[CSS-research] Hello and welcome to the Cell Site Simulator Research mailing list

Seamus Tuohy s2e at seamustuohy.com
Thu Nov 23 06:59:39 PST 2017


Hi all,

Seamus Tuohy here; Director of Info-Sec at Human Rights Watch. I've worked
with a few of the folks on this list in the past to implement projects
around stingrays. I have also designed and helped with the resulting data
analysis for a few different international wireless network and IMSI
catcher catcher projects.

Not all that much if my historic work is public. Hopefully, at my new job
I'll be able to share the TTP's from my work more widely.

As an FYI my short term work on this topic will most likely be limited to
tracking international usage and capabilities for our internal risk
assessments.

Best,
s2e


On Nov 20, 2017 10:38 PM, "Georgia Bullen" <georgia at opentechinstitute.org>
wrote:

Hi All!

Joining in with a short intro... I'm Georgia. I am the director of tech
projects at OTI. My background is UX, Software development, data viz and
urban planning. Meaning... I can be help with thinking about UX, managing
things, visualizing data, and random geo stuff.

The Team at OTI (Robyn Greene, Nat Meysenburg, and Chris Ritzo -- all on
this list I think!) did an experiment with a bunch of tools (and help from
many of you!) for the science march back in the Spring, and the write up
for that is available here: https://www.newamerica.
org/oti/blog/oti-experiment-open-source-surveillance-detection/

Looking forward to seeing how we can work together as a group going forward.

-Georgia

On Mon, Nov 20, 2017 at 6:15 PM, Martin Shelton <mshelton at riseup.net> wrote:

