Summary7 min read

The 404 Media Podcast

Episode Title: How to Detect Phone Spying Tech (with Cooper Quintin)
Date: March 2, 2026

Overview

This episode, hosted by 404 Media, features an in-depth interview with Cooper Quintin, senior public interest technologist at the Electronic Frontier Foundation (EFF). The conversation centers on cell site simulators—often dubbed "IMSI catchers" or "Stingrays"—devices used by law enforcement and malicious actors to track, surveil, and sometimes intercept communications from mobile phones. The episode covers the technical workings of these devices, their evolution, legal/regulatory changes, and the development of "Ray Hunter," a new, user-friendly tool to help activists, journalists, and the public detect these spying technologies. The discussion is highly technical yet accessible, busting myths and providing real-world insight into surveillance threats.

Key Discussion Points & Insights

1. What Are IMSI Catchers/Cell Site Simulators?

Definition and Functionality
- IMSI catchers, Stingrays, and cell site simulators all refer to essentially the same technology—a fake cell tower used to trick phones into connecting, revealing their unique subscriber identity (IMSI).
  - "It's usually a fake cell tower that police are able to use to trick your phone into connecting to it instead of the real cell tower... used to find the identity or IMSI of your phone." (Cooper Quintin, 02:13)
- Once connected, the device can collect identifiers, locate devices precisely, and potentially intercept calls or texts.
Exploit the Telecommunication Network’s Design
- Cell phones naturally try to connect to the strongest/nearest tower, making them susceptible.
  - "Your phone is... always tracking you, right? Because the phone company has to know what towers you're connected to... [for] routing messages... and there's really no way to get around that." (Cooper Quintin, 03:43)

2. Capabilities and Abuse of Cell Site Simulators

Beyond Tracking: Surveillance Uses
- Used for precise location (even in buildings), potentially man-in-the-middling calls and SMS, and indiscriminate collection of all device IDs in an area—raising civil liberties concerns.
  - "You could use it, for example, to identify who is in a particular location... sit outside of a protest... and gather up all of the identities." (Cooper Quintin, 07:44)
- Not just law enforcement: scammers have also used these to send SMS phishing messages.
  - "...drive around and they broadcast... text messages. In the France case, it was from the French Health Ministry... just SMS scams." (Cooper Quintin, 09:54)
Levels of Sophistication
- Law enforcement models are expensive, feature-rich, and come with tech support. Crude versions can be built cheaply by hobbyists or criminals.
  - "You can build an MC catcher right now with a $20 software defined radio..." (Cooper Quintin, 10:52)
  - "The contracts the police are signing for these are close to a million dollars..." (12:13)

3. The 'Stingray' Brand and the Evolution of the Industry

Historical Context
- “Stingray” is a brand name from Harris Corporation; it became a generic term, much like "Kleenex."
  - "It wasn't the first IMSI catcher, but it was the first one that really got a lot of attention and was widely used by local law enforcement." (13:23)
Expansion and Secret Use
- Initially, these were used without warrants for various investigative purposes. Secrecy was enforced by vendors, sometimes causing cases to be dropped to keep techniques hidden.
  - "Harris would encourage police and DAs to drop cases if it seemed like evidence acquired from an IMSI Catcher was going to come up in court..." (20:37)
Industry Shifts and New Players
- Harris has moved out of selling to local police, with smaller companies and international firms (like Octastic from Israel) now filling the market, including new 5G-compatible devices.
  - "...recent purchases that I've seen for MC Catchers tend to come more from a company called Jacobs... The other one... is Octastic, an Israeli company..." (21:45)

4. Tech Evolution and Ongoing Vulnerabilities in Cellular Networks

Cat and Mouse with Cellular Standards
- As networks progress from 2G to 3G/4G/5G, security improves but new exploits are discovered. Older, insecure generations must remain available for legacy support, perpetuating risk.
  - "Cellular standards are governed by... 3GPP... it's a standard that's designed by committee... is only barely followed... leaves a lot of room for exploits." (27:20)
  - Even 5G, despite improvements, is not immune: “5G Titanic” research showed man-in-the-middle attacks are possible.
  - "There was a paper this year called 5G Titanic where a researcher demonstrated the ability to man in the middle conversations in 5G. So I think it's curtains for 5G, man." (30:06)

