Here are some excerpts from the WSJ paywalled article:
Cellphones are programmed to connect automatically to the strongest cell tower signal. The device being used by the U.S. Marshals Service identifies itself as having the closest, strongest signal, even though it doesn’t, and forces all the phones that can detect its signal to send in their unique registration information. Even having encryption on one’s phone, such as Apple Co. ’s iPhone 6 now includes, doesn’t prevent this process...
The program cuts out phone companies as an intermediary in searching for suspects. Rather than asking a company for cell-tower information to help locate a suspect, which law enforcement has criticized as slow and inaccurate, the government can now get that information itself. People familiar with the program say they do get court orders to search for phones, but it isn’t clear if those orders describe the methods used because the orders are sealed.
Also unknown are the steps taken to ensure data collected on innocent people isn’t kept for future examination by investigators. A federal appeals court ruled earlier this year that over-collection of data by investigators, and stockpiling of such data, was a violation of the Constitution.
And another blog post from 2013 saying "Immigration and Customs Enforcement (ICE) purchased $3 million worth of Stingrays over several years, and are purchasing airborne mounting kits for both drones and manned aircraft":
http://gritsforbreakfast.blogspot.com/2013/03/bypassing-tele...
An earlier FOIA response from 2012:
http://s3.documentcloud.org/documents/479397/stingrayfoia.tx...
"The training will cover all of Harris Stringray ll operations from an airborne platform.-Specifically, four students are to attend this special training on three different software packages GSM, and CDM mobile handsets) for the Program... The schedule is more unpredictable due to a large portion of the training taking place in an aircraft."
To summarize: if you live in the U.S.[1], your cell phone info (IMSI etc.) has been slurped up by flying FedGov "dirtboxes" without your knowledge, stored in perpetuity, without any law passed by Congress explicitly authorizing this, in violation of the Constitution's Fourth Amendment, and at best authorized by a secret court order from a secret court. Sigh.
[1] I presume most of the HN US readers live in or near metro areas, and the WSJ article says the program covers "most of the U.S. population." Obviously if you're in Idaho or Alaska, you're less likely to be caught in this particular data vacuum cleaner.
In addition to the egrigious complaints citizens could make, wouldn't telecoms and cellphone manufacturers have grounds to sue over this? It sounds like these boxes are actively disrupting or reducing cell-phone service reliability by tricking devices to connect to them, despite not being a good tower.
Ultimately, it's the government that mediates the dispute. They're the government's airwaves and you (the cell phone provider) receive a license to use them. I haven't read the relevant FCC regulations, but they can easily say "cell phone service is secondary; law enforcement is primary".
There is precedent: amateur radio operators can use any means available to them to transmit life-critical messages when licensed methods/frequencies don't work. If that was to set up a fake cell phone tower and get phones to connect, then one could argue that one was using the frequencies legally. (IANAL; don't do this and say I said it was OK. The usual case is something like using your amateur radio to contact the coast guard if your ship is sinking.)
IIRC, most phones will talk to multiple towers at the same time. They mention attempting to keep disruption to a minimum. One would assume they care about not tipping someone off if their phone was acting funny.
While these active MitM attacks are important (the methods seem to be similar to ARP-poisioning), we shouldn't leave out the passive capabilities. These may not even be listed as a feature, if it is a different tool that parses the already-captured traffic as a deferred job.
As we see mentioned here on HN all the time, there is a massive amount interesting data that can be pulled out of large datasets. The original WP publication[1] about COTRAVELER gives a very nice example of the power in just knowing very-inaccurate (cell-sized) location data. You probably don't even need any particular cell-network identifying number, given how easy it is to correlate this kind of data to other identifiers.
And I assume the "USA Freedom Act", which has been drastically watered down already and Democrats are now pretending to want to revive it (after losing Senate...) so they look good at the next elections, doesn't even cover this sort of surveillance.
There are two ways in which the "USA Freedom Act" could cover flying dirtboxes: regulation and reporting. I've been working on http://recent.io/ rather than following this closely but I'm not aware of any effect the bill would have on dirtboxes (love that term!).
Cellphones are programmed to connect automatically to the strongest cell tower signal. The device being used by the U.S. Marshals Service identifies itself as having the closest, strongest signal, even though it doesn’t, and forces all the phones that can detect its signal to send in their unique registration information. Even having encryption on one’s phone, such as Apple Co. ’s iPhone 6 now includes, doesn’t prevent this process...
The program cuts out phone companies as an intermediary in searching for suspects. Rather than asking a company for cell-tower information to help locate a suspect, which law enforcement has criticized as slow and inaccurate, the government can now get that information itself. People familiar with the program say they do get court orders to search for phones, but it isn’t clear if those orders describe the methods used because the orders are sealed.
Also unknown are the steps taken to ensure data collected on innocent people isn’t kept for future examination by investigators. A federal appeals court ruled earlier this year that over-collection of data by investigators, and stockpiling of such data, was a violation of the Constitution.
This isn't exactly new. Harris' Stingray price list has AIRBRN-KIT-CONUS for sale for $9,000, dating back to 2008: https://info.publicintelligence.net/Harris-SurveillancePrice...
Here's a 2013 post on the so-called DRTBOX: http://electrospaces.blogspot.com/2013/11/drtbox-and-drt-sur...
And another blog post from 2013 saying "Immigration and Customs Enforcement (ICE) purchased $3 million worth of Stingrays over several years, and are purchasing airborne mounting kits for both drones and manned aircraft": http://gritsforbreakfast.blogspot.com/2013/03/bypassing-tele...
An earlier FOIA response from 2012: http://s3.documentcloud.org/documents/479397/stingrayfoia.tx... "The training will cover all of Harris Stringray ll operations from an airborne platform.-Specifically, four students are to attend this special training on three different software packages GSM, and CDM mobile handsets) for the Program... The schedule is more unpredictable due to a large portion of the training taking place in an aircraft."
To summarize: if you live in the U.S.[1], your cell phone info (IMSI etc.) has been slurped up by flying FedGov "dirtboxes" without your knowledge, stored in perpetuity, without any law passed by Congress explicitly authorizing this, in violation of the Constitution's Fourth Amendment, and at best authorized by a secret court order from a secret court. Sigh.
[1] I presume most of the HN US readers live in or near metro areas, and the WSJ article says the program covers "most of the U.S. population." Obviously if you're in Idaho or Alaska, you're less likely to be caught in this particular data vacuum cleaner.