[CSS-research] Hello and welcome to the Cell Site Simulator Research mailing list
Amanda Hickman
amanda at velociraptor.info
Sat Nov 25 11:08:55 PST 2017
Folks,
I'm Amanda Hickman. I'm at large at the moment after running BuzzFeed's Open Lab for several years. We were experimenting with a few different projects, including running Ash's SITCH (which Logan wrote about at https://www.buzzfeed.com/loganwilliams/listening-for-those-who-listen) and experimenting with some other projects. I invited the folks who were doing the hands-on work to join this list.
We were teasing out some ideas around methodology for mapping existing cell towers at sites that are expected to draw attention and then remapping and possibly actually identifying the new towers -- the DNC and RNC seemed like good candidates, but I'd love to play with finding some other candidates for likely places to play with demosntrating the presence of at least suspect cell towers.
And I'm definitely interested in listening in for ways I can support this work with connections or logistics.
-Amanda
On Thu, Nov 23, 2017 at 04:54:58PM +0000, Joseph Cox wrote:
> Hey everyone—I’m Joseph Cox, a journalist from The Daily Beast and formerly
> Motherboard, Wired, etc.
>
> But I’m here because I maintain https://spytechexports.com/, which tracks
> the export of surveillance technology including IMSI catchers. The site is
> UK focused at the moment, but will branch out to other countries as I
> obtain more data.
>
>
> On Thu, 23 Nov 2017 at 17:16, Ashley Wilson <ash.d.wilson at gmail.com> wrote:
>
> > Hi everyone,
> >
> > My name is Ash and I created a tool called SITCH (https://sitch.io) for
> > detecting anomalies in cellular networks.
> >
> > I'm especially interested in information that can lead to better
> > signatures in SITCH.
> >
> > On Nov 23, 2017 6:59 AM, "Seamus Tuohy" <s2e at seamustuohy.com> wrote:
> >
> > Hi all,
> >
> > Seamus Tuohy here; Director of Info-Sec at Human Rights Watch. I've worked
> > with a few of the folks on this list in the past to implement projects
> > around stingrays. I have also designed and helped with the resulting data
> > analysis for a few different international wireless network and IMSI
> > catcher catcher projects.
> >
> > Not all that much if my historic work is public. Hopefully, at my new job
> > I'll be able to share the TTP's from my work more widely.
> >
> > As an FYI my short term work on this topic will most likely be limited to
> > tracking international usage and capabilities for our internal risk
> > assessments.
> >
> > Best,
> > s2e
> >
> >
> > On Nov 20, 2017 10:38 PM, "Georgia Bullen" <georgia at opentechinstitute.org>
> > wrote:
> >
> > Hi All!
> >
> > Joining in with a short intro... I'm Georgia. I am the director of tech
> > projects at OTI. My background is UX, Software development, data viz and
> > urban planning. Meaning... I can be help with thinking about UX, managing
> > things, visualizing data, and random geo stuff.
> >
> > The Team at OTI (Robyn Greene, Nat Meysenburg, and Chris Ritzo -- all on
> > this list I think!) did an experiment with a bunch of tools (and help from
> > many of you!) for the science march back in the Spring, and the write up
> > for that is available here:
> > https://www.newamerica.org/oti/blog/oti-experiment-open-source-surveillance-detection/
> >
> > Looking forward to seeing how we can work together as a group going
> > forward.
> >
> > -Georgia
> >
> > On Mon, Nov 20, 2017 at 6:15 PM, Martin Shelton <mshelton at riseup.net>
> > wrote:
> >
> >> Hey all, and thanks for organizing, Cooper + Yomna!
> >>
> >>
> >> Very brief intro: I'm Martin. I conduct user research and study how U.S.
> >> journalists and media activists manage information security. To help relay
> >> good information on this topic, it's an area I'd like to learn more about.
