Recent searches
Search options
#imsi
Meet Rayhunter:
A New Open Source Tool from EFF to Detect Cellular Spying
At EFF we spend a lot of time thinking about Street Level Surveillance technologies
—the technologies used by police and other authorities to spy on you while you are going about your everyday life
—such as automated license plate readers,
facial recognition,
surveillance camera networks,
and cell-site simulators (. #CSS ).
Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone,
regardless of technical skill,
to help search out CSS around the world.
CSS
(also known as #Stingrays or #IMSI #catchers)
are devices that masquerade as legitimate cell-phone towers,
tricking phones within a certain radius into connecting to the device rather than a tower.
CSS operate by conducting a general search of all cell phones within the device’s radius.
Law enforcement use CSS to pinpoint the location of phones
often with greater accuracy than other techniques such as cell site location information (CSLI)
and without needing to involve the phone company at all.
CSS can also log International Mobile Subscriber Identifiers (IMSI numbers) unique to each SIM card,
or hardware serial numbers (IMEIs) of all of the mobile devices within a given area.
Some CSS may have advanced features allowing law enforcement to intercept communications in some circumstances.
What makes CSS especially interesting, as compared to other street level surveillance, is that
so little is known about how commercial CSS work.
We don’t fully know what capabilities they have
or what exploits in the phone network they take advantage of to ensnare and spy on our phones, though we have some ideas.
We also know very little about how cell-site simulators are deployed in the US and around the world.
There is no strong evidence either way about whether CSS are commonly being used in the US to spy on First Amendment protected activities
such as protests, communication between journalists and sources, or religious gatherings.
There is some evidence
—much of it circumstantial
—that CSS have been used in the US to spy on protests.
There is also evidence that CSS are used somewhat extensively by US law enforcement,
spyware operators, and scammers.
We know even less about how CSS are being used in other countries,
though it's a safe bet that in other countries CSS are also used by law enforcement.
Much of these gaps in our knowledge are due to a lack of solid, empirical evidence about the function and usage of these devices.
Police departments are resistant to releasing logs of their use,
even when they are kept.
The companies that manufacture CSS are unwilling to divulge details of how they work.
Until now, to detect the presence of CSS, researchers and users have had to either rely on Android apps on rooted phones,
or sophisticated and expensive software-defined radio rigs.
Previous solutions have also focused on attacks on the legacy 2G cellular network, which is almost entirely shut down in the U.S.
Seeking to learn from and improve on previous techniques for CSS detection we have developed a better, cheaper alternative that works natively on the modern 4G network.
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
#surveillance #IMSI #Cellphones
"CSS (also known as Stingrays or IMSI catchers) are devices that masquerade as legitimate cell-phone towers, tricking phones within a certain radius into connecting to the device rather than a tower.
"EFF's 'Rayhunter' works by intercepting, storing, and analyzing the control traffic (but not user traffic, such as web requests) between the mobile hotspot Rayhunter runs on and the cell tower to which it’s connected.
"Rayhunter works on a readily-available U$20 device.
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
Meet Rayhunter: A New Open Source Tool from @eff to Detect Cellular Spying
#Rayhunter works by intercepting, storing, and analyzing the control traffic (but not user traffic, such as web requests) between the mobile hotspot Rayhunter runs on and the cell tower to which it’s connected. Rayhunter analyzes the traffic in real-time and looks for suspicious events, which could include unusual requests like the base station (cell tower) trying to downgrade your connection to 2G which is vulnerable to further attacks, or the base station requesting your #IMSI under suspicious circumstances.
Rayhunter notifies the user when something suspicious happens and makes it easy to access those logs for further review, allowing users to take appropriate action to protect themselves, such as turning off their phone and advising other people in the area to do the same. The user can also download the logs (in PCAP format) to send to an expert for further review.
The default Rayhunter user interface is very simple: a green (or blue in colorblind mode) line at the top of the screen lets the user know that Rayhunter is running and nothing suspicious has occurred. If that line turns red, it means that Rayhunter has logged a suspicious event. When that happens the user can connect to the device's WiFi access point and check a web interface to find out more information or download the logs.
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
#Rayhunter works by intercepting, storing, and analyzing the control traffic between the mobile hotspot Rayhunter runs on and the cell tower to which it’s connected. Rayhunter analyzes the traffic in real-time and looks for suspicious events, which could include unusual requests like the base station (cell tower) trying to downgrade your connection to 2G which is vulnerable to further attacks, or the base station requesting your #IMSI under suspicious circumstances. #EFF
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
Meet #Rayhunter: A New #OpenSource Tool from @eff to Detect Cellular #Spying
#CSS (also known as #Stingrays or #IMSIcatchers) are devices that masquerade as legitimate cell-phone towers, tricking #phones within a certain radius into connecting to the device rather than a tower.