5. Introducing Ray Hunter: A Tool for Detecting Cell Site Simulators

Origins and Challenges
- Initial efforts, like “Crocodile Hunter,” required expensive equipment and technical skills, limiting adoption by non-experts.
  - "The few journalists who did use this, right, like I needed to be there as backup... we kind of scrapped this idea." (34:47)
Breakthrough: Low-Cost, Usable Solution
- Leveraging rooted Qualcomm-based mobile hotspots and diagnostics protocols, Ray Hunter provides affordable detection (hardware ~$10–20).
  - "Ray Hunter... you go buy a older, last generation mobile hotspot, they're like $20, $10 on eBay... Throw it in your pocket and you go about your day." (36:14)
How It Works
- An LED signals detection. Packet captures enable researchers everywhere to independently analyze suspicious activity.
  - "There's a little green line at the top of the screen. That line turns red if it detects something..." (36:14)
- Looks for patterns like 2G downgrades (almost never legit in US) or suspicious requests for your IMSI.
  - "A 2G downgrade is very, very unusual for a normal tower... in the U.S... we've shut down our 2G networks..." (37:33–37:41)

6. Evidence on Use of IMSI Catchers at Protests and Activism

Myths vs. Reality
- Evidence so far does not support fears that Stingrays are regularly used to collect protester IDs in the US.
  - "As we've had people carrying these around, what we've found is no evidence to support that IMSI catchers are being used at protests in the U.S..." (39:19)
- The main documented uses tend to be targeted (e.g., serving warrants or precise location in investigations).
- Still, possibility of future use remains, so monitoring must continue.

7. User Experience and Accessibility

Installation & Use
- Designed to be as easy to use as possible, similar to running modern privacy-focused tools.
  - "I have installed this myself...it was incredibly painless... very easy to use..." (43:24)
- Team is working on making the software installable without having to touch a command line.
  - "We're working on a graphical installer right now so people no longer have to open the terminal." (45:11)

8. Limitations & Further Hopes for the Project

Not an App—And Why
- Due to technical/security tradeoffs, Ray Hunter is not an app; rooting phones decreases security and increases risk from law enforcement forensic tools (e.g., Cellebrite).
  - "I don't want to be in the business telling people to root their phone... more people should be concerned about mobile forensic tools like Cellebrite..." (45:11)
Need for Systemic Change
- Real improvements need to come from device manufacturers (Apple, Google, Qualcomm) and telcos integrating detection natively.
  - "Your phone should be the one actually protecting you from an IMSI catcher." (52:26)
Educating Activists & Public
- Accurate threat modeling is important: cell site simulators are not the most imminent surveillance threat to protesters—tools like license plate readers and facial recognition are more widely deployed.
  - "I kind of hope that this is already starting to work... we haven't really found this at protest..." (48:21)

Notable Quotes & Memorable Moments

"A cell site simulator is usually a fake cell tower that police are able to use to trick your phone into connecting to it instead of the real cell tower."
— Cooper Quintin (02:13)

"You can build an IMSI catcher right now with a $20 software defined radio."
— Cooper Quintin (10:52)

"Harris would encourage police and DAs to drop cases if it seemed like evidence acquired from an IMSI catcher was going to come up in court..."
— Cooper Quintin (20:37)

"As we've had people carrying these around, what we've found is no evidence to support that IMSI catchers are being used at protests in the U.S."
— Cooper Quintin (39:19)

"I hope you won’t find anything... but also, I hope you will and I hope you'll send it to me."
— Cooper Quintin (48:21)

"Your phone should be the one actually protecting you from an IMSI catcher."
— Cooper Quintin (52:26)

