[CSS-research] Hello and welcome to the Cell Site Simulator Research mailing list

Mon Nov 20 19:38:23 PST 2017

Hi All!

Joining in with a short intro... I'm Georgia. I am the director of tech
projects at OTI. My background is UX, Software development, data viz and
urban planning. Meaning... I can be help with thinking about UX, managing
things, visualizing data, and random geo stuff.

The Team at OTI (Robyn Greene, Nat Meysenburg, and Chris Ritzo -- all on
this list I think!) did an experiment with a bunch of tools (and help from
many of you!) for the science march back in the Spring, and the write up
for that is available here:
https://www.newamerica.org/oti/blog/oti-experiment-open-source-surveillance-detection/

Looking forward to seeing how we can work together as a group going forward.

-Georgia

On Mon, Nov 20, 2017 at 6:15 PM, Martin Shelton <mshelton at riseup.net> wrote:

> Hey all, and thanks for organizing, Cooper + Yomna!
>
>
> Very brief intro: I'm Martin. I conduct user research and study how U.S.
> journalists and media activists manage information security. To help relay
> good information on this topic, it's an area I'd like to learn more about.
>
>
> Martin
>
> On Nov 20, 2017, at 1:15 PM, Peter Ney <neyp at cs.washington.edu> wrote:
>
> Hello,
>
> Nice to meet everyone! Cooper, thanks for starting this list. I think it
> is a great idea to get everyone working on cell-site simulators in touch.
>
> I'm Peter Ney, a graduate student in the Security Lab at the University of
> Washington, and a member of the SeaGlass team (https://seaglass.cs.
> washington.edu/), along with Ian Smith, Karl Koscher, and Yoshi Kohno.
> Our long term goal with SeaGlass is to build systems that are able to
> detect cell-site simulators at scale (especially commercial models) with
> high accuracy. This means building systems to collect cellular data and
> developing algorithms that can use this data to detect cell-site simulators.
>
> We aren't there yet. In addition to the challenges of collecting data, I
> think there are two unsolved problems:
>
> 1) If you detect something anomalous/suspicious, how do you know if it is
> a cell-site simulator or some other network anomaly (e.g., cell-on-wheels,
> femtocell, misconfigured legitimate BTS, etc)? In our experience looking at
> network data, really weird stuff happens all the time that is innocuous.
> This would be easier to answer if we had ground truth from the network, but
> we really shouldn't rely on having this. This is going to be especially
> important to solve if we want to use our results in court.
>
> 2) We need rigorous evaluation that convinces us that a detection system
> would actually work in the wild. The recent White-Stingray paper published
> this year at WOOT'17 highlights this point when they showed that
> phone-based IMSI-catcher detection apps are missing lots of cell-site
> simulator behavior. This problem gets harder because showing that a given
> system can detect a homemade SDR IMSI-catcher doesn't mean that it could
> detect a Harris Stingray or Hailstorm (because we are still making educated
> guesses about their behavior unless we can get access to them).
>
> Right now we are revamping the SeaGlass sensor to collect lots more data
> with SDRs, and are working on improving our evaluation infrastructure (with
> IMSI-catchers) to add more rigor to our evaluation. We hope to start
> collecting more data in the wild sometime next year.
>
> Ian and I are also involved in a cell-site simulator court case down in
> Tacoma, WA, so we may have some questions for the list as we get further
> along in that process.
>
> Peter
>
> On Tue, Nov 14, 2017 at 11:23 AM, Eric Null <null at opentechinstitute.org>
> wrote:
>
>> Hi Cooper, thanks for getting this started and thanks to Yomna for
>> compiling the resources.
>>
>> Hello mailing list! I'm Eric Null, a broadband policy attorney at New
>> America's Open Technology Institute. IMSI catchers/surveillance tech makes
>> up a small portion of my work (mostly because OTI has its own security
>> policy team), but I'm happy to be on this list so I can learn more about
>> what's happening.
>>
>> One thing I wanted to mention is that we (OTI and two other orgs) filed
>> a complaint last year at the FCC
>> <https://www.newamerica.org/oti/press-releases/oti-and-others-file-stingray-complaint-against-baltimore-city-police-department/>
>> arguing that Baltimore PD's use of IMSI catchers violated the
>> Communications Act (the complaint has some fun maps/data viz in it!). We
>> had some meetings in late 2016, but even under a Dem administration it was
>> difficult to get them to move. Needless to say, under Trump's FCC chairman,
>> we'd probably get bad precedent if the FCC acted on it, so we're no longer
>> pushing it for the time being.
>>
>> Anyway, thanks everyone!
>>
>> On Tue, Nov 14, 2017 at 2:10 PM, Cooper Quintin <cooperq at eff.org> wrote:
>>
>>> Hello and welcome to the Cell Site Simulator Research mailing list!
>>>
>>> I am a senior staff technologist at EFF on our Cybersecurity Team. For
>>> the last year or so I have been studying—among other things—Cell Site
>>> Simulators (IMSI catchers) and their use against activists in the United
>>> States.
>>>
>>> Since I began researching IMSI catchers some time last year I have made
>>> contact with many other researchers and organizations. What I have
>>> discovered is that many of those people are working along the same lines
>>> but not sharing knowledge, ending up in a situation where people are
>>> duplicating each other's work, or solving problems which have already
>>> been solved.
>>>
>>> The goal of this working group will be to bring everyone working on IMSI
>>> catcher detection technology and IMSI catcher policy strategies
>>> together, so as to not duplicate each other's current and past work. We
>>> can also share our findings and strategies with each other which will
>>> hopefully multiply our effectiveness.
>>>
>>> To start with, here is a list of relevant literature and videos that my
>>> colleague Yomna compiled, along with descriptions and ratings for most
>>> of them.
>>> https://docs.google.com/document/d/10cDNl3qnmi_MFU66JcdKEXWy
>>> QVZDRIsPCPAMHWzuQqU/edit#
>>>
>>> I think a good next step might be a round of introductions (for anyone
>>> who wants to do so) and a bit about what we have all been working on. I
>>> will do so for myself in a separate thread.
>>>
>>> Cheers,
>>> --
>>> Cooper Quintin
>>> Senior Staff Technologist | EFF
>>> PGP: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA
>>> Twitter: @cooperq
>>> _______________________________________________
>>> CSS-research mailing list
>>> CSS-research at eff.org
>>> https://lists.eff.org/mailman/listinfo/css-research
>>>
>>
>>
>>
>> --
>> Eric Null
>> Policy Counsel
>> New America's Open Technology Institute
>> 740 15th Street NW, Suite 900
>> Washington, DC 20005
>> (202) 596-3493
>> @ericnull
>>
>> _______________________________________________
>> CSS-research mailing list
>> CSS-research at eff.org
>> https://lists.eff.org/mailman/listinfo/css-research
>>
>>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
>

-- 
Georgia Bullen
Director of Technology Projects
Book a meeting: https://calendly.com/georgiabullen/

Open Technology Institute <http://newamerica.org/oti/> @ New America
<http://newamerica.org>
740 15th Street NW, Suite 900, Washington DC, 20005
@georgiamoon <http://twitter.com/georgiamoon>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/css-research/attachments/20171120/fe5965b6/attachment.html>