B3RN3D

Let your plans be dark and impenetrable as night, and when you move, fall like a thunderbolt.

OPSEC for New Police Tools

There’s a news report recently about how a company named ComSonics plans to release a tool called Sniffer Sleuth that will be able to detect when a driver is sending a text message by sniffing the RF of the cell phone. The secondary use of this type of technology could completely irradicate the use of burner phones.

First of all, let me begin by saying this is all vaporware. This doesn’t exist and what they’re calling “Sniffer Sleuth II” is just a way for cable TV providers to detect leakage. If I had to guess, I would say that ComSonics truly is working on such a solution, but they need government funding which is why they did a press release.

Lets look ahead at this stupid device and the implications.

The Advertised Purpose

What such a device is advertised to do, is say that police can point a device at a car and determine whether or not the RF usage it collects is related to texting. This would correlate to whether the driver is texting while driving. It is possible to determine if data is being sent or received by sniffing various radio bands. It is questionably possible to determine if someone is sending a text message let alone that it originated from the driver, or a passenger, or a car next to that person. In practice, such a technology could not be easily used to definitively determine if someone was texting while driving, but it would make it reasonable enough to issue a search warrant to access that phone.

If we take that for what it is, it’s very easy to protect ourselves. Don’t text and drive.

And if you’ve met Police officers, you may have met one that will slant the truth a bit in order to drive home a point. They may tell you blatant lies with altruistic intentions. This I believe is what this news article is. They’re planting FUD about Police capabilities to help stop people from texting while driving.

Let’s get on to the scary part.

The Real Purpose

Let’s say, for the sake of discussion, that this device does exist, or some attempt at it exists. We should not be overly concerned about Police somehow finding us texting and driving. What you should be concerned about is that this technology will be used just like the license plate scanners.

In the US, all police cars from the State Police down to the local Sheriffs are outfitted with a license plate scanner. These scanners are never turned off and will constantly be on the hunt for license plates.

The worse part is that these scanners are hooked into the federal network of scanners so the FBI at any given point in time, purportedly can do a search for various license plates across the whole country.

Now imagine taking a license plate scanner and attaching it to a device that can determine the phone number (or IMEI/IMSI) of the device. This would effectively kill the idea of burner phones. Police would be able to correlate a mobile device, to a car and because cars are much more difficult/expensive to hide your personal information from it would mean that a burner phone, no matter how often you switch them, would be easily attributed to a name and an address.

Notice that these capabilities theoretically exist and things like Sting Rays are already designed to capture and track cell phone data. The system that I’m talking about would correlate the two data points which AFAIK does not exist at the local level.

OPSEC

So how would one defend against this? And this is the reason for this post: There isn’t much you can do.

  • Ditch the phone: You of course could not use a phone completely and we know there are already existing attacks on the baseband that might suggest this s the best move.
  • Faraday Cage: You could start thinking about how to hide the RF that is leaking from your phone by putting it in a Faraday cage.
  • License Plate Obfuscation: You can take your burner phone, and try to turn your automobile into a burner car by hiding your license plate or changing the number. This is a whole separate subject but if effective, would mean that LEO’s would not be able to correlate your car to your phone.

I’ll keep watching this company but like I said this is all just in discussion. You can see how little details exist if you do a news search for “Sniffer Sleuth.” Not only will you find similar articles, you’ll find articles with the exact same text copied and pasted out of the original news feed.