Hacker News Comments on
Black Hat USA 2013 - OPSEC failures of spies
Black Hat
·
Youtube
·
6
HN points
·
5
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.It also seems like phones have their own tracking ids that they report, it's not just the sim card.There was a great talk about some of this from black hat; how the CIA renditioned Abu Omar out of Italy and how they were found out: https://youtu.be/BwGsr3SzCZc
⬐ alias_neoAll GSM phones have at least one of these (multi-SIM devices have multiple), they uniquely identify devices with SIMs and are held in databases shared intentionally amongst many nations for blacklisting and such.If a phone is reported stolen in the UK and reported, it's IMEI can be added to this list and the device becomes useless in participating countries, say for example, Spain, or Germany or the US.
My point is, it's a globally unique identifier; tempering with, modifying or cloning them is illegal in some countries.
The SIM itself is almost irrelevant, but, with the information mobile providers hold, it's trivial to link a SIM account, a device identifier and a person (particular given some countries require ID by law to obtain a SIM).
⬐ mindslight⬐ tinus_hnFurthermore, being criminalized in some countries has caused discussion of how to change IMEIs to be censored in technical forums everywhere. The obvious draw is stolen phones, so nobody wants to touch the topic with a ten foot pole, despite its straightforward relevance to privacy.⬐ gruez>censored in technical forums everywhereeverywhere? I found this in 1 minute.
https://forum.xda-developers.com/android/general/how-to-rest...
⬐ aSplash0fDerpMTK has similar steps, but I don't think we see many mediatek chips in the states.https://forum.xda-developers.com/lenovo-vibe-p1m/how-to/writ...
⬐ mindslightAnd yet there is also this: https://forum.xda-developers.com/showthread.php?t=2652022That attitude reflects the dead ends I've experienced when looking around for how to change IMEIs for various phone models I was interested in. Also note all the disclaimers in the thread you linked.
Maybe recent phones are still so straightforward with QPST that any time the question is actually asked it's bound to get flooded with crap? It certainly doesn't feel that way. Eventually I'll get around to setting up another Windows VM and seeing what modern QPST can actually do.
These ‘trackingids’ are called the IMEI, the International Mobile Equipment Identifier.⬐ zahllosThere are two numbers on the cellular network that matter: international mobile equipment identifier (IMEI). This identifies the cellular radio in question, usually the phone but a dual SIM phone will have one for each slot.The second is the international mobile subscriber identifier, IMSI. This is the identifier the SIM sends to ask the network for functionality.
Even without a sim installed, the phone may transmit and will transmit its IMEI when doing so. This is so that cell towers can talk back to the device (a bit like ssids in WiFi networks). As mentioned in other replies to you you can often dial emergency numbers and your calls are routed. To do that you need to know which device is calling.
So yes you can track individual phones. You can also tell when a phone has changed SIM or a SIM has changed phone and so on. No idea if networks do this, but the data is there.
Going to be hard and would be ineffective. For one, America still has several military bases in Germany alone e.g. Ramstein, which was used by the CIA in the Milan kidnapping [0][1].[0] https://en.wikipedia.org/wiki/Abu_Omar_case
[1] Black Hat talk: https://www.youtube.com/watch?v=BwGsr3SzCZc
⬐ tuco86If it was easy and effective, I would not really want that either. Just some counter pressure against these practices.I just feel that there should be mutual respect of our countries citizens. We don't stop Americans from visiting our country or our neighbors countries. We don't ask for their passwords on entry either.
I'd like the same rights to visit your country as you have visiting mine.
⬐ masonicYou're sure of this? Have you actually checked?We don't stop Americans from visiting our country
Heck, for one example, the UK has banned an American radio talkhosr just for his commentary, with no criminal charges on either side of the pond. A nation is entitled to choose its guests (aside from diplomats).
⬐ jai_⬐ rosegeAre you talking about Alex Jones?He doesn't seem to be on this list, but please add him if you can find a reliable source:
https://en.wikipedia.org/wiki/List_of_people_banned_from_ent...
⬐ dagwMichael Savage. While I agree he's said some pretty terrible things, I do find it kind of weird that he's on that list when so many other similar people aren't. They should really either remove his name or add like 50 other names.What you want is international reciprocity https://en.wikipedia.org/wiki/Reciprocity_(international_rel... Brazil is a big proponent of this. When the US brought in taking bio-metric data from travelers Brazil did it too - but only for US citizens.
Your phone's location can be silently triangulated based on what cellphone towers can see your phone and the strength of the signal to them. This is being done and you can buy the data from LocationSmart. This was discussed on HN a few weeks ago [0].This data was used in Italy to catch CIA agents after they extrajudicially extradited (so to speak) a terrorist[1] in 2003 https://youtu.be/BwGsr3SzCZc?t=7m2s. The whole talk is worth watching.
The cost of storing this forever is negligible and going down. The government would be foolish or (in my opinion irrationally) principled not to hold on to this for the next 1,000 years.
[0] https://news.ycombinator.com/item?id=17095667
[1] https://en.wikipedia.org/wiki/Hassan_Mustafa_Osama_Nasr#Conv...
Both the SIM and the phone's serial number are available to the network. An analyst looking to correlate your activities can do so trivially. In fact, this is how Italian investigators were able to prove the link between a CIA cell and the American embassy. No one used the same SIM to talk to both groups, but they did use the same phone.
⬐ derefrYes, sure, the IMEI is accessible; this is why I referred to it as a "side-piece phone" rather than a "burner phone." They're separate OPSEC profiles: evading a state attacker, vs. anonymizing some of your traffic from the view of a private individual attacker (e.g. your spouse.)⬐ None⬐ buildbuildbuildNone⬐ mseebachStep 0 is to correctly identify the threat model. If you're just hiding an affair from your spouse, any old smartphone on a prepaid contract will do.IMEI is unfortunately a mutable value on many devices.An extreme example which is used for SMS/Voice spam: https://www.aliexpress.com/store/product/GPRS-sms-64-sims-mu...
⬐ jonathanstrangeI might be wrong but I always thought this requires some pretty high level of operational discipline, because its detectable and highly suspicious when you switch the IMEI while the phone is switched on and the same card is in the phone. You have to turn off the phone, remove the sim, turn on the phone and switch the IMEI, turn it off again and put another SIM in, and then turn it on again. Otherwise the Telecom provider will register the anomaly and might even inform the authorities or kick off the phone from the network.Again, please correct me if I'm wrong.
⬐ TomMariusYou can configure (rooted) Android to not connect to mobile network until you tell it to do so⬐ CydeWeysA proper side phone could be programmed to handle this process correctly. In an option accessible from a menu it could drop the network, prompt to switch out a SIM (or use one in a different slot), wait a suitable amount of time, and then reconnect to the network.I see no reason to reboot the phone. SIMs can be hot-swapped.
Longer video (25 minutes) of a talk from BlackHat 2013, about how metadata was used to expose an illegal(?) 2003 CIA operation carried out in Italy. It's by a non-tech journalist, so it's also largely non-technical and provides a very interesting overview of what metadata can expose.