It seems like this method requires a known phone number. And can track people based on knowing the phone number in advanced. That is quite a high bar, and very different from the standard stingray attack.
That is, older attacks allow you to collect all IMSI's in the area. Instead, this attack allows you to track a given phone-number, and retrieve the IMSI that belongs to a given phone number.
Edit: it seems like an Email address or twitter handle also works. What is needed is some way to trigger a message on the phone. That still requires knowing some identity up-front though.
> Edit: it seems like an Email address or twitter handle also works. What is needed is some way to trigger a message on the phone. That still requires knowing some identity up-front though.
Marginal. No barrier at all for targeted attacks (phishing, stalking, intelligence etc.).
A very large use-case for stingrays by american police was to have them running nearly continuously. Then, when a crime occurred, they would go back and examine the captured data to see who was nearby during the crime.
Such post-hoc tracking is not possible with this method.
Similarly, if all you know is "I don't trust the bearded guy who just disembarked the plane" it could be hard to get to an identity that will trigger his phone. With a traditional 'What IMSI's are in the area' capture, you just need to follow them long enough that one IMSI stands out as always being available. This attack doesn't enable that either.
> A very large use-case for stingrays by american police was to have them running nearly continuously. Then, when a crime occurred, they would go back and examine the captured data to see who was nearby during the crime
Do you have a link for this? It's difficult to Google
The officer requested use of a “digital analyzer” to locate the new burner phones at “any time of the day or night … without geographical limitation in the State of Illinois.” The request was approved.
I recall similar things happened in New York
Perhaps 'a very large use case' was too strong a phrasing though.
That is, older attacks allow you to collect all IMSI's in the area. Instead, this attack allows you to track a given phone-number, and retrieve the IMSI that belongs to a given phone number.
Edit: it seems like an Email address or twitter handle also works. What is needed is some way to trigger a message on the phone. That still requires knowing some identity up-front though.