Posted by coloneltcb 3 days ago
https://www.cise.ufl.edu/~butler/pubs/ndss25-tucker-marlin.p...
Ideally, this is something I could hack together in the next few days since ICE is prepping to invade my city.
Not usually that I’m aware of as a single data point in any system but if there are other reasons to thing you’re trying to act surreptitiously you are going to be very close to the top of the list of people of interest.
There’s a lot to be said in 2025 for appearing uninteresting to anyone who might be watching.
Is this too extreme? How expansive are the queries theyre running on these identifiers? Are they running algos to detect burner phones based on the highly anomalous activity patterms described above?
It's becoming common practice for protesters to store their phones in faraday bags. I don't think "no phone" would stand out as much as you think it would.
Just turning the phone off and wrapping it tight in aluminum foil is almost certainly better.
They can and do have the ability to MITM traffic though. There is not anything to stop someone with the hardware from doing it and everyday that passes it seems the rules matter less and less.
Sounds like "no phone" is the winner
The entire modern game is very literally, don’t be interesting and don’t do weird shit that normal people wouldn’t do. It’s a needle in a haystack problem so don’t go and start creating a really weird signature of whatever it might be: behaviour, communication, RF emissions etc. The anomaly is the signature and has been for about 20 years now.
The fact that there are a lot of people there is actually the strength of it.
I’d probably think carefully about what you want to use it for and what I had on there though. I wouldn’t recommend bringing a device with a a bunch of incriminating evidence to an event like that.
I think a good threat model is just operate on the assumption that maybe someone stops you and asked to look at your phone. Go ahead and also assume that they will ask at the most inconvenient point in the day also. Act accordingly and I wouldn’t anticipate much in the way of trouble from having one.
Also, look at it through the eyes of the opposition, what are their goals here…
1. Fix the signal to noise ratio in a crowd
2. Identify people
3. Map out networks
And your goal is to not to be “invisible” (you can’t anyways) but to be uninteresting. They aren’t the same thing and the difference is important.
For the overwhelming majority of people I don’t think there is much yet to worry about in simply attending a protest (Assuming you’re a citizen and you act sensibly because otherwise that’s an entirely different threat model and you probably shouldn’t be there at the moment).
But I would leave you with this bit of advice also… they very much want you to think they are the all knowing, all seeing and ever present 50ft tall enemy. That isn’t true. There is also no shortage of people who really seem to get off on pretending things are more dangerous than they really are but that shit turns into paranoia real quickly and then people become terrified to do anything or you start making bad decisions. Fight both of those things when you run into them.
You can and should feel good about getting out in the streets at the moment, it’s not going to get easier the longer it goes on just be sensible.
That seems a tad naive. I think being recorded by local/Federal agencies at a protest, especially one critical of current government actions, is a legitimate concern. Especially since those tools are being brought out specifically for the protest, not because they are looking for some murderer that happens to be a block away from you.
Also, the word "yet" is doing a lot of work there. Considering that data can be stored indefinitely with little oversight, there is little to stop police from searching through the database and looking for "targets of interest" like phones that showed up to multiple protests.
Being at a protest is already known to make you interesting, which is why those tools are being brought out in the first place, why police are "friending" protest organization FB pages to gather membership data, etc. Keeping yourself out of databases that could be used later to jam you up is reasonable. There is also no way for police to tell who has a phone and who doesn't at a protest, so you aren’t highlighting yourself anymore by not bringing your phone (or turning it off), unlike say wearing a mask and sunglasses to reduce facial recognition visually highlights you.
Even the CIA had to stand up a whole new department years ago when the realised they even with all of their tradecraft and gadgets they couldn’t even move around London without the Brits knowing about it and had to totally change how they did business as a result. It’s not just an average protestor on the street problem at all.
I think a big part of the problem comes from this idea that you’re trying to be invisible and you keep running into all these new layers of problems all the damned time.
Maybe I’m using E2EE apps but the people I’m talking with take screenshots and run them through co-pilot or put them into their iCloud backups or a million other scenarios. It just feels like such an unwinnable game sometimes that you can very easily and convincingly get yourself to a place where you feel overwhelmed and you just freeze which is such a trap in and of itself.
I’d recommend keeping the illegal activity side of things extremely fucking low to non-existent personally and everything else will become much simpler as a result. It’s much easier to just not have evidence than trying to hide it. That doesn’t mean you shouldn’t do things with a sense of purpose though. There are many ways to frustrate the opposition, to tie up their resources, to send them on wild goose chases, to wear down their morale that are all firmly in the legal category.
You can remove the battery, put it in a Faraday cage and charge it turned off (or in another device/out of one). It can be on only when you need it.
Here’s something [1] that’s was public almost 20 years ago at this point. Things have advanced a lot since then. I don’t think you quite understand just how much of a pipeline there was for this kind of technology that went almost directly from quite classified SIGINT stuff in the GWOT to casual LEO / domestic stuff.
I know the whole no phone thing sounds like a real high speed operator move but it’s very literally a signal they go looking for when trying to sift through large amounts of data.
[1] https://www.pnnl.gov/main/publications/external/technical_re...
Btw, to help understand the technical challenges involved with this, the whole reason Tesla focused on vision-only for its self-driving was the difficulty of integrating sensor data from multiple sources, e.g. lidar + vision would be significantly more difficult to achieve. It’s not that this isn’t possible in theory - it’s just that there’s no evidence of anyone having done it for “lack of phone” detection, and that’s probably because it’s not really a requirement that’s in high demand.