> >>
> >>
> >> Martin
> >>
> >> On Nov 20, 2017, at 1:15 PM, Peter Ney <neyp at cs.washington.edu> wrote:
> >>
> >> Hello,
> >>
> >> Nice to meet everyone! Cooper, thanks for starting this list. I think it
> >> is a great idea to get everyone working on cell-site simulators in touch.
> >>
> >> I'm Peter Ney, a graduate student in the Security Lab at the University
> >> of Washington, and a member of the SeaGlass team (
> >> https://seaglass.cs.washington.edu/), along with Ian Smith, Karl
> >> Koscher, and Yoshi Kohno. Our long term goal with SeaGlass is to build
> >> systems that are able to detect cell-site simulators at scale (especially
> >> commercial models) with high accuracy. This means building systems to
> >> collect cellular data and developing algorithms that can use this data to
> >> detect cell-site simulators.
> >>
> >> We aren't there yet. In addition to the challenges of collecting data, I
> >> think there are two unsolved problems:
> >>
> >> 1) If you detect something anomalous/suspicious, how do you know if it is
> >> a cell-site simulator or some other network anomaly (e.g., cell-on-wheels,
> >> femtocell, misconfigured legitimate BTS, etc)? In our experience looking at
> >> network data, really weird stuff happens all the time that is innocuous.
> >> This would be easier to answer if we had ground truth from the network, but
> >> we really shouldn't rely on having this. This is going to be especially
> >> important to solve if we want to use our results in court.
> >>
> >> 2) We need rigorous evaluation that convinces us that a detection system
> >> would actually work in the wild. The recent White-Stingray paper published
> >> this year at WOOT'17 highlights this point when they showed that
> >> phone-based IMSI-catcher detection apps are missing lots of cell-site
> >> simulator behavior. This problem gets harder because showing that a given
> >> system can detect a homemade SDR IMSI-catcher doesn't mean that it could
> >> detect a Harris Stingray or Hailstorm (because we are still making educated
> >> guesses about their behavior unless we can get access to them).
> >>
> >> Right now we are revamping the SeaGlass sensor to collect lots more data
> >> with SDRs, and are working on improving our evaluation infrastructure (with
> >> IMSI-catchers) to add more rigor to our evaluation. We hope to start
> >> collecting more data in the wild sometime next year.
> >>
> >> Ian and I are also involved in a cell-site simulator court case down in
> >> Tacoma, WA, so we may have some questions for the list as we get further
> >> along in that process.
> >>
> >> Peter
> >>
> >> On Tue, Nov 14, 2017 at 11:23 AM, Eric Null <null at opentechinstitute.org>
> >> wrote:
> >>
> >>> Hi Cooper, thanks for getting this started and thanks to Yomna for
> >>> compiling the resources.
> >>>
> >>> Hello mailing list! I'm Eric Null, a broadband policy attorney at New
> >>> America's Open Technology Institute. IMSI catchers/surveillance tech makes
> >>> up a small portion of my work (mostly because OTI has its own security
> >>> policy team), but I'm happy to be on this list so I can learn more about
> >>> what's happening.
> >>>
> >>> One thing I wanted to mention is that we (OTI and two other orgs) filed
> >>> a complaint last year at the FCC
> >>> <https://www.newamerica.org/oti/press-releases/oti-and-others-file-stingray-complaint-against-baltimore-city-police-department/>
> >>> arguing that Baltimore PD's use of IMSI catchers violated the
> >>> Communications Act (the complaint has some fun maps/data viz in it!). We
> >>> had some meetings in late 2016, but even under a Dem administration it was
> >>> difficult to get them to move. Needless to say, under Trump's FCC chairman,
> >>> we'd probably get bad precedent if the FCC acted on it, so we're no longer
> >>> pushing it for the time being.
> >>>
> >>> Anyway, thanks everyone!
> >>>
> >>> On Tue, Nov 14, 2017 at 2:10 PM, Cooper Quintin <cooperq at eff.org> wrote:
> >>>
> >>>> Hello and welcome to the Cell Site Simulator Research mailing list!