Timestamps for Important Segments

[02:13] – What is an IMSI catcher?
[07:44] – Surveillance risks beyond targeted tracking
[12:13] – Industry cost and what law enforcement buys
[13:23] – "Stingray" name and industry history
[21:45] – New market players: Jacobs, Octastic, 5G
[27:20] – Cellular standards’ vulnerabilities and cat-and-mouse
[36:14] – How Ray Hunter works
[39:19] – Evidence (or lack thereof) for protester surveillance
[45:11] – Why there's no Ray Hunter app; Cellebrite risk
[48:21] – Project hopes: reduce fear, inform manufacturers
[52:26] – Advocacy for industry-wide protections

Summary

This episode delivers a rich, technical, yet accessible look inside the world of cell site simulators—from their history and capabilities to myths, legal shifts, and fresh, open-source resistance tools. Cooper Quintin’s work on Ray Hunter sets out not just to empower the public with actionable detection, but to foster a more realistic understanding of digital surveillance threats. Ultimately, the message is that while IMSI catchers are powerful, their routine use against protesters is not supported by current evidence; meanwhile, collective vigilance and pressure on tech industry giants remain essential.

Loading summary

Transcript105 lines

[00:00]
Cooper Quinton
Foreign.
[00:07]
404 Media Host
Welcome to the 404 Media podcast where we bring you unparalleled access to hidden worlds, both online and IRL. 404 Media is a journalist founding company and needs your support. To subscribe, go to 404 Media Co as well as bonus content every single week. Subscribers also get access to additional episodes where we respond their best comments and they get early access to our interview series too. Like this episode. Gain access to that content at 404 MediaCo. This week I'm speaking to Cooper Quinton, a security researcher and senior public interest technologist with the Electronic Frontier Foundation. Cooper has done a lot of work looking into IMSI catchers, or as you'll hear us talk about, maybe we should probably actually describe them as cell site simulators. These are these small devices that pose as a phone tower to then sweep up information about nearby mobile phones. Cooper has helped develop this tool called Ray Hunter, which allows people to detect if maybe there is an IMSI catcher or a cell site simulator around me somewhere. This is a really, really interesting conversation that gets much more in the weeds than I think, you know, a lot of coverage would. So I'll throw to the interview and I really, really hope you enjoy the conversation. Cooper, thank you so much for coming on the show. Really, really appreciate it.
[01:46]
Cooper Quinton
Yeah, really excited to be here, of course.
[01:49]
404 Media Host
So I don't know if everyone is going to be really aware of what an IMSI catcher is. A stingray, a cell site simulator. I don't say that one that often. That's why it's a little bit tricky to get out. How about to get the conversation going, could you just tell us what is an IMSI catcher and how does it work exactly?
[02:13]
Cooper Quinton
Yeah, yeah, for sure. So Stingray, Cell Site Simulator and McCatcher are terms that are often used interchangeably and they pretty much all mean the same thing. It's usually a fake cell tower that police are able to use to trick your phone into connecting to it instead of the real cell tower. And this is usually used to find the identity or IMSI of your phone. IMSI stands for International Mobile Subscriber id. This is a unique ID that's used by your SIM card to identify it to the base, the tower. Right. And to the phone company for the purposes of billing. Most importantly, in their eyes, every phone has an imsi. Every SIM card has its own unique mc, and this can uniquely identify you. So once your phone connects to an IMSI catcher, the police get your IMSI and then they can go bother the phone company until they give you your. Until they give the police your subscriber details, your name, your address and all of that stuff, right?
[03:11]
404 Media Host
So it's funny because as with a lot of stuff in telecom security, the way these networks are exploited or attacked in various ways often comes down to simply how telecommunications networks work, right? This is able to function as a fake cell phone tower because phones, simply, in virtue of how they work, are always trying to talk to a cell phone tower that's nearby or I guess the nearest free or something like that. Is that fair?
[03:43]
Cooper Quinton