They realised that technology had changed for them even that long ago that all it was doing was just making a really clear signal for the opposition as to who they were and that they were someone interesting.
I think the advice you have is very literally decades out of date.
If you have an hour or two to kill I’d recommend taking a look at this for a real no bullshit modern way of thinking about this problem space: https://youtu.be/0_04-lTu2wg?feature=shared
But the OP article is about a Stingray operation covering 30 blocks, and other discussion in this thread is about protests such as the anti-ICE protest which gathered cellphone info from the protestors. In those kinds of environments, if you don’t want to show up on surveillance, you’re much better off not carrying a phone.
Being more specific, this comment of yours is not supported by evidence:
> No phone actually stands out a lot in real life surveillance systems and will very quickly get you a bunch of additional attention because it’s so unusual.
But, if you’re getting your information from videos like the one you linked, I can see why you have these beliefs.
I have very good reasons to know what I’m talking about here but again, I’m not here to argue with you.
You are exactly right!
Because the gub'mint can track the nasal implant inserted when I was anally probed by the aliens!
You're making a ridiculous claim that makes exactly zero sense.
If folks are tracking cell phones, they can track yours just as well as everyone else's. Which means they can identify you.
If you don't have a pocket surveillance device on you, unless you're broadcasting RF waves with your (tiny) penis, you cannot be tracked via radio/cell. Full stop.
Your chance of even being able to move from your home to a protest and back completely anonymously is close to zero without you standing out very quickly. Honestly, do what you want but I’m telling you with a great deal of certainty that the only thing you’re are doing in reality is inviting a greater deal of scrutiny and your security situation is actually worse as a result of it.
Before when I was talking about the needle in a haystack problem which is the biggest weakness of the modern big data era.
So to give a really concrete example imagine you need to meet a source clandestinely in the past it’s lots of sneaking around doing surveillance detection routes and meeting in hotel rooms and things like that. Those days are completely dead. You stand out immediately.
Instead you’re looking to have very normal and plausible reasons to be in the same space together while remaining in a large crowd and not having contact usually outside of that.
So imagine you and I both get season tickets to the local sports team and we go there to watch a game just as regular fans and we find a way to communicate in that crowd.
Even the best data analysis / ML algorithms are only ever going to see two people going to a sports match every few weeks. There’s nothing interesting about either one of them that stands out.
It’s just a very different way of doing business basically but hopefully that’s an illustrative example to show you what I mean.
That's a reach. Literally.
The aliens are very efficient!
Perhaps if I read you my last comment in a voice lowered a few octaves like in that video, you’d believe me.
Because that 1000% is a real capability you will have to deal with and like sure, do what you can to make the costs associated with that as hard as possible but don’t get confused into thinking it’s a technical solution that is going to fix this problem.
Fully patched iOS in lockdown mode isn’t going to save you from someone physically making you open it in front of them.
Think something a lot closer to this xkcd comic: https://xkcd.com/538/
Alles klar, Herr Kommissar?
<https://www.timesofisrael.com/israel-targeted-top-iranian-le...>
I'm listing the Times of Israel first as it's an Israeli publication, though it cites the following NY Times article which researched the story:
"Targeting Iran’s Leaders, Israel Found a Weak Link: Their Bodyguards"
Despite all the precautions, Israeli jets dropped six bombs on top of the bunker soon after the meeting began, targeting the two entrance and exit doors. Remarkably, nobody in the bunker was killed. When the leaders later made their way out of the bunker, they found the bodies of a few guards, killed by the blasts.
The attack threw Iran’s intelligence apparatus into a tailspin, and soon enough Iranian officials discovered a devastating security lapse: The Israelis had been led to the meeting by hacking the phones of bodyguards who had accompanied the Iranian leaders to the site and waited outside...
<https://www.nytimes.com/2025/08/30/us/politics/israel-iran-a...>
(Archive / paywall: <https://archive.is/XdZet>)
It's not just your phone, it's the phones of those around you. Whether or not you have a security detail.
This is one factor which makes pervasive surveillance so absolutely insidious.
However, my endeavor here is more focused on awareness and transparency for the masses than subterfuge for the individual.
[1] https://www.justsecurity.org/34449/investigating-surveillanc...
You can't get the IMSIs passively anymore, but LTE doesn't make these attacks impossible, just less practical, especially for criminals that don't have warrants on their side.
No big need to dig down deep into the radio and protocol layer.
>In its most basic functionality, the [LTE] IMSI catcher receives connection/attach request messages from all mobiledevices in its vicinity. These attach messages are forced to disclose the SIM’s IMSI, thus allowing the IMSI catcher to retreive the IMSI for all devices in its vicinity... a fully LTE-based IMSI catcher is possible, very simple and very cheap to implement without requiring to jam the LTE and 3G bands to downgrade the service to GSM. [2]
Exploits on 5G to retrieve the IMSI. [3]
[1] https://theintercept.com/2016/09/12/long-secret-stingray-man...
You can just jam everyone in the area and see who reconnects.
There are IMSI catchers - but they all require GSM. At least on Google Pixels you can turn off 2G with a switch. The phone even shows a message about its insecurity.
In Germany I'm running 100% on LTE/5GNR-only for many months now without having a single coverage gap.
looks like iPhones will need to enable Lockdown Mode to disable 2G, at least for iOS 17+ per https://ssd.eff.org/module/attending-protest
Only option is stay in airplane mode and use wifi.