Comment by nubinetwork
15 hours ago
This was hugely overblown in the media... While the device operates like a stingray, they were using it to spam and phish. The whole claim of "we've never seen this type of device before in Canada" is a lie, because the government and law enforcement both use them. I guess it's okay if they do it, but nobody else can...
> hugely overblown
Did they graciously forward emergency calls and text messages to the real phone network?
The fact that they didn't get busted in no time at all seems to point strongly in that direction. With the amount invested in this operation that would just be common sense.
Might as well start a telco at that point.
“Please enter your 16 digit payment card number to be connected to an emergency operator”…
Hopefully nobody in the area was an oncall surgeon, engineer, etc.
Yes I think they mean they hadn’t seen it used before outside of sanctioned organizations. Though one could argue some bad actors inside the org likely used it outside of official capacity though not likely with knowledge or approval by superiors.
Wouldn't it be great if public officials would say what they in fact mean the first time?
Torontonians are hardwired to be incapable of speaking like this.
4 replies →
An sms blaster was never used in fraud like this in Canada. Does that really make that big of a difference to you?
I don't buy it. To me, it'd be like hearing them say "we've never seen spam/scam phone call campaigns before!"
This loses all believability, given the fact that i can reliably go out of town to a different area code and immediately start getting phishing/scam/robo calls/texts from numbers of said area code. Granted, i am U.S.'ian.
To add, ISED literally goes around in cars to scan for non registered BTS (or even non conforming ones) and report them, sometimes (or a lot of times) they catch false positives when the interference happens to be a strong LED lol. The gov uses the tech to ID individuals however, especially in group gatherings or around certain locations, always look around for big vans with no windows :), I either don’t take my phone or it’s always on airplane mode until I want to disable it briefly before activating it again.
prosecutors have never seen them because the DA has never brought a case against the agencies that use them
so it’s an accurate statement
the government isn’t one thing, it’s people that don’t work for all agencies
The claim was that this was the first time that a device like this has been used in fraud but go ahead, misread things and become outraged. I’m sure that in this case the fraudsters properly forwarded all 911 calls so no harm, no foul hey?
A government backdoor was found and abused by criminals? No one could have predicted this! :)
Isn’t it less of a government backdoor and more of a result of generally old and insecure protocols still being in use for telecom?
Like, the phones happily connect to these fake towers because the signal is strongest from that one and there is no authentication to verify who the tower belongs to, nor encryption of SMSes?
Well said but by the time mobile phone towers were built we had been tapping phone lines for a long time. Hard to not think that to an extent default insecurity for telecoms was a choice.
1 reply →
Do you honestly believe that teleco companies wouldn't receive government backlash about 'the children' if they were to implement an actually secure standard?
It’s not exactly a back door. It’s a fake radio cell, mimicking your network provider and acting like a man in the middle. In that sense, it’s like a stingray. The differences are
1. The Stingray eavesdrops, but avoids interfering with user traffic
2. The stingray is operated by law enforcement, not by fraudsters looking to steal your money
In mamy parts of the US, the cops are the fraudsters looking to steal your money. So it isn't that much of a difference.
1 reply →