Yeah, that's completely fair. Yeah. MCC catchers really just take advantage of how the cell phone network was designed to work, right? Your phone is, to a degree, always tracking you, right? Because the phone company has to know what towers you're connected to to locate you to be able to send you messages most efficiently, right? So if you get a text message, there's two ways to route this to you, right? There's one is to send that text message to every cell tower in the United States, right? And everybody tries to read it and sees it's not for them and then discards it, right? Or the. You can, with your imsi, let the phone company know what, you know, what part of what region you're in, and then the phone company can send. Route the message to that region, right? And so, like, you're always connecting to the towers, you always have this unique id, and there's really no way to get around that. You always have to have an emcee, right? Some phone companies, there's a couple of interesting companies out now that are doing interesting things like rotating your imsi. Those are interesting ways to sort of get around that issue. But in general, especially with, you know, the big three now, AT&T Verizon and T Mobile, right, there's no getting around the fact that your cell phone is constantly tracking you and that IMSI catchers can take advantage of that because there are so many messages, right? Your phone is always looking for the strongest signal. Your phone is always looking for the best connection, right? And it is happy to connect to a new tower that pops up, right? Especially if that tower looks stronger than the other surrounding towers, which is what
[05:13]
404 Media Host
a cell site simulator will do, right. Does it. Does it look like the strongest tower nearby?
[05:19]
Cooper Quinton
Yeah. Yeah. That is often what they do is they'll look like the strongest tower nearby or, you know, they will advertise themselves as available, advertise other towers as not available. They will pretend to be another tower that you're really connected to, and they can send A message that looks like it's from that tower that says, hey, please disconnect from me right now and rejoin on this other tower, which is also from the IMSI catcher. Right. So they can trick your phone into connecting to it that way and then there's all these messages that your phone sends to the tower and the tower sends back to your phone without any sort of authentication ever happening. Right. And some of those messages can contain your IMSI and the tower can specifically request your imsi. And the phone happily gives up that information.
[06:00]
404 Media Host
Right, totally. And I think we'll get a little bit more into this in a minute. But broadly, what are some of the capabilities beyond just grabbing an imsi? Like, are these capable of doing anything else?
[06:13]
Cooper Quinton
Yeah, absolutely. So the purported use of IMSI catchers is to track down a specific person. Right. The reason police say they need these is for like a manhunt. Right. Or locating somebody who's been kidnapped. Right. Or search and rescue operations, things like that. And they are useful for that. Right. The cell phone company can give you somebody's location, but only, you know, down to, you know, at, at best 150 meters. Right. And not any sort of verticality. Right. If somebody's in a big apartment building. Right. What the MC catcher can do is really track them down to the specific apartment they're in.
[06:51]
Advertiser/Voiceover
Right.
[06:51]
Cooper Quinton
Like this is the most fine grained location data and it's the most accurate. Right. You can always get it. You're not always going to get data from. There are a lot of other location things.
[07:01]
404 Media Host
Right.
[07:01]
Cooper Quinton
Like I said, you can get from tower pings, from phone companies. Right. You could get location from a tool like Penlink from WeBlock. Right. But people aren't always going to be in the WeBlock database. Right. The phone pings aren't always going to be the most accurate. With a suit tool like an McCatcher, you can always very accurately locate somebody.
[07:18]
404 Media Host
Yeah. And for those who may not have read this piece that we published actually just shortly before we were recording this, weblock is this tool that ICE has bought which uses location data probably sourced from the AD ecosystem. But what you're saying here, of course, and absolutely correct, an IMSI catcher is so much more powerful because it's using much more of the telecommunications backbone than, I don't know, is this person maybe in this advertising data set, like, who knows?
[07:45]
Cooper Quinton
Right, Right, exactly, exactly. And you can't fool it by turning off location services or not having any apps on your phone that are not giving location data to any apps that have ads. The McCacher will still work. The other concerns, though, with an MC Hatcher, the concern is that you could use it, for example, to identify who is in a particular location, right? So the theory, and we haven't seen any examples of this to my knowledge, but the theory is that police could sit outside of a protest, right, and gather up all of the identities of the people going to that protest or sit outside of an abortion clinic or sit outside of a mosque, right. Anywhere where they want to identify all of the people in that area. And that, to me, that is much more concerning. If police are just using MCC catchers to find a kidnapped person or to find somebody who is accused of murder, I could