How are mobile phone users spied on in Birmingham? @OpenRightsBrum - - PowerPoint PPT Presentation

how are mobile phone users spied on in birmingham
SMART_READER_LITE
LIVE PREVIEW

How are mobile phone users spied on in Birmingham? @OpenRightsBrum - - PowerPoint PPT Presentation

Dec 15, 2023 11 likes •253 views

How are mobile phone users spied on in Birmingham? @OpenRightsBrum About About ORG ORG Bi Birmi rmingham ngham Local branch of the Open Rights Group (ORG) ORG is the UK's only digital campaigning organisation working to protect the

slide-1
SLIDE 1

How are mobile phone users spied on in Birmingham?

@OpenRightsBrum

slide-2
SLIDE 2

About About ORG ORG Bi Birmi rmingham ngham

@OpenRightsBrum

  • Local branch of the Open Rights Group (ORG)
  • ORG is the UK's only digital campaigning organisation

working to protect the rights to privacy and free speech online

slide-3
SLIDE 3

How

  • w are

are mobi mobile le phone phone users users in n Bi Birmi rmingham ngham spi spied ed on?

  • n?
  • Many ways to access mobile phone information
  • Impact of Investigatory Powers Act 2016 AKA

Snoopers’ Charter

  • Different types of surveillance:
  • Focusing today on direct surveillance via IMSI catchers
slide-4
SLIDE 4

What’s What’s an an IMSI IMSI catcher? catcher?

slide-5
SLIDE 5

How

  • w do

do IMSI IMSI catchers catchers work? work?

slide-6
SLIDE 6

What’s What’s the the legal legal basi basis for for usi using ng IMSI IMSI catchers? catchers?

  • Legality of IMSI catchers questionable
  • In 2015 Home Office cited:
  • Police Act 1997
  • Intelligence Services Act 1994
  • Regulation of Investigatory Powers Act 2000 (RIPA)
  • Confusion about status of IMSI catchers under

Investigatory Powers Act 2016

slide-7
SLIDE 7

Vi Vice ce News News documentary: documentary: Phone Phone Hackers ackers

slide-8
SLIDE 8

How

  • w are

are IMSI IMSI catchers catchers used used in Bi Birmi rmingham? ngham?

  • West Midlands Police will not confirm or deny the use
  • f the technology
  • West Midlands PCC: “we maintain close oversight of

this important area of work.”

  • Investigation by The Bristol Cable revealed more
  • No reliable figures on IMSI-catcher use
slide-9
SLIDE 9

What’s What’s the the bi big g deal deal about about IMSI IMSI catchers, catchers, anyway? anyway?

“It is inconceivable that using devices built to indiscriminately intercept and hack up to 500 phones every minute within an 8km radius can be lawful,” Silkie Carlo, a policy officer for human rights

  • rganisation Liberty
slide-10
SLIDE 10

What can we do to change how IMSI catchers are used by the police in Birmingham?

slide-11
SLIDE 11

How

  • w do

do we we know know WMP WMP have have them? them?

Source: Warwickshire Police AGG Minutes https://thebristolcable.org/wp-content/uploads/2016/10/09-imsi-4.pdf

slide-12
SLIDE 12

How

  • w do

do we we WMP WMP have have them? them?

Source: Warwickshir e Police AGG Minutes https://thebri stolcable.or g/wp- content/uplo ads/2016/10 /09-imsi- 4.pdf

slide-13
SLIDE 13

West West Mi Midlands dlands Poli Police ce

“The Technical Intelligence Development Unit (TIDU) is a small unit of

  • fficers that have technical expertise around telephony, computers

and Information Technology. They are able to obtain intelligence and evidence to support investigations and can paint a technological picture of a person‟s lifestyle and transactions. The team also operate on-line to obtain intelligence through the use

  • f social networking sites and other media that would be significantly

more expensive to obtain by other covert techniques.”

Source: Force Intelligence Update 2012 http://www.westmidlands- pcc.gov.uk/media/203470/10b_pservices_11oct2012_intelligence_update.pdf

slide-14
SLIDE 14

Source: https://assets.documentcloud.org/documents/3034490/Cellxion-Brochure-UGX-Series- 330.pdf

slide-15
SLIDE 15

Source: https://ass ets.docum entcloud.o rg/docume nts/30344 90/Cellxio n- Brochure- UGX- Series- 330.pdf

slide-16
SLIDE 16

What data can be captured?

  • IMSI, IMEI, TMSI… who you are
  • Location data via cell towers and GPS
  • Live interception of calls, SMS and internet data
  • Deliver malware via silent SMS, SS7 exploits, “man

in the middle” attacks

  • Denial of service
  • 1500 phones a minute!
slide-17
SLIDE 17

Detection

Source: 2015 Leipzig https://github.c

  • m/CellularPriv

acy/Android- IMSI-Catcher- Detector/wiki/U nmasked-Spies

slide-18
SLIDE 18

Detection

Source: 2015 Leipzig https://github. com/CellularP rivacy/Androi d-IMSI- Catcher- Detector/wiki/ Unmasked- Spies

slide-19
SLIDE 19

Detection

Source: Taksim Square in Instanbul https://github. com/CellularP rivacy/Androi d-IMSI- Catcher- Detector/wiki/ Unmasked- Spies

slide-20
SLIDE 20

AIMSICD

https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector

slide-21
SLIDE 21

SnoopSnitch

https://opensource.srlabs.de/projects/snoopsnitch

slide-22
SLIDE 22

Security Tips

  • Turn your phone off, remove SIM card, remove battery
  • Use a faraday bag/pouch
  • Use encrypted communications apps such as Signal,

VPN, Orbot

  • Learn more… media.ccc.de is a great resource

with many videos on this topic

slide-23
SLIDE 23

Long term goals

  • Convince mobile networks to improve their security
  • Change legislation to improve transparency and

accountability

  • Make a phone with open hardware and software
  • Reduce reliance on the phone network
slide-24
SLIDE 24

Useful Useful Resources Resources

  • https://www.openrightsgroup.org/
  • https://openrightsgroupbirmingham.wordpress.com/
  • https://thebristolcable.org/2016/10/imsi/
  • https://wiki.openrightsgroup.org/wiki/IMSI_Catcher#L

egal_basis

  • https://www.privacyinternational.org/node/454?q=nod

e/454

  • https://www.whatdotheyknow.com/user/mr_f_clarke
  • https://media.ccc.de/
  • https://ssd.eff.org/
  • https://whispersystems.org/