this post was submitted on 16 Sep 2023
105 points (98.2% liked)

Technology

59086 readers
3268 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] jet@hackertalks.com 4 points 1 year ago (1 children)

I'm confused. How would this not defeat a stingray? They would know your phone is there. But they wouldn't see who you're talking to, they wouldn't hear your phone call, they wouldn't see your encrypted messages. They wouldn't see the traffic on your phone. What's left?

[–] 4am@lemm.ee 10 points 1 year ago (1 children)

Your IMEI, your carrier IP, your packet timing, any DNS your phone leaks, the IP of your VPN endpoint, your transmitter chipset, your likely OS kernel, any unreleased zero-days known to them (and maybe an exploit for them), and also a way to ack TCP packets it never intends to forward in order to sever your connection while letting your device keep taking for as long as possible, which might buy them a little extra time before you realize they’ve captured your session and cut you off.

[–] jet@hackertalks.com 7 points 1 year ago

Everything you said is true, but that is a reduced surface area versus the scenario where you're sending your traffic naked over the wire. Including your voice traffic. Using a VPN while attached to a stingray is strictly a smaller risk surface.