still find issues with the way they're using it. But if they're getting a warrant and they're only using it for that and they're minimizing the data, I have bigger fish to fry. But if they are using this to surveil free speech, right? If they're using this to figure out who is engaging in their constitutionally protected right to protest, that's a problem. Another problem is that because of the way McCatrists work, they could be used and have been used in the past, we know for sure to man in the middle calls and text messages which aren't encrypted, right? So you could use these to listen in on people's calls, read people's text messages. One of the ways that they're commonly used right now, not by police, but by scammers, is to send people text messages from, you know, quote unquote, legitimate phone numbers, right? So there was a story, I think a couple years back now about a woman who was driving around France and got pulled over and they saw some weird equipment in the back of her car, called out the bomb squad, bomb squad came out and called out the IT guys, right? And it turned out that it was actually an MC catcher in the back of her car.
[09:48]
404 Media Host
We've had similar in Southeast Asia recently as well, I think, where they just drive around with these cars with an IMSI catcher in it.
[09:54]
Cooper Quinton
Yeah, yeah, exactly. They drive around and they broadcast, you know, text messages. In the fr. In. In the France case, it was from the. The French Health ministry, right? Claiming to be from the French health Ministry. Just SMS scams, right? Like trying to phish people's health logins, I guess, out of them, I don't know what the ultimate financial. I mean, this isn't America, right? There's universal healthcare. So I don't know what you're seeking to get in that case.
[10:23]
404 Media Host
But that brings up something interesting in that obviously at the same time the technology is sophisticated in that law enforcement agencies are using it, that sort of thing. And then on the flip side, it's really not that sophisticated in some cases because somebody's driving around with a car it just shoved in the back. Almost common criminal level. So is there a disconnect there where maybe the law enforcement people have the more sophisticated one, I imagine, and the criminals have something else, you think?
[10:52]
Cooper Quinton
I think so. I mean, I think it's different use cases. Right. You can build an MC catcher right now with a $20 software defined radio.
[11:06]
404 Media Host
I've done just that. Maybe I'll put a link to that in the show notes as well. But yeah, I can't remember who someone published a guide and followed it and just wrote about it. But it's crazy cheap and easy to do it on a very crude level.
[11:17]
Cooper Quinton
Yeah, yeah, exactly. And so I think that what police are really paying for.
[11:22]
Advertiser/Voiceover
Right.
[11:22]
Cooper Quinton
Is more powerful radios and more, perhaps more sophisticated attacks. And also, most importantly, tech support. Right, right. Somebody puts all of this in a truck, puts 13 high end thousand dollar software to find radios in it provides all this really nice, easy to use, soft and you know, maybe some more sophisticated exploits, but then also gives them tech support. And I think that's really, you know, I mean the, the, the contracts the police are signing for these are close to a million dollars. Right. Like that's the, the, the contract that ICE just signed was for 900 and something. 900 something thousand dollars. Right. A lot of the contracts that we've seen are for close to a million dollars. Like that's, that's a pretty standard rate for a truck filled with software defined radios that are acting as an MC catcher.
[12:14]
404 Media Host
Right. And you're totally right in that it's mostly the tech support, the customer support. Where law enforcement want to buy a tool that works. They don't want to be going, oh man, I better log into my Ubuntu terminal to configure my software defined. They don't have time for it. They might be trying to locate people who they think are undocumented. They might be trying to locate somebody who's actually been kidnapped and is missing or something like that. They don't want to be messing around with a terminal.
[12:43]
Cooper Quinton
Yeah, exactly. They're not trying to fix their Python dependencies and install PIP and do all of that. Right. They're not going to go out and learn C and C. Exactly.
[12:54]
404 Media Host
And of course that's a common thing across the surveillance industry, where even with the malware stuff, it's much more about the company providing a service. And that kind of. I'm going a little bit back in time, but that brings up the idea of Harris. Right. Where the name Stingray comes from. And I feel like fewer of us use the word stingray now because this. It was much more popular term 10 years ago. Can you just explain sort of where that term came from and so why we called it that at the time?
[13:23]
Cooper Quinton