#privacy #security #surveillance #imsi #cellphones #celltower
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
Anyone know of similar projects that have not been abandoned?
https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector
IMSI & IMEI – was ist das? | Handydaten kurz erklärt | Tech-Wissen
https://video.medienzentrum-harburg.de/videos/watch/a3e29e06-68ad-4164-8ed0-d7529f46bf96
1) #CloudAct is just #CyberFacism, look it up!
https://en.wikipedia.org/wiki/CLOUD_Act
- And with #Trumpism ravaging the #USA must be considered as #hostile as #Russia and the "P.R." #China by anyone who takes #OpSec, #InfoSec & #ComSec seriously!
-
2) @signalapp 's #Server code is proprietary and since it's centralized we can't trust that the code they release is what's running on their backend!
- Plus their #App doesn't allow #ReproducibleBuilds (if Signal was #FLOSS it would be on @fdroidorg / #Fdroid) but alas it isn't!
-
3) #Signal still demands #PhoneNumbers which are #PII either by association (#Number => #ICCID = #SIM = #IMSI => #IMEI => Location Data as I explained beforetwice) or mandatory #KYC / #ID requirements (even on prepaid cards), which an increasing amount of juristictions do...
- They have no "#LegitimateInterest" demanding said #PersonallyIdentifyingInformation to begin with!
-
But don't take my word for it.
https://www.youtube.com/watch?v=tJoO2uWrX1M
- Ask yourself if you'd trust someone peddlibg #Shitcoin #Scams like #MobileCoin with your data!
Hier noch ein sehr sinnvoller Tipp: Es laufen gerade bei Demonstrationen sogenannte #IMSI-CATCHER → https://en.wikipedia.org/wiki/IMSI-catcher
Um wirkliche Sicherheit zu haben, sollte man das Gerät ausschalten und zusätzlich wie ein Butterbrot in Alufolie einpacken.
Danach hält das Ding auch wirklich den Mund, kann auch nicht mehr geortet werden ...
Besten Gruß
Starting all the way back on October 3rd, 2022, I used BloodFart@gmail.com as my log-in e-mail for free public WiFi access.
I don't insert a SIM card in my throw away phone & I connect to free WiFi for non-sensitive communications with a VPN. I understand that IMSI catchers exist too.
I chronicled this is previous (now deleted) posts. I've amalgamated all the times I've logged in in these posts, and some posts to follow.
Exhibit M, N, O, and P:
@halva @lynn @signalapp @deilann
The problem is one needs to literally acquire a phone number and have access to it, and the demand of a phone number itself is bad. This makes it unnecessarily complex and expensive compared to using @monocles / #monoclesChat.
(Cuz if I've to pay to communicate, I might just choose a provider that isn't a #VC #MoneyBurningParty but a long-term sustainable solution based off #OpenStandards!)
- I'm sorry for your location. My sincere condolences!
Still, #Signal doesn't allow #SelfCustody of all the keys & #SelfHosting, which makes it vulnerable as a #proprietary #centralized, #SingleVendor & #SingleProvider solution.
- Just because @Mer__edith isn't having #Roskonmadnozr pointing a gun at her head doesn't mean she'd risk jail for a user when push comes to shove.
And with #CloudAct on one hand and #Trump wanting to "Speedrun Hitler", I'd not rely on Signal.
- The "Metadata" #FUD is just a marketing bs because Signal will comply with warrants, whereas nothing prevents me from buying a Thin client, setting up an #OnionService to tunnel everything over @torproject / #Tor and rig it to disconnect power if tampered with or upon command.
I have setup comms for critical operations (incl. helping people flee Russia!) and I'd rather choose #OnionShare over #Signal if #Metadata is a real concern.
- Internet Access, even in "P.R." #China, is something feasible to workout given the massive prevalence of public #WiFi. Also it's easier to spoof/anonymize a MAC than an #IMEI or even #IMSI, so making one dependent on #PhoneNumbers to even sign up is inherently bad!
@se38 Ooompf.
Anfangen "etwas" zu tun
Funkdisziplin?
