Thursday 27 November 2014

‘Dirtbox’ planes masquerade as cell towers to collect smartphone data in sophisticated spying ops



It’s no secret anymore that governmental agencies in the U.S. and other countries have access to sophisticated tools that allow them to track and collect data from smartphones and other devices without users knowing anything is happening, and The Wall Street Journal has uncovered yet another such operation which uses a special “dirtbox” technology installed in special planes that can mimic cell phone towers and fool smartphones into believing they’re connecting to a genuine carrier tower.

FROM EARLIER: Sophisticated malware already spying on Hong Kong protesters’ iOS and Android phones

In the process, the tool will collect unique identifiers about those devices, in order to track certain suspects without requiring any help from carriers. In addition to personal data related to suspected individuals, the machines also collect data for thousands of innocent, unsuspecting citizens, but the data is apparently discarded afterwards.

The program is said to be “more sophisticated than anything previously understood about government use of such technology,” and it’s actively used in the U.S., but also in war zones to collect data and find individuals. In the U.S., the program is run by the U.S. Marshals Service, and has been used to apprehend certain unnamed drug lords and killers.

The planes can be used to determine a suspect’s location to within 10 feet, and pinpoint his whereabouts to a specific room in a building, but it can also be used to retrieve personal data such as photos and messages and jam signals, though it’s not clear if such advanced features have also been used in the U.S.

The special 2-feet box used in such operations can tell handsets that it offers the best possible signal, fooling them into connecting to them automatically — the connection is made automatically, because that’s how phones usually operate, regardless whether their owners are using them or whether they’re in standby mode.

“If a suspect is believed to have a cellphone from Verizon Communications Inc., for example, the device would emit a signal fooling Verizon phones and those roaming on Verizon’s network into thinking the plane is the nearest available Verizon cell tower,” the Journal wrote. “Phones that are turned on, even if not in use, would ‘ping’ the flying device and send their registration information. In a densely populated area, the dirtbox could pick up data of tens of thousands of cellphones.”

The service is akin to “man in the middle” attacks, “ in which a person’s electronic device is tricked into thinking it is relaying data to a legitimate or intended part of the communications system.”

Verizon has denied any involvement in such a program, while AT&T and Sprint have not commented on the matter. Boeing, which owns the company making the dirtboxes, has not commented on this spying tool either.

People familiar with the matter have said that all spying activities are done in accordance to U.S. laws, while a Justice Department official would neither confirm nor deny the existence of such planes.

More details about this advanced surveillance operation are available in the full WSJ story at the source link.


https://bgr.com/2014/11/14/dirtbox-spy-planes-in-u-s/

1 comment: