top | item 45185289

(no title)

aduffy | 5 months ago

Just wanted to advertise that the EFF recently released an open source tool for detecting cell-site simulators. The hardware is like $20 and it's pretty easy to setup yourself. Worth having around to stay aware of what's out there, especially if you live in one of the places recently targeted by the administration.

https://github.com/EFForg/rayhunter/

discuss

perihelions|5 months ago

I wouldn't put it past the US to coerce Microsoft into injecting malicious payloads into these types of projects. EFF is putting complete trust in Microsoft's infrastructure: there's no out-of-band verification not served up by Microsoft itself (is there? It's just GitHub.com's TLS, and in-band SHA-1 hashes stored in the repo itself, which Microsoft controls; it can serve whatever bytes it wants, or different bytes on different requests...)

Microsoft has billions of dollars in US intelligence-cloud contracts and should leap at a chance to get an edge in on those. They've done things like this before; they provided incredible (and illegal!) cooperation with the NSA back at the time of the Snowden Leaks[0].

[0] https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-... ("Microsoft handed the NSA access to encrypted messages" (2013))

throw0101d|5 months ago

> I wouldn't put it past the US to coerce Microsoft into injecting malicious payloads into these types of projects. EFF is putting complete trust in Microsoft's infrastructure: there's no out-of-band verification not served up by Microsoft itself

Isn't a git commit trail basically a Merkle tree of checksums? If any developer tried to do a pull or fetch they'd suddenly get a bunch of strange commit messages, wouldn't they?

Also: code signing is / can become a thing.

aduffy|5 months ago

You’re welcome to read the code yourself once you check it out, it’s not very big. Supply chain attacks are a thing but I don’t think this is one.

untitaker_|5 months ago

I don't think there are many options to host sourcecode and binaries in a way that is safe against an adversary like the US, and especially in such a way that technically illiterate users are protected. Because you'd have to assume that CAs are not off-limits either then.

unknown|5 months ago

[deleted]

EvanAnderson|5 months ago

Discussion about Rayhunter from 6 mos. ago: https://news.ycombinator.com/item?id=43283917

HumblyTossed|5 months ago

I don’t know why your cellphone can’t do this. For example, It “knows” which towers are around your home. If all the sudden there’s a new one, pop up an alert.

nobody9999|5 months ago

I use Network Cell Info Lite[0] for this purpose.

Sadly, it's only available in the Google/Apple stores (if anyone knows of a similar tool that's available elsewhere, I'd love to hear about it!)

It allows me to locate the "cell towers" I'm connecting to and that are nearby, as well as the devices around me, and will map them for me.

In fact, several years ago, I noted a brand spanking new "cell tower a block or so away (this is in NYC) that appeared to be in the street(!). It stayed there for a couple weeks and then was gone. It sure seemed like it was an IMSI catcher[1].

It's not directly the feature set you suggest, but can certainly be used to identify the towers near you -- and any new ones that might "pop up."

[0] https://play.google.com/store/apps/details?id=com.wilysis.ce...

[1] https://en.wikipedia.org/wiki/IMSI-catcher

Edit: Another comment (https://news.ycombinator.com/item?id=45189302 ) mentioned snoopsnitch (https://github.com/srlabs/snoopsnitch ) and other tools which, apparently can do similar (and more apropos to the topic at hand) things as Network Cell Info Lite.

riedel|5 months ago

IMSI catchers have been popular by police all over the world. Here are some other tools [0] [1].

Edit: Interesting also the collection of network security via gsmmap [2]

[0] https://gitweb.stoutner.com/?p=PrivacyCell.git;a=summary

[1] https://github.com/srlabs/snoopsnitch [2] https://gsmmap.org/

junebash|5 months ago

Would be a shame if someone used this to track down the ICE towers and vandalize them.

neilv|5 months ago

Maybe best not to joke about that.

An enthusiastic and muddle-headed person might get inspired by disposable Internet chatter, and then go and get themselves sent to federal prison (or worse).

Also, I suspect that an attack like that would only justify (or be used as a pretext for) additional actions that are undesirable to the perpetrator.

bigfatkitten|5 months ago

You won't find a "tower", you'll find an SUV or a hotel room with Pelican cases and armed officers inside.

dylan604|5 months ago

For $20, it's cheap enough to add to a drone for a targeting purpose

Imustaskforhelp|5 months ago

This "shame" is/would be a badge of honor, my friend.

elihu|5 months ago

Is running a fake cell tower technically against FCC regulations? Any possibility of just reporting them to the FCC and causing them to incur fines or take them down?

anonymousiam|5 months ago

So does the EFF detector discriminate between Stingrays that are operating legally and those that are operating illegally?

I wonder what their lawyers think of this.

https://bja.ojp.gov/program/it/privacy-civil-liberties/autho...

like_any_other|5 months ago

If you have any precedent or ruling indicating that it is illegal for Americans to check for the presence of surveillance, please present it. Otherwise, I'm not aware of any duty of private citizens to remain willfully blind to their government's actions.

aduffy|5 months ago

There is nothing wrong with running a receive-only hotspot. Not sure what you’re implying here.

nxobject|5 months ago

Should it?

trympet|5 months ago

lol spot the fed

dang|5 months ago

Rayhunter – Rust tool to detect cell site simulators on an orbic mobile hotspot - https://news.ycombinator.com/item?id=43283917 - March 2025 (23 comments)

jimt1234|5 months ago

I watched the presentation on Rayhunter at Defcon. Amazing stuff. Major kudos to the team.

boston_clone|5 months ago

exactly what I'm looking for - much appreciated!!!