> >>>>
> >>>> I am a senior staff technologist at EFF on our Cybersecurity Team. For
> >>>> the last year or so I have been studying—among other things—Cell Site
> >>>> Simulators (IMSI catchers) and their use against activists in the United
> >>>> States.
> >>>>
> >>>> Since I began researching IMSI catchers some time last year I have made
> >>>> contact with many other researchers and organizations. What I have
> >>>> discovered is that many of those people are working along the same lines
> >>>> but not sharing knowledge, ending up in a situation where people are
> >>>> duplicating each other's work, or solving problems which have already
> >>>> been solved.
> >>>>
> >>>> The goal of this working group will be to bring everyone working on IMSI
> >>>> catcher detection technology and IMSI catcher policy strategies
> >>>> together, so as to not duplicate each other's current and past work. We
> >>>> can also share our findings and strategies with each other which will
> >>>> hopefully multiply our effectiveness.
> >>>>
> >>>> To start with, here is a list of relevant literature and videos that my
> >>>> colleague Yomna compiled, along with descriptions and ratings for most
> >>>> of them.
> >>>>
> >>>> https://docs.google.com/document/d/10cDNl3qnmi_MFU66JcdKEXWyQVZDRIsPCPAMHWzuQqU/edit#
> >>>>
> >>>> I think a good next step might be a round of introductions (for anyone
> >>>> who wants to do so) and a bit about what we have all been working on. I
> >>>> will do so for myself in a separate thread.
> >>>>
> >>>> Cheers,
> >>>> --
> >>>> Cooper Quintin
> >>>> Senior Staff Technologist | EFF
> >>>> PGP: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA
> >>>> Twitter: @cooperq
> >>>> _______________________________________________
> >>>> CSS-research mailing list
> >>>> CSS-research at eff.org
> >>>> https://lists.eff.org/mailman/listinfo/css-research
> >>>>
> >>>
> >>>
> >>>
> >>> --
> >>> Eric Null
> >>> Policy Counsel
> >>> New America's Open Technology Institute
> >>> 740 15th Street NW, Suite 900
> >>> Washington, DC 20005
> >>> (202) 596-3493
> >>> @ericnull
> >>>
> >>> _______________________________________________
> >>> CSS-research mailing list
> >>> CSS-research at eff.org
> >>> https://lists.eff.org/mailman/listinfo/css-research
> >>>
> >>>
> >> _______________________________________________
> >> CSS-research mailing list
> >> CSS-research at eff.org
> >> https://lists.eff.org/mailman/listinfo/css-research
> >>
> >>
> >> _______________________________________________
> >> CSS-research mailing list
> >> CSS-research at eff.org
> >> https://lists.eff.org/mailman/listinfo/css-research
> >>
> >>
> >
> >
> > --
> > Georgia Bullen
> > Director of Technology Projects
> > Book a meeting: https://calendly.com/georgiabullen/
> >
> > Open Technology Institute <http://newamerica.org/oti/> @ New America
> > <http://newamerica.org>
> > 740 15th Street NW, Suite 900, Washington DC, 20005
> > @georgiamoon <http://twitter.com/georgiamoon>
> >
> > _______________________________________________
> > CSS-research mailing list
> > CSS-research at eff.org
> > https://lists.eff.org/mailman/listinfo/css-research
> >
> >
> >
> > _______________________________________________
> > CSS-research mailing list
> > CSS-research at eff.org
> > https://lists.eff.org/mailman/listinfo/css-research
> >
> >
> > _______________________________________________
> > CSS-research mailing list
> > CSS-research at eff.org
> > https://lists.eff.org/mailman/listinfo/css-research
> >
> _______________________________________________
> CSS-research mailing list
> CSS-research at eff.org
> https://lists.eff.org/mailman/listinfo/css-research
--
Amanda Hickman
tel: 917-655-2579
twi: @amandabee
More information about the CSS-research
mailing list