When Lee Goldsmith drives by one of the many fake cellphone towers being discovered throughout the U.S., his $3,500 CryptoPhone 500 will immediately display the warning message in the thumbnail image to the left.
When you drive by the same fake towers, known as “interceptors,” your run of the mill iPhone or Samsung Galaxy won’t alert you to any potential security breach. And that’s exactly how those people who installed these interceptors, whoever they are, like it.
I’ve seen headlines about these fake cell towers over the past several days, but didn’t investigate the matter until today. It appears Popular Science broke the story in late August with the piece: Mysterious Phony Cell Towers Could Be Intercepting Your Calls. The article focuses on the revelations of Lee Goldsmith, CEO of ESD America, which makes ultra-expensive and ultra-secure cellphones (another player in this market is Silent Circle with its Blackphone) . What Lee Goldsmith and other users of the CryptoPhone 500 have discovered while driving across part of America will shock and disturb you.
We learn from Computer World that:
Through notifications such as that, CryptoPhone users found and mapped 17 fake “cell towers” in the U.S. during the month of July. While most phones can’t find those interceptors, a $3,500 CryptoPhone 500 can. The phone has a Samsung Galaxy SIII body, but unlike the Android OS that comes standard on the Galaxy SIII and “leaks data to parts unknown 80-90 times every hour,” ESD America hardened the Android OS by removing 468 vulnerabilities.
“Interceptor use in the U.S. is much higher than people had anticipated,” said Les Goldsmith, the CEO of ESD America. He told Popular Science, “One of our customers took a road trip from Florida to North Carolina and he found eight different interceptors on that trip. We even found one at South Point Casino in Las Vegas.” He added, “What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases. Whose interceptor is it? Who are they, that’s listening to calls around military bases? The point is: we don’t really know whose they are.
Privacy groups have been fighting unconstitutional stingray surveillance for several years, yet there’s still a great deal citizens don’t know about the portable devices known as IMSI catchers, also known by the generic term “stingray.” It acts like a fake cell tower and tricks your mobile device into connecting to it even if you are not on a call. It is used for real time location tracking; some can pinpoint you within two meters as well as eavesdrop and capture the contents of your communications.
They can do even more than that, including pushing spyware to devices and sending spoof texts.
Goldsmith conducts testing on his company’s “baseband firewall” while driving by an unnamed government facility in the Nevada desert that runs an interceptor. “As we drove by, the iPhone showed no difference whatsoever. The Samsung Galaxy S4, the call went from 4G to 3G and back to 4G. The CryptoPhone lit up like a Christmas tree.”
You might know your phone is being intercepted if it shows 2G, instead of 3G or 4G, but some interceptors claim to be “undetectable.” The VME Dominator, for example, is marketed only to government agencies. It promises that it allows “you to intercept, block, follow, track, record and listen to communications using unique triangulation and other advanced technology,” but “cannot be detected. It allows interception of voice and text. It also allows voice manipulation, up or down channel blocking, text intercept and modification, calling and sending text on behalf of the user, and directional finding of a user during random monitoring of calls.”
Now here’s the incredible part. Although the phase out of 2G is several years away, those who wish to spy are so concerned about it, they are already making plans to ensure that surveillance isn’t impacted.
Although it will be a long time before cell phones no longer support 2G, Johnny Law is working on upgrading Harris Corporation “Stingray” systems, with “Hailstorm,” to support 4G LTE interception. The News Tribune in Tacoma reported on a March 2014 purchase order from the DEA, which stated, “The Hailstorm upgrade is necessary for the Stingray system to track 4G LTE phones.”
According to Ars Technica, the Oakland Police Department, Fremont Police Department, and the Alameda County District Attorney joined forces by applying for a DHS grant to pay for the Hailstorm upgrade. “The entire upgrade will cost $460,000—including $205,000 in total Homeland Security grant money, and $50,000 from the Oakland Police Department (OPD).” In theory, more documents are being gathered and will be released this month by the Alameda County DA’s office.
No surprise that one of the most insidious agencies ever created is set to fund the upgrade to spying technologies for law enforcement. I covered this threat in my recent post: Department of Homeland Security – A 240,000 Person Cancer on the American Soul.
Now more from Computer World...
While the FCC seems to have known about cellular network vulnerabilities that stingrays exploit, last month it established a “task force” to investigate the “illicit and unauthorized use” use of stingrays. Instead of investigating law enforcement’s use of such interceptors, the FCC “plans to study the extent to which criminal gangs and foreign intelligence services are using the devices against Americans.” The FCC also refused the ACLU’s FOIA request for stingray documents.
Meanwhile, the FCC is the agency about to destroy the internet on behalf of telecom companies. Do you really have any doubt as to who these agencies really work for?