.

      What is it they way? If you've done nothing wrong, you've got nothing to hide.

      I seem to recall a saying about the goose and gander having compatible ports with need of an adapter, or something like that. A device that is good for the goose is compatible with the gander.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 12:31pm

    It's always a pity that these supercriminals seem to view the constitution as an obstacle they need to work around, using tools they know from the start that they need to keep hidden from everyone, than a document that is intended to protect everyone.

    How many more pedophiles are going to get off because the cops would prefer to find ways to get around the US Constitution then obey it?

    link to this | view in chronology ]

    • icon
      Padpaw (profile), 24 Sep 2016 @ 4:01am

      Re:

      I still suspect they are being trained to ignore their fellow citizen's rights and to brutally suppress dissent. solely to justify more heavy handed and anti freedom laws when people start fighting back for their god given rights.

      Much like creating fake terrorism plots to justify anti freedom laws "designed" to combat terrorism, but in reality turn a country into another tyranny.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 12:38pm

    Supercriminals like John Stumpf and Carrie Tolstedt of Wells Fargo already get to walk free.

    link to this | view in chronology ]

    • icon
      art guerrilla (profile), 24 Sep 2016 @ 2:44am

      Re:

      too bad there is no device to catch the super-predators on wall street...
      oh wait, there is, the SEC and (In)Justice Dept, only those machines are old and broken; nobody who is anybody wants to repair them so they function...

      link to this | view in chronology ]

  • icon
    Groaker (profile), 23 Sep 2016 @ 12:43pm

    The NYPD is the SuperCriminal Apocalypse. No one but a known member of this or a similar gangster clan can arbitrarily murder a person, steal their money, sexually molest and rape and have a 99%+ expectation of walking free, most likely with a commendation, promotion, raise in pay and a paid vacation. As well as have the right to refuse to do their job (according to SCOTUS.)

    An innocent individual swept up by clan raids has a far less than a 99% chance of being found innocent at trial.

    link to this | view in chronology ]

  • icon
    Ninja (profile), 23 Sep 2016 @ 1:01pm

    It would (hopefully will) be incredibly awesome if some judge brings down the justice hammer and effectively says "I'm willing to risk this apocalypse scenario to protect the Constitution" and then we can collectively mock these morons in the face when the scenario inevitably doesn't materialize.

    I can dream, can't I?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 2:26pm

    With enough information savvy technophiles will figure out how to secure their phones from this type of intrusion, and build IMSI detectors. The fact that IMSI even works just shows how insecure cell phone infrastructure is to man in the middle snooping.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 3:19pm

    Latest FUD

    First it was "You can't handle the truth"
    Then it was:
    Terrorism then The Children
    and now...
    Hackers

    link to this | view in chronology ]

  • icon
    Matthew Cline (profile), 23 Sep 2016 @ 5:18pm

    Unredactable?

    Even if one were to believe their objections, why not just redact the model numbers and device quantities?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Sep 2016 @ 8:46pm

    I think we just found Whatever, guys.

    link to this | view in chronology ]

  • icon
    Padpaw (profile), 24 Sep 2016 @ 3:53am

    Considering I would wager every action by the NYPD concerning stingray usage as illegal no doubt this would result in most departments being jailed for multiple felonies.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Sep 2016 @ 4:51am

    A cellphone can't tell it's connected to a BS "tower."
    I am not sure this is true.

    Each cell tower has a unique ID associated with it, like a MAC address of a network interface. This ID is part of the cell standards (CDMA or GSM). The ID number actually encodes information like the telco that owns it.

    A cellphone will connect to the strongest signal it can find, irrespective of anything else, as long as it is permitted to connect. And that decision, permission to connect, is made by the tower itself. E.g your phone provider is telco1, but the strongest signal is from a tower owned by telco2, but if telco2 doesn't allow 1's handsets to connect, the phone will then go to the next strongest signal, and the next, until it finds a connection it's allowed to establish.

    Sometimes telco's will buy the rights to use another telco's towers, to expand their coverage without having to install towers (or expand capacity on existing towers) themselves. So in this case, if telco1 had such an agreement with telco2, then telco2's tower may indeed let you connect, even tho you belong to telco1.

    It is this that IMSI catchers take advantage of. In fact anyone, with the right technical knowledge and electronics skills, could make their own IMSI catcher.

    So, an IMSI catcher just broadcast a stronger signal (whether due to just being closer than other towers or by being more powerful in general) and permits any phone to connect. Then it creates it's own connection to a 'real' tower, and passes the signals through. Basically, it's just a classic Man-In-The-Middle (MitM) attack.

    While it's certainly possible that the cell tower ID it uses is copied from a 'real' tower, like a MAC address it could probably be changed, I would find that unlikely. I'm pretty sure the telco's would be protesting that appropriation of their property. Actually using their unique identifying prefixes (or suffixes, I forget which it is) would probably in itself be illegal - certainly in the without-warrant type usages these devices seem to be being used in. I don't find it plausible that the telcos are unaware of these devices, or unaware of each time they are used. Hell, they probably originated from standard test rigs that telco technicians/engineers use as part of their own testing, maintenance, and surveying when determining the best location for a new tower. The standard testing/maintenance they perform on their own infrastructure would pick up these devices as either another telco's tower in the same area, or an unknown one of their own towers, which surely would raise alarm bells.

    Therefore if you have a list of known cell IDs in the area, and you are using software that identifies this information, then you (or the phone) could know that you are not connecting to a known tower, and, possibly, it is not a 'tower' that is using your telco's ID number.

    There are many apps out their that can display, log and provide this information. There are open-source "cell-tower mapping" projects underway that create databases of celltowers, their unique ID numbers, and their location. Some of these apps operate entirely inthe background, recording all teh cell tower IDs and locations using GPS, and upload that data automatically to the project for inclusion in the database. So if a new tower, especially if it doesn't use a known telco ID string, pops up, and then disappears hours or days later, then that's a good bet that an IMSI catcher is being used.

    So, create a database of all know celltowers, and there are probably apps out there that can let you force your phone to only connect to that known list, refusing to connect to any unknown tower. Of course, this will only protect the content of communications, not location info, as even if your phone refuses to connect to this unknown tower, it can still pick up the general broadcast that a phone sends when it's looking for a tower to connect to.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Sep 2016 @ 12:19pm

    Sounds like they have a undiscovered patchable hack

    Yet, no morals to inform the community for the sake of everyones security(fighting cybercrime my ass).......instead, using it like the criminals they proclaim others to be

    link to this | view in chronology ]

  • identicon
    GREEK, 25 Sep 2016 @ 1:42am

    Hacking Services

    Visit mackathack.com

    link to this | view in chronology ]

  • identicon
    Birthday SMS In Bengali, 13 May 2017 @ 4:29am

    Birthday SMS In Bengali

    <a href="https://happybirthdaytext.com/happy-birthday-messages-wishes-in-bengali-bangla.html">Birthd ay SMS In

    Bengali</a>

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.