Yeah, for sure. So. So that terms. That was a. That was a brand name from a company called Harris Corporation. L3. Harris Corporation, which still exists and still makes lots of equipment for police and national security and all those. They actually also bought a cybersecurity company called Azimuth interestingly, recently, which is. Which is interesting and might signal a shift to offensive cybersecurity, but that's another story. So the Stingray was their first really big. It wasn't the first emcee catcher, but it was the first one that really got a lot of attention and was really widely used by local law enforcement. Right. Federal law enforcement, the FBI. DOJ had had MC catchers before that. Triggerfish, I think, was a really early one that was used to catch the hacker Kevin Mitnick. But the Stingray was the first one that was bought by local police departments, sfpd, nypd, Chicago pd. And the first one that really caught on in the public imagination, the first one that people really started looking into and so it almost became. Was sort of the Kleenex. Right. I think there's a term for this phenomenon that I forget at the moment. Right. But it became the Kleenex of IMSI catchers. Right.
[14:43]
404 Media Host
Or the Google. Like that becomes a verb sort of thing.
[14:45]
Cooper Quinton
Yeah, exactly. It became a verb. Every IMSI catcher is a stingray. You're going to get stingrayed.
[14:49]
404 Media Host
Right?
[14:50]
Cooper Quinton
Yeah, it became very common. And then a lot of us in the space started trying to use the term cell site simulator to be slightly more pedantic and accurate. But I think actually stingray still resonates with a lot of people. When I talk about this often, I'm like, who's heard of a cell site simulator? Nobody. Who's heard of an McCatcher? Maybe a couple people who's heard of a Stingray. Oh, yeah, right. Everybody raises their hands.
[15:15]
404 Media Host
Yeah. I mean, it's a catchy name, and it does resonate with people, and it sticks with them. And I should. I mean, I actually haven't covered IMSI catchers. Really. Recently, you know what I mean? Just like I kind of did that back then and kind of been focused on some other stuff. But next time I do, I'm going to try to say cell site simulator because even IMSI capture doesn't capture the full capabilities of the tool because as you say, it could be also for messages and calls. Right?
[15:43]
Cooper Quinton
Yeah, it doesn't, it really doesn't. Right. There was another actually really interesting, really, really kind of scary use of cell site simulators, which was that there was a report from Amnesty International that some gentleman who had had NSO Group's Pegasus spyware installed on his phone, they thought that it was likely that this had been installed via use of an IMSI catcher. Right. Via use of a. Sorry, not an IMSI catcher but a cell size simulator.
[16:11]
404 Media Host
It's okay, we can use them interchangeably but I think the listeners will know what we're talking about.
[16:15]
Cooper Quinton
But this is the right. Why those terms don't quite encompass it because this technology wasn't just catching his imsi. Right. It was capturing his entire connection and mana the middling it and then redirecting some plain text query he made to a query to download NSO Group's spyware. Yeah, I think that, that especially in like military contexts, I don't think that's a unlikely usage.
[16:43]
Advertiser/Voiceover
Right.
[16:44]
Cooper Quinton
For this. I don't think that that's something that like ICE is necessarily going to be doing right now. I certainly don't think that's something that your local police department are going to be doing. Right. But like that is something that can be done. Right. And that like at the, at the sort of nation state espionage level, that is a concern.
[17:04]
404 Media Host
Yeah, absolutely. And of course even before local police or maybe it was the same time, there was kind of such a long time ago, but IMSI catchers, cell site simulators of course were being flown in aircraft above literal war zones like Afghanistan and Iraq. Whereas it is used as a surveillance weapon of war, probably to in use cases that some people might see as more legitimate than others. I'm not going to go down that roll, but what I'm trying to say is that I think you're right in that ICE isn't going to be using an IMSI catcher to deliver malware because that's very expensive as well.
[17:42]
Cooper Quinton
Absolutely.
[17:43]
404 Media Host
Before we get to what we've seen over the years, I guess just because you brought up ice, what do you think they could plausibly use it for? And the thing that comes to mind for me is I think there was a buzzfeed news report a long time ago. Or maybe it was another outlet where an IMSI catcher was used to track down somebody that enforcement and removal operations were actually trying to find. What could you see more plausibly, ICE using this sort of technology for if it's not delivering malware?
[18:17]
Cooper Quinton
