[CSS-research] Hello and welcome to the Cell Site Simulator Research mailing list
Joseph Cox
josephfranciscox at gmail.com
Thu Nov 23 08:54:58 PST 2017
Hey everyone—I’m Joseph Cox, a journalist from The Daily Beast and formerly
Motherboard, Wired, etc.
But I’m here because I maintain https://spytechexports.com/, which tracks
the export of surveillance technology including IMSI catchers. The site is
UK focused at the moment, but will branch out to other countries as I
obtain more data.
On Thu, 23 Nov 2017 at 17:16, Ashley Wilson <ash.d.wilson at gmail.com> wrote:
> Hi everyone,
>
> My name is Ash and I created a tool called SITCH (https://sitch.io) for
> detecting anomalies in cellular networks.
>
> I'm especially interested in information that can lead to better
> signatures in SITCH.
>
> On Nov 23, 2017 6:59 AM, "Seamus Tuohy" <s2e at seamustuohy.com> wrote:
>
> Hi all,
>
> Seamus Tuohy here; Director of Info-Sec at Human Rights Watch. I've worked
> with a few of the folks on this list in the past to implement projects
> around stingrays. I have also designed and helped with the resulting data
> analysis for a few different international wireless network and IMSI
> catcher catcher projects.
>
> Not all that much if my historic work is public. Hopefully, at my new job
> I'll be able to share the TTP's from my work more widely.
>
> As an FYI my short term work on this topic will most likely be limited to
> tracking international usage and capabilities for our internal risk
> assessments.
>
> Best,
> s2e
>
>
> On Nov 20, 2017 10:38 PM, "Georgia Bullen" <georgia at opentechinstitute.org>
> wrote:
>
> Hi All!
>
> Joining in with a short intro... I'm Georgia. I am the director of tech
> projects at OTI. My background is UX, Software development, data viz and
> urban planning. Meaning... I can be help with thinking about UX, managing
> things, visualizing data, and random geo stuff.
>
> The Team at OTI (Robyn Greene, Nat Meysenburg, and Chris Ritzo -- all on
> this list I think!) did an experiment with a bunch of tools (and help from
> many of you!) for the science march back in the Spring, and the write up
> for that is available here:
> https://www.newamerica.org/oti/blog/oti-experiment-open-source-surveillance-detection/
>
> Looking forward to seeing how we can work together as a group going
> forward.
>
> -Georgia
>
> On Mon, Nov 20, 2017 at 6:15 PM, Martin Shelton <mshelton at riseup.net>
> wrote:
>
>> Hey all, and thanks for organizing, Cooper + Yomna!
>>
>>
>> Very brief intro: I'm Martin. I conduct user research and study how U.S.
>> journalists and media activists manage information security. To help relay
>> good information on this topic, it's an area I'd like to learn more about.
>>
>>
>> Martin
>>
>> On Nov 20, 2017, at 1:15 PM, Peter Ney <neyp at cs.washington.edu> wrote:
>>
>> Hello,
>>
>> Nice to meet everyone! Cooper, thanks for starting this list. I think it
>> is a great idea to get everyone working on cell-site simulators in touch.
>>
>> I'm Peter Ney, a graduate student in the Security Lab at the University
>> of Washington, and a member of the SeaGlass team (
>> https://seaglass.cs.washington.edu/), along with Ian Smith, Karl
>> Koscher, and Yoshi Kohno. Our long term goal with SeaGlass is to build
>> systems that are able to detect cell-site simulators at scale (especially
>> commercial models) with high accuracy. This means building systems to
>> collect cellular data and developing algorithms that can use this data to
>> detect cell-site simulators.
>>
>> We aren't there yet. In addition to the challenges of collecting data, I
>> think there are two unsolved problems:
>>
>> 1) If you detect something anomalous/suspicious, how do you know if it is
>> a cell-site simulator or some other network anomaly (e.g., cell-on-wheels,
>> femtocell, misconfigured legitimate BTS, etc)? In our experience looking at
>> network data, really weird stuff happens all the time that is innocuous.
>> This would be easier to answer if we had ground truth from the network, but
>> we really shouldn't rely on having this. This is going to be especially
>> important to solve if we want to use our results in court.
>>
>> 2) We need rigorous evaluation that convinces us that a detection system
>> would actually work in the wild. The recent White-Stingray paper published
>> this year at WOOT'17 highlights this point when they showed that
>> phone-based IMSI-catcher detection apps are missing lots of cell-site
>> simulator behavior. This problem gets harder because showing that a given
>> system can detect a homemade SDR IMSI-catcher doesn't mean that it could
>> detect a Harris Stingray or Hailstorm (because we are still making educated
>> guesses about their behavior unless we can get access to them).
>>
>> Right now we are revamping the SeaGlass sensor to collect lots more data
>> with SDRs, and are working on improving our evaluation infrastructure (with
>> IMSI-catchers) to add more rigor to our evaluation. We hope to start
>> collecting more data in the wild sometime next year.
