Want To Know If Someone Is Spying On You? There’s An App For That. SnoopSnitch Uses Radio Signals To Find Nearby Tracking Devices
Sarah Griffiths, writing in the January 2, 2015 edition of TheDailyMailOnline, begins by noting that “security experts recently revealed a massive security flaw that could let hackers listen in on private calls — and, read text messages on mobile networks. One way in which such hackers — as well as some intelligence agencies — get access to such information is by using the International Mobile Subscriber Identity (IMSI), catchers or ‘stingrays,’ Ms. Griffiths writes. “These controversial tracking devices,” she argues, “trick mobiles [devices] into connecting with them; and now, developers have created an app that claims to detect such gadgets and warn users if their data is at risk.”
“IMSI catchers — eavesdropping devices used for intercepting mobile phone traffic, and tracking the movement of smartphone users — are controversial because they act like ‘fake’ mobile towers. They sit between a real phone and telecom tower to launch a man-in-the-middle attack and intercept data.” Ms. Griffiths writes.
“Once a phone [mobile device] has connected to a stingray, it makes it easy for a hacker to intercept and convert data to audio, enabling experts to listen to people’s phone calls. While experts may be using the technology to target specific handsets of suspected criminals; it is almost impossible to avoid capturing data from other ‘innocent’ smartphones in the process,” The Daily Mail Online noted. “As a result, the use of stingrays has been banned in certain countries; and Florida in the United States.”
“Reacting to public privacy concerns, security researchers, Alex Seiner, Karsten Nohl, and Tobias Engle from SRILabs in Berlin created the SnoopSnitch Android app. The researchers presented their findings at the Chaos Computer Congress’ annual meeting in Hamburg,” Ms. Griffiths wrote.
“The free Android app’s Google Play listing reads: ‘SnoopSnitch collects and analyzes mobile radio to make you aware of your mobile network security; and to warn you about threats like fake base stations (IMSI) catchers) using tracking, and SS7 attacks.” Mr. Nohl told Motherboard that the app gathers information from the stingray — which is used to analyze if the person being surveiled is in close proximity. The phone receives information that’s useful for the attacker; but, it’s also useful for the defender. There’s no one set of information, taken by itself, that allows you to detect an IMSI catcher, but we do stream analysis of everything that happens on your phone; and, can come out with a warning if it crosses a certain threshold,” Mr. Nohl said.
“Crucially, the app can’t prevent a smartphone from connecting to stingrays; but, [does] let a user know there is surveillance in a certain area. The app currently works with rooted Android handsets that have Qualcomm chips inside — such as Sony, and Galaxy models. Rooted smartphones are ones where the owner can access system files; and, change features that usually can only read. But, the app creators are working out how to extract information needed by the app to detect stingrays,” Mr. Nohl writes.
There are other options available than just the SnoopSnitch app described here. For example, Secrypt is a downloadable app that encrypts your cell phone — making very, very difficult for prying ‘eyes’ to spy on your cell phone/mobile devices and whereabouts. But, as with everything else, there are always tradeoffs. Secrypt encryption would also prevent first responders from being able to find you via your cell phone if you were in an accident and/or otherwise stranded somewhere and needed assistance. This app would have to be disabled; and, you may not necessarily be in a position to physically perform that function. Alas, there are no silver bullets; and, the surveillance society that George Orwell warned of — is upon us — unless of course you are totally off the grid — which also has its drawbacks. V/R, RCP