Mehr dazu bei https://netzpolitik.org/2024/digitale-selbstverteidigung-funkdisziplin-wahren/
a-fsa.de/d/3CF
Link zu dieser Seite: https://www.aktion-freiheitstattangst.org/de/articles/8898-20240909-anfangen-etwas-zu-tun.html
Link im Tor-Netzwerk: http://a6pdp5vmmw4zm5tifrc3qo2pyz7mvnk4zzimpesnckvzinubzmioddad.onion/de/articles/8898-20240909-anfangen-etwas-zu-tun.html
Tags: #Überwachung #Datenhandel #MAID #mobileadvertisingID #GAFAM #Google #Apple #Smartphone #Handy #IMSI-Catcher #VPN #TOR #Standortdaten #Verbraucherdatenschutz #Datenschutz #Datensicherheit #Datenskandale #Bewegungsprofile #Persönlichkeitsprofil #Werbeindustrie #intimeOrte
Backyard #Privacy in the Age of #Drones
In addition to high-resolution photographic and video cameras, police drones may be equipped with myriad #spying payloads, such as live-video transmitters, thermal imaging, heat sensors, mapping technology, automated license plate readers, cell site simulators, cell phone signal interceptors and other technologies.
#alpr #imsi #stingray
https://www.eff.org/deeplinks/2024/08/backyard-privacy-age-drones
UN-Cybercrime-Konvention noch mangelhaft
Offener Brief an die UNO
Mehr https://netzpolitik.org/2024/un-cybercrime-konvention-mangelhaft-und-gefaehrlich/
a-fsa.de/d/3BR
Link zu dieser Seite: https://www.aktion-freiheitstattangst.org/de/articles/8850-20240725-un-cybercrime-konvention-noch-mangelhaft.html
Link im Tor-Netzwerk: http://a6pdp5vmmw4zm5tifrc3qo2pyz7mvnk4zzimpesnckvzinubzmioddad.onion/de/articles/8850-20240725-un-cybercrime-konvention-noch-mangelhaft.html
Tags: #UNO #CybercrimeKonvention #Smartphone #Handy #IMSI-Catcher #Überwachung #Verbraucherdatenschutz #Datenschutz #Datensicherheit #Datenskandale #Bewegungsprofile #Lauschangriff #Überwachung #Vorratsdatenspeicherung #Rasterfahndung #Anonymisierung #Verschlüsselung #Grundrechte #Menschenrechte
Niemand bleibt mit Handy unbeobachtet
"Deine MAID reicht uns völlig"
Mehr dazu bei https://netzpolitik.org/2024/databroker-files-firma-verschleudert-36-milliarden-standorte-von-menschen-in-deutschland/
a-fsa.de/d/3BQ
Link zu dieser Seite: https://www.aktion-freiheitstattangst.org/de/articles/8849-20240724-niemand-bleibt-mit-handy-unbeobachtet.html
Link im Tor-Netzwerk: http://a6pdp5vmmw4zm5tifrc3qo2pyz7mvnk4zzimpesnckvzinubzmioddad.onion/de/articles/8849-20240724-niemand-bleibt-mit-handy-unbeobachtet.html
Tags: #Datenhandel #MAID #mobileadvertisingID #GAFAM #Google #Apple #Smartphone #Handy #IMSI-Catcher #Standortdaten #Verbraucherdatenschutz #Datenschutz #Datensicherheit #Datenskandale #Bewegungsprofile #Persönlichkeitsprofil #Werbeindustrie #intimeOrte
#eBay Removes Listing for #StingRay #Cellphone #Spying Tech
StingRay listed at $100,000 before being removed for violating the platform’s policy on not #surveillance equipment. Listed as “Harris Stingray Cellular Phone Surveillance w/ Power Cord & Rolling Case - USED.
This StingRay may not be able to spy on modern phones. StingRays, and more broadly #IMSI-catchers, of which StingRay is a specific model, have been used by #lawenforcement in #US to track cell phones.
https://www.404media.co/ebay-removes-listing-for-stingray-cellphone-spying-tech/
The Next Generation of #Cell-Site Simulators (CSS) is Here. Here’s What We Know.
CSS, also known as #IMSI catchers, are among #lawenforcement’s most closely-guarded secret #surveillance tools. They act like real #cellphone towers, “tricking” mobile devices into connecting to them, designed to intercept the information that #phones send and receive, like the location of the user and metadata for #phone calls, text messages, and other app traffic.
https://www.eff.org/deeplinks/2024/06/next-generation-cell-site-simulators-here-heres-what-we-know #privacy #EFF
