For $20, you can make a DIY Stingray in minutes, using parts from Amazon
Stingrays were once the most secretive of surveillance technology: devices whose existence was so sensitive that the feds actually raided local cops and stole their crime files to stop them from being introduced in court and revealing the capability to spy on cellular phones.
The cat inevitably escaped the bag, and subsequent disclosures revealed just how widespread the surveillance of cellphones had become.
One upshot of the law enforcement reliance on cellular mass surveillance is that it has created a perverse incentive to maintain the insecurity of our mobile devices; this insecurity, combined with the inevitable decline in price for electronic components, means that more and more people are able to spy on your phones (sometimes it's criminals, sometimes it's foreign spies, sometimes it's a mystery).
If you want to get in on the action, you can order $20 worth of parts from Amazon, plug them into your laptop, paste a few commands into your terminal and you can start spying on your friends and neighbors.
Let's fix phones, OK?
As the name implies, a software defined radio, or SDR, is simply a radio that instead of having its feature baked in at a hardware level, can be controlled by a computer program. We bought the 'NooElec NESDR Mini' from Amazon for around $20 and received it a few days later.
To get the SDR to talk to phones, I needed to give it some instructions. Fortunately, I didn't need to write my own, but just take some code from GitHub. I used a Python tool simply called 'IMSI-catcher', written by the hacker known as Oros42. The program requires an up-to-date version of Ubuntu, a particular Linux distribution, that can be downloaded for free and written either to a USB stick or installed inside a virtual machine.
To install the IMSI-catcher software, I just followed the instructions on the project's GitHub.
Once installed, I booted up grgsm_livemon, one of the programs included with the project. which presented a slider and a graph, to find a frequency to scan. This required a bit of trial and error-moving the frequency slider until finding a sweet spot where the graph represented a bell curve. The curve meant that the SDR had found what frequency nearby phones were broadcasting on. Depending on where you are, that frequency is going to be different.
With $20 of Gear from Amazon, Nearly Anyone Can Make This IMSI-Catcher in 30 Minutes [Joseph Cox/Motherboard]