The data that our phones exchange with cell towers during necessary connection procedures can reveal critical, and private, information. Knowing the time a call was made or the approximate location of a phone (whether a call was initiated or not) can pinpoint someone’s whereabouts, reported the Electronic Frontier Foundation. Some third-parties intercept this data and intend to use it for nefarious acts.
Although cell network security has been rapidly advancing, there’s also been a significant rise in the exploitation of security bugs by criminals and law enforcement, who are accessing private data via Cell-Site Simulators (CSSs, a.k.a. Stingrays or IMSI-catchers). However, what exactly are CSSs capable of, and how can the public become more knowledgeable?
The Electronic Frontier Foundation released an in-depth white paper that explains some of the most relevant cell network attacks from the ground up. Some of the questions the paper answers, even for non-technical readers, include: what are the different kinds of location tracking attacks, what are the known limits around cell network communication interception, and how does all this work? The white paper aims to raise awareness about the CSSs and how they are being used to invade privacy.
July 17, 2019