Rayhunter is a program that runs on a variety of mobile hotspots and watches for cell-site simulators—a tool police use to locate or identify people's cell phones, also known as IMSI catchers or Stingrays. This project is a testament to the power and impact of open source and community driven counter-surveillance.
  • 𝕸𝖔𝖘𝖘@infosec.pub
    1·
    5 days ago

    Understanding if CSS are being used to spy on protests is one of the main goals of the Rayhunter project. Thanks to members of our community bringing Rayhunter to dozens of protests, we are starting to get a picture of how CSS are currently being used in the US. So far Rayhunter has not turned up any evidence of cell-site simulators being used to spy on protests in the US — though we have found them in use elsewhere.

    That’s good to know. But where is the “elsewhere”?

    • lad@programming.devEnglish
      1·
      4 days ago

      They answer it in the section ‘Where Rayhunter Has Detected Likely Surveillance’, at least partially:

      One of the most interesting examples that triggered multiple detections and even inspired us to write some new detection rules was at a cruise port in the Turks and Caicos Islands. […]

      Rayhunter users have detected likely CSS use in the US as well. We have received reports from Chicago and New York where our “IMSI Sent without authentication” signature was triggered multiple times over the course of a couple hours and then stopped. Neither report was in the vicinity of a protest. We feel fairly confident that these reports are indicative of a CSS being present, though we don’t have any secondary evidence to back them up.

      We have received other reports that have triggered our CSS detection signatures, but the above examples are the ones we feel most confident about.