At a certain point, everyone will realize this has to stop. I've started to wonder though, if the way to beat the government at this is not to try and stop them, but to encrypt things in such a way that they can no longer use technology like this.
Personally, one thing I like about open source software, is I can host pretty much whatever I want, whenever I want. If this development path continues, I'd imagine that eventually, if there might be some entrepreneuring cell company[0] that would simply encrypt it all anonymously.
Obviously, this would mean a few changes to the way we do things. For example, maybe instead of triangulating your cellular position in an emergency, iOS and Android could create a 'distress' api that would allow for emergency services to access your location, and then alert you with the status. To be honest, it would end up working in a similar way as Emergency and Amber alerts on your device[1].
Realistically, it probably won't happen like this, but if privacy won't be given to us, we need to take it.
It's already fixed (I think) from UMTS upwards. In GSM (2G) the tower authenticated the handset but not vice versa. In UMTS+ the authentication is mutual. To impersonate a cell tower you would therefore need to be able to sign with the carriers signing keys.
One of the most interesting and unreported aspects of these Stingray boxes is how they handle the 2G/3G divergence here. In the USA there's also CDMA to think about and I don't know how that handles authentication, if at all. I suspect such IMSI catchers emulate a GSM base station and possibly jam 3G frequencies to try and force phones to downgrade. I don't think there's any way to tell phones to never use GSM even if it's the only option, but if there was, I suspect that'd "fix" things (except most people wouldn't know about or use them). Ultimately the only thing that can stop this is a phasing out of 2G entirely but that won't happen any time soon, and even once it's done, by that point law enforcement will have got used to the ability to just follow everyone around all the time and would insist that they MUST be able to use these devices otherwise chaos and anarchy would follow, so they'd probably mount a vigorous lobbying campaign to get the signing keys.
discusses police departments purchasing equipment that will work with phones that can't be forced to 2G (partly in anticipation of carriers switching 2G off).
Personally, one thing I like about open source software, is I can host pretty much whatever I want, whenever I want. If this development path continues, I'd imagine that eventually, if there might be some entrepreneuring cell company[0] that would simply encrypt it all anonymously.
Obviously, this would mean a few changes to the way we do things. For example, maybe instead of triangulating your cellular position in an emergency, iOS and Android could create a 'distress' api that would allow for emergency services to access your location, and then alert you with the status. To be honest, it would end up working in a similar way as Emergency and Amber alerts on your device[1].
Realistically, it probably won't happen like this, but if privacy won't be given to us, we need to take it.
[0] http://www.artemis.com/ [1] http://support.apple.com/en-us/HT5795