> Hey all, and thanks for organizing, Cooper + Yomna!
>
>
> Very brief intro: I'm Martin. I conduct user research and study how U.S.
> journalists and media activists manage information security. To help relay
> good information on this topic, it's an area I'd like to learn more about.
>
>
> Martin
>
> On Nov 20, 2017, at 1:15 PM, Peter Ney <neyp at cs.washington.edu> wrote:
>
> Hello,
>
> Nice to meet everyone! Cooper, thanks for starting this list. I think it
> is a great idea to get everyone working on cell-site simulators in touch.
>
> I'm Peter Ney, a graduate student in the Security Lab at the University of
> Washington, and a member of the SeaGlass team (
> https://seaglass.cs.washington.edu/), along with Ian Smith, Karl Koscher,
> and Yoshi Kohno. Our long term goal with SeaGlass is to build systems that
> are able to detect cell-site simulators at scale (especially commercial
> models) with high accuracy. This means building systems to collect cellular
> data and developing algorithms that can use this data to detect cell-site
> simulators.
>
> We aren't there yet. In addition to the challenges of collecting data, I
> think there are two unsolved problems:
>
> 1) If you detect something anomalous/suspicious, how do you know if it is
> a cell-site simulator or some other network anomaly (e.g., cell-on-wheels,
> femtocell, misconfigured legitimate BTS, etc)? In our experience looking at
> network data, really weird stuff happens all the time that is innocuous.
> This would be easier to answer if we had ground truth from the network, but
> we really shouldn't rely on having this. This is going to be especially
> important to solve if we want to use our results in court.
>
> 2) We need rigorous evaluation that convinces us that a detection system
> would actually work in the wild. The recent White-Stingray paper published
> this year at WOOT'17 highlights this point when they showed that
> phone-based IMSI-catcher detection apps are missing lots of cell-site
> simulator behavior. This problem gets harder because showing that a given
> system can detect a homemade SDR IMSI-catcher doesn't mean that it could
> detect a Harris Stingray or Hailstorm (because we are still making educated
> guesses about their behavior unless we can get access to them).
>
> Right now we are revamping the SeaGlass sensor to collect lots more data
> with SDRs, and are working on improving our evaluation infrastructure (with
> IMSI-catchers) to add more rigor to our evaluation. We hope to start
> collecting more data in the wild sometime next year.
>
> Ian and I are also involved in a cell-site simulator court case down in
> Tacoma, WA, so we may have some questions for the list as we get further
> along in that process.
>
> Peter
>
> On Tue, Nov 14, 2017 at 11:23 AM, Eric Null <null at opentechinstitute.org>
> wrote:
>
>> Hi Cooper, thanks for getting this started and thanks to Yomna for
>> compiling the resources.
>>
>> Hello mailing list! I'm Eric Null, a broadband policy attorney at New
>> America's Open Technology Institute. IMSI catchers/surveillance tech makes
>> up a small portion of my work (mostly because OTI has its own security
>> policy team), but I'm happy to be on this list so I can learn more about
>> what's happening.
>>
>> One thing I wanted to mention is that we (OTI and two other orgs) filed
>> a complaint last year at the FCC
>> <https://www.newamerica.org/oti/press-releases/oti-and-others-file-stingray-complaint-against-baltimore-city-police-department/>
>> arguing that Baltimore PD's use of IMSI catchers violated the
>> Communications Act (the complaint has some fun maps/data viz in it!). We
>> had some meetings in late 2016, but even under a Dem administration it was
>> difficult to get them to move. Needless to say, under Trump's FCC chairman,
>> we'd probably get bad precedent if the FCC acted on it, so we're no longer
>> pushing it for the time being.
>>
>> Anyway, thanks everyone!
>>
>> On Tue, Nov 14, 2017 at 2:10 PM, Cooper Quintin <cooperq at eff.org> wrote:
>>
>>> Hello and welcome to the Cell Site Simulator Research mailing list!
>>>
>>> I am a senior staff technologist at EFF on our Cybersecurity Team. For
>>> the last year or so I have been studying—among other things—Cell Site
>>> Simulators (IMSI catchers) and their use against activists in the United
>>> States.
>>>
>>> Since I began researching IMSI catchers some time last year I have made
>>> contact with many other researchers and organizations. What I have
>>> discovered is that many of those people are working along the same lines
>>> but not sharing knowledge, ending up in a situation where people are
>>> duplicating each other's work, or solving problems which have already
>>> been solved.
>>>
>>> The goal of this working group will be to bring everyone working on IMSI
>>> catcher detection technology and IMSI catcher policy strategies
>>> together, so as to not duplicate each other's current and past work. We
>>> can also share our findings and strategies with each other which will
>>> hopefully multiply our effectiveness.
>>>
>>> To start with, here is a list of relevant literature and videos that my
>>> colleague Yomna compiled, along with descriptions and ratings for most
>>> of them.
>>> https://docs.google.com/document/d/10cDNl3qnmi_MFU66JcdKEXWy
>>> QVZDRIsPCPAMHWzuQqU/edit#
>>>
>>> I think a good next step might be a round of introductions (for anyone
>>> who wants to do so) and a bit about what we have all been working on. I
>>> will do so for myself in a separate thread.
>>>
>>> Cheers,
>>> --
>>> Cooper Quintin
>>> Senior Staff Technologist | EFF
>>> PGP: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA
>>> Twitter: @cooperq
>>> _______________________________________________
>>> CSS-research mailing list
>>> CSS-research at eff.org
>>> https://lists.eff.org/mailman/listinfo/css-research
>>>
>>
>>
>>
>> --
>> Eric Null
>> Policy Counsel
>> New America's Open Technology Institute
>> 740 15th Street NW, Suite 900
>> Washington, DC 20005
>> (202) 596-3493
>> @ericnull
>>
>> _______________________________________________
>> CSS-research mailing list
>> CSS-research at eff.org
>> https://lists.eff.org/mailman/listinfo/css-research
>>
>>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
>


-- 
Georgia Bullen
Director of Technology Projects
Book a meeting: https://calendly.com/georgiabullen/

Open Technology Institute <http://newamerica.org/oti/> @ New America
<http://newamerica.org>
740 15th Street NW, Suite 900, Washington DC, 20005
@georgiamoon <http://twitter.com/georgiamoon>

_______________________________________________
CSS-research mailing list
CSS-research at eff.org
https://lists.eff.org/mailman/listinfo/css-research
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/css-research/attachments/20171123/bd429f0e/attachment.html>


More information about the CSS-research mailing list