The Catalog of Spying Gear the Feds Don't Want You to See

originally posted by: eisegesis
a reply to: Bedlam

From a civilian standpoint, is there anyway to know if you're connecting to a fake carrier signal before breaking any encryption? Is there any identifier or I dare even ask, an app (rooted or not), that can tell me if I'm getting ciphered?

Are they mostly successful in remaining undetected when stealing our data because of our ignorance to the subject or because the systems are designed to be spoofed? How does the actual signal provider company not notice?

A way to do the intercept in the past was to negotiate your phone down to a very basic level where you didn't have to work at the encryption. There are some jail-broken apps that use this to detect interception. There are vulnerabilities in the encryption sequences during the call set-up. If your box is doing all the call setups, then it can just screw that up before handing the thing over to the cell tower, and then you can do LTE or GSM. So in future, it'll be less easy than just looking to see if the tower is running in doofus mode.

I'm sure the signal provider COULD tell. However, in the US, if the Feds wanted, they don't have to do this, and can get into the tower by using CALEA. OTOH, it's possible to do more to you by interception than you can get (yet) through CALEA, thus do you have the agency flying planes around major cities with this in. Not only do they run a sort of ARGUS setup to physically watch where you are, they can intercept phone traffic and tag it to the little car and people images moving around, you can pick the ones you want to follow and their phones will tell you everything as they watch you go about your happy business during a riot or whatnot. And if they want, and your phone permits it (many do), they can reflash it with some nice baggage, or turn on your mic or camera. Or get the contact list, or upload it (some phones). You'd be #ing amazed at what you can do to/get from a phone just by boogering up the bt or wifi stacks with a little briefcase rig. Some time back, I had a guy demo a nifty new privacy invading device at the local coffee shop, you could look at a list of the bt and wifi stack beacons, pick one, and pump out the contacts through a service I never knew existed anyway.

The Wiretapper’s Ball

Like any major industry, the companies in the business of selling surveillance technology have conferences. Those trade shows, which are held a few times a years in locations like Mexico and Dubai are called ISS World, more commonly known as the “Wiretapper’s Ball.”

From what public accounts do exist, the events themselves seem like profoundly weird experiences.

I can't imagine what the foreign contact paperwork must be like after a day at the show. Looked through my email logs, this is one of the few things I haven't gotten an invite to.