![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneThe Electronic Frontier Foundation has developed an open-source toolkit that, when installed in a very inexpensive portable hot spot, the device will report whether it sees any cell-site simulators (CSS) in your area.
CSS devices, also known as Stingrays, allow law enforcement to capture all identifying information in an area with great precision. It is blanket surveillance. The problem is that while they may have a warrant to surveil Suspect X, they don't have warrants to surveil and capture information on me, you, and everyone around us. Stingrays capture everyone's location information in their effective operating range and logs it. Also, we know very little about how these devices operate: this info is kept under very tight lockdown by the manufacturers and by the law enforcement agencies. There has been very little success in law suits filed to pry this information into direct sunlight.
Some CSS units can go beyond locating the suspect's phones and actually intercept communications. Whether they can intercept everyone's comms who it has sucked into connecting to it isn't known.
The concern is whether CSS is being used to surveil protests and religious gatherings, things that are protected by the First Amendment. There is some evidence that points to this, it is not known how widespread such surveillance may be.
This new toolkit by the EFF is called Rayhunter, i.e. hunting for stingrays. It requires the purchase of an Orbic WiFi hotspot, links in the article to Amazon and eBay show them available for $10-20. The software to turn the Orbic into a Rayhunter is available on the EFF site, but you must be running Linux or Mac OS to install it - no package for Windows at this time. I suppose you could probably run a Linux VM on Windows to install it that way. Once installed and running, in the presence of CSS a red line will appear on the top of the display and the event will be logged, otherwise a green line will show. Connecting to the device's browser will let you review the log file.
The device is not a counter-surveillance tool, it does nothing to interfere with CSS which would be against many FCC rules and probably against local and Federal law. The EFF believes that the Rayhunter is legal under U.S. law, but if you're not in the USA then you should talk to an attorney in your area to see what kind of risk that you might be taking.
Myself, I'd look into rehousing it into something else, like, say, a Gameboy box that also works as a Gameboy, as eventually The Powers That Be will be looking for people carrying this particular model of Orbic devices and plausible deniability might begin running thin. For the paranoids amongst us, perhaps having a tamper switch on the Gameboy that would fry the memory if it's opened incorrectly.
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
CSS devices, also known as Stingrays, allow law enforcement to capture all identifying information in an area with great precision. It is blanket surveillance. The problem is that while they may have a warrant to surveil Suspect X, they don't have warrants to surveil and capture information on me, you, and everyone around us. Stingrays capture everyone's location information in their effective operating range and logs it. Also, we know very little about how these devices operate: this info is kept under very tight lockdown by the manufacturers and by the law enforcement agencies. There has been very little success in law suits filed to pry this information into direct sunlight.
Some CSS units can go beyond locating the suspect's phones and actually intercept communications. Whether they can intercept everyone's comms who it has sucked into connecting to it isn't known.
The concern is whether CSS is being used to surveil protests and religious gatherings, things that are protected by the First Amendment. There is some evidence that points to this, it is not known how widespread such surveillance may be.
This new toolkit by the EFF is called Rayhunter, i.e. hunting for stingrays. It requires the purchase of an Orbic WiFi hotspot, links in the article to Amazon and eBay show them available for $10-20. The software to turn the Orbic into a Rayhunter is available on the EFF site, but you must be running Linux or Mac OS to install it - no package for Windows at this time. I suppose you could probably run a Linux VM on Windows to install it that way. Once installed and running, in the presence of CSS a red line will appear on the top of the display and the event will be logged, otherwise a green line will show. Connecting to the device's browser will let you review the log file.
The device is not a counter-surveillance tool, it does nothing to interfere with CSS which would be against many FCC rules and probably against local and Federal law. The EFF believes that the Rayhunter is legal under U.S. law, but if you're not in the USA then you should talk to an attorney in your area to see what kind of risk that you might be taking.
Myself, I'd look into rehousing it into something else, like, say, a Gameboy box that also works as a Gameboy, as eventually The Powers That Be will be looking for people carrying this particular model of Orbic devices and plausible deniability might begin running thin. For the paranoids amongst us, perhaps having a tamper switch on the Gameboy that would fry the memory if it's opened incorrectly.
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
no subject
Date: 2025-04-27 12:41 pm (UTC)And I say, To Bad to the Powers That Be. :p
Hugs, Jon
no subject
Date: 2025-04-29 04:23 pm (UTC)And since it's developed for a hotspot, I would like to see it developed for other things, or integrated in such a way that any hotspot (or a non-rooted phone) can still function perfectly properly and also provide Rayhunter alerts to the person running it on their phone.
no subject
Date: 2025-04-29 06:01 pm (UTC)Nothing will stop LEO from using Stingrays: they're too convenient and completely clouded in secrecy. The nice thing about the Rayhunters is their price, hard to beat $20 and a bit of work on your part. I just read an article about them on The Verge, apparently configuring them via Windows is viable, just a bit more work.
no subject
Date: 2025-04-29 09:06 pm (UTC)no subject
Date: 2025-04-29 09:31 pm (UTC)The thing to do with protests is to wear a mask that comes up to the bridge of your nose and sunglasses that cover the top of the mask, and to turn off your phone while parking well away. But we have so many cameras now that it's silly. You almost need to wear dazzle makeup and clothing if you live in a highly surveilled area and not carry a phone or keep it turned off except when making calls.
no subject
Date: 2025-04-30 05:00 pm (UTC)no subject
Date: 2025-04-30 05:40 pm (UTC)There's a band in the UK that set up and performed in front of surveillance cameras all over the place, then made FOIA (equivalent) requests for the footage, and cut together their own music video for zero production costs, just their editing time. It was pretty cool. I think it was Dead Man Falls, can't remember the song. Pretty good music, IMO.