>>
>> Ian and I are also involved in a cell-site simulator court case down in
>> Tacoma, WA, so we may have some questions for the list as we get further
>> along in that process.
>>
>> Peter
>>
>> On Tue, Nov 14, 2017 at 11:23 AM, Eric Null <null at opentechinstitute.org>
>> wrote:
>>
>>> Hi Cooper, thanks for getting this started and thanks to Yomna for
>>> compiling the resources.
>>>
>>> Hello mailing list! I'm Eric Null, a broadband policy attorney at New
>>> America's Open Technology Institute. IMSI catchers/surveillance tech makes
>>> up a small portion of my work (mostly because OTI has its own security
>>> policy team), but I'm happy to be on this list so I can learn more about
>>> what's happening.
>>>
>>> One thing I wanted to mention is that we (OTI and two other orgs) filed
>>> a complaint last year at the FCC
>>> <https://www.newamerica.org/oti/press-releases/oti-and-others-file-stingray-complaint-against-baltimore-city-police-department/>
>>> arguing that Baltimore PD's use of IMSI catchers violated the
>>> Communications Act (the complaint has some fun maps/data viz in it!). We
>>> had some meetings in late 2016, but even under a Dem administration it was
>>> difficult to get them to move. Needless to say, under Trump's FCC chairman,
>>> we'd probably get bad precedent if the FCC acted on it, so we're no longer
>>> pushing it for the time being.
>>>
>>> Anyway, thanks everyone!
>>>
>>> On Tue, Nov 14, 2017 at 2:10 PM, Cooper Quintin <cooperq at eff.org> wrote:
>>>
>>>> Hello and welcome to the Cell Site Simulator Research mailing list!
>>>>
>>>> I am a senior staff technologist at EFF on our Cybersecurity Team. For
>>>> the last year or so I have been studying—among other things—Cell Site
>>>> Simulators (IMSI catchers) and their use against activists in the United
>>>> States.
>>>>
>>>> Since I began researching IMSI catchers some time last year I have made
>>>> contact with many other researchers and organizations. What I have
>>>> discovered is that many of those people are working along the same lines
>>>> but not sharing knowledge, ending up in a situation where people are
>>>> duplicating each other's work, or solving problems which have already
>>>> been solved.
>>>>
>>>> The goal of this working group will be to bring everyone working on IMSI
>>>> catcher detection technology and IMSI catcher policy strategies
>>>> together, so as to not duplicate each other's current and past work. We
>>>> can also share our findings and strategies with each other which will
>>>> hopefully multiply our effectiveness.
>>>>
>>>> To start with, here is a list of relevant literature and videos that my
>>>> colleague Yomna compiled, along with descriptions and ratings for most
>>>> of them.
>>>>
>>>> https://docs.google.com/document/d/10cDNl3qnmi_MFU66JcdKEXWyQVZDRIsPCPAMHWzuQqU/edit#
>>>>
>>>> I think a good next step might be a round of introductions (for anyone
>>>> who wants to do so) and a bit about what we have all been working on. I
>>>> will do so for myself in a separate thread.
>>>>
>>>> Cheers,
>>>> --
>>>> Cooper Quintin
>>>> Senior Staff Technologist | EFF
>>>> PGP: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA
>>>> Twitter: @cooperq
>>>> _______________________________________________
>>>> CSS-research mailing list
>>>> CSS-research at eff.org
>>>> https://lists.eff.org/mailman/listinfo/css-research
>>>>
>>>
>>>
>>>
>>> --
>>> Eric Null
>>> Policy Counsel
>>> New America's Open Technology Institute
>>> 740 15th Street NW, Suite 900
>>> Washington, DC 20005
>>> (202) 596-3493
>>> @ericnull
>>>
>>> _______________________________________________
>>> CSS-research mailing list
>>> CSS-research at eff.org
>>> https://lists.eff.org/mailman/listinfo/css-research
>>>
>>>
>> _______________________________________________
>> CSS-research mailing list
>> CSS-research at eff.org
>> https://lists.eff.org/mailman/listinfo/css-research
>>
>>
>> _______________________________________________
>> CSS-research mailing list
>> CSS-research at eff.org
>> https://lists.eff.org/mailman/listinfo/css-research
>>
>>
>
>
> --
> Georgia Bullen
> Director of Technology Projects
> Book a meeting: https://calendly.com/georgiabullen/
>
> Open Technology Institute <http://newamerica.org/oti/> @ New America
> <http://newamerica.org>
> 740 15th Street NW, Suite 900, Washington DC, 20005
> @georgiamoon <http://twitter.com/georgiamoon>
>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
>
>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
>
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/css-research/attachments/20171123/d2741eea/attachment-0001.html>
More information about the CSS-research
mailing list