Federal agents from the Department of Homeland Security and the Justice Department used a sophisticated cell phone cloning attackthe details of which remain classifiedto intercept protesters phone communications in Portland this summer, Ken Klippenstein reported this week in The Nation. Put aside for the moment that, if the report is true, federal agents conducted sophisticated electronic surveillance against American protesters, an alarming breach of constitutional rights. Do ordinary people have any hope of defending their privacy and freedom of assembly against threats like this?
Yes, they do. Here are two simple things you can do to help mitigate this type of threat:
Without more details, its hard to be entirely sure what type of surveillance was used, but The Nations mention of cell phone cloning makes me think it was a SIM cloning attack. This involves duplicating a small chip used by virtually every cellphone to link itself to its owners phone number and account; this small chip is the subscriber identity module, more commonly known as SIM.
Heres how SIM cloning would work:
SIM cards contain a secret encryption key that is used to encrypt data between the phone and cellphone towers. Theyre designed so that this key can be used (like when you receive a text or call someone) but so the key itself cant be extracted.
But its still possible to extract the key from the SIM card, by cracking it. OlderSIM cards used a weaker encryption algorithm and could be cracked quickly and easily, but newer SIM cards use stronger encryption and might take days or significantly longer to crack. Its possible that this is why the details of the type of surveillance used in Portland remain classified. Dofederal agencies knowof away to quickly extract encryption keys from SIM cards? (On the other hand, its also possible that cell phone cloning doesnt describe SIM cloning at all but something else instead, likeextractingfiles fromthe phone itself instead of data from the SIM card.)
Assuming the feds were able to extractthe encryption key fromtheir targets SIM card, they could give the phone back to their target and then spy on all their targets SMS text messages and voice calls going forward.To do this, they would have to be physically close to their target, monitoring theradio waves for traffic between their targets phone and a cell tower. When they see it, they can decrypt this traffic using the key they stole from the SIM card. This wouldalso fit with what the anonymous former intelligence officialstold The Nation; they said the surveillance waspart of a Low Level Voice Intercept operation, a military term describing audio surveillanceby monitoringradio waves.
If you were arrested in Portland and youre worried that federal agents may have cloned your SIM card while you were in custody, it would be prudent to get a new SIM card.
Evenif law enforcement agencies dont clone a targets SIM card, they could gather quite a bit of information aftertemporarily confiscating the targets phone.
They could power off the phone, pop out the SIM card, put it in a separate phone, and then power that phone on.If someone sends the target an SMS message (or texts a group that the target is in), the feds phone would receive that message instead of the targets phone. And if someone called the targets phone number, the feds phone would ring instead. They could also hack their targets online accounts, so long as those accounts support resetting the password using a phone number.
But, in order to remain stealthy, they would need to power off their phone,put the SIM card back in their targets phone, and power that phone on again before before returning it, which would restore the original phones access to the targets phone number, and the feds would lose access.
The simplest and best way to protect against SIM cloning attacks, as well as eavesdropping by stingrays, controversial phone surveillance devices that law enforcement has a history of using against protesters, is to stop using SMS and normal phone calls as much as possible. These are not and have never been secure.
Instead, you can avoid most communication surveillance by using an end-to-end encrypted messaging app. The Signal app is a great choice. Its easy to use and designed to hold as little information about its users as possible. It also lets Android users securely talk with their iPhone compatriots. You can use it for secure text messages, texting groups, and voice and video calls. Heres a detailed guide to securing Signal.
Signal requires sharing your phone number with others to use it. If youd rather use usernames instead of phone numbers, Wire and Keybase are both good options.
If you use an iPhone and want to securely talk to other iPhone users, the built-in Messages and FaceTime apps are also encrypted. WhatsApp texts and calls are encrypted too. Though keep in mind that if you use Messages or WhatsApp, your phone may be configured to save unencrypted backups of your text messages to the cloud where law enforcement could access them.
You cant use an encrypted messaging app all by yourself, so its important to get all of your friends and fellow activists to use the same app. The more people you can get to use an encrypted messaging app instead of insecure SMS and voice calls, the better privacy everyone has. (For example, I use Signal to text with my parents, and you should too.)
None of these encrypted messaging apps send data over insecure SMS messages or voice calls, so SIM cloning and stingrays cant spy on them. Instead they send end-to-end encrypted data over the internet. This also means that the companies that run these services cant hand over your message history to the cops even if they want to; police would instead need to extract those messages directly from a phone that sent or received them.
Another important consideration is preventing cops from copying messages directly off your phone. To prevent this, make sure your phone is locked with a strong passcode and avoid biometrics (unlocking your phone with your face or fingerprint) or at least disable biometrics on your phone before you go to a protest. You also might consider bringing a cheap burner phone to a protest and leaving your main phone at home.
Another way to protect against certain forms of mobile phone spying is to lock your SIM card by setting a four- to eight-digit passcode known as a SIM PIN. Each time your phone reboots, youll need to enter this PIN if you want SMS, voice calls, and mobile data to work.
An iPhones SIM unlocking screen
Photo: Micah Lee
If you type the wrong PIN three times, your SIM card will get blocked, and youll need to call your phone carrier to receive a Personal Unblocking Key (PUK) to unblock it. If you enter the wrong PUK eight times, the SIM card will permanently disable itself.
With a locked SIM, youll still be able to use apps and Wi-Fi but not mobile data or cellphone service. So make sure that you securely record your SIM PIN somewhere safe, such as a password manager like Bitwarden, 1Password, or LastPass, and never try to guess it if you cant remember it. (You can always click Cancel to get into your phone without unlocking your SIM card. From there, open a password manager app to look up your PIN, and then reboot your phone again to enter it correctly. Ive done this numerous times myself just to be sure.)
If you want to lock your SIM card, first youll need to know the default SIM PIN for your cellphone company. For AT&T, Verizon, and Google Fi, its 1111; for T-Mobile, Sprint, and Metro, its 1234. If you use a different phone carrier, you should be able to search the internet to find it. (I would avoid guessing if you type the wrong default PIN three times, your SIM card will get blocked.)
Once you know your default PIN, heres how to you set a new one:
Now if law enforcement gets physical access to your phone, they shouldnt be able touse your locked SIM card without your PIN. If they guess your PIN incorrectly three times, the SIM card will block itself, and theyd need to convince your cellphone company to hand over the PUK for your SIM card in order touse it. If they guess the wrong PUK too many times, the SIM will permanently disable itself.
Here is the original post:
One Way to Prevent Police From Surveilling Your Phone - The Intercept