Yeah. There was actually a more recent case too where they, and I think, I want to say Forbes, reported on it, where I used an MC catcher to track down somebody in Orem, Utah.
[18:32]
404 Media Host
Right? Yes. From Tom Fox Brewster, you're right.
[18:35]
Cooper Quinton
Yes, yes, that's right. Yeah, yeah, yeah. Shout out to Tom. Great journalist. So, yeah, so they had recently used it for that. Right. And it was interesting case because in the court documents they say, you know, we had gotten this guy's home address from cellular records.
[18:52]
Advertiser/Voiceover
Right.
[18:52]
Cooper Quinton
We figured he was at home because of the time of day. And like we went and did visual inspection and his car was in the driveway. And then we got out the IMSI catcher just to make triple sure that he was actually at home.
[19:06]
404 Media Host
A little bit of fun.
[19:07]
Cooper Quinton
Yeah, yeah. Just like, well, we got to use this thing, right? And we got the warrant, so why not? The interesting thing about IMSI catchers is that, and I think the reason they've fallen off from sort of being the thing that everybody is concerned about and that everybody. And that a lot of research is going towards is because in, I want to say, 2020, there were some legal cases that resolved in that law enforcement would need to get a warrant to use an IMSI catcher. And before that, they were often, it seems, being used without getting a warrant. Right. And then courts decided, no, you actually do need to use a warrant for this. This is a general search. Right. And I think that ever since then, police departments are using IPSY catchers a lot less or maybe, you know, really only for their intended papers purpose or just to justify the fact that they bought it. Right. Like that use by ICE almost seems like just a justification. Like you're like, well, we bought this thing, we got to use it, otherwise, you know, we're not going to be able to buy one again. Right, right.
[20:14]
404 Media Host
I mean, can you, can you briefly just touch on that? Because I was going to ask where there was this time, as you say, where these local police didn't need a warrant and they were sort of just going around and using these. Can you remember or do we know sort of what cops were using them for then before the warrant requirement came in? Is it sort of everything we've been speaking about already?
[20:38]
Cooper Quinton
Unfortunately, we don't because there's been so much secrecy around IMSI catchers and how they're used. Right. And I mean, that's been one of the big problems for years is that, like, especially with Harris, right. Harris would Encourage Police and DAs to drop cases if it seemed like evidence acquired from Nimsy Catcher was going to come up in court because Harris really did not want their. Their, you know, information, their trade secrets, right. Being revealed in court. And actually, Harris has stopped selling to local law enforcement because this kept happening so much. Right. That. That IMSI catchers kept coming up in court and information kept getting leaked, you know, about how they work through this method. So now Harris only sells to federal law enforcement and they no longer sell to local. Local police departments. And it seems like maybe they're even getting out of the game entirely. The recent purchases that I've seen for MC Catchers tend to come more from a company called Jacobs, which bought a company called KeyW that was a big MC catcher manufacturer. And the other one that I'm seeing a lot is Octastic.
[21:46]
404 Media Host
I've literally never heard of these.
[21:49]
Cooper Quinton
So Octastic is an Israeli company. Yeah, no super crazy name. So Octastic is an Israeli company that's now selling MC catchers that they claim operate natively on 5G. And so, yeah, we're seeing really like Harris is no longer, you know, seems to not really be in the market at all anymore. And these other smaller players have come and taken that over in the U.S. yeah. But, yeah, we don't know what they were being used for. Right. I mean, I, you know, we can, I think, assume that they were being used for all the things I mentioned. Right. Being used to intercept calls, being used to locate people. Right. Being being used to determine presence in a specific area. I think all of those are very lively.
[22:38]
Advertiser/Voiceover
A thoughtfully built wardrobe really comes down to pieces that mix well. And last, instead of chasing trends, I've been trying to simplify things. Fewer items, better quality, stuff that works year round. That's where Quince has really stood out to me. They make everyday essentials that feel effortless to wear and dependable as the seasons change. I've been rotating through their lightweight cashmere sweaters, linen shorts, and Pima cotton tees, the kind of versatile pieces that actually make getting dressed easier. The fabrics are the real difference. Their cashmere is 100% Mongolian, the same material luxury brands use. The Pima cotton is long staple, so it stays soft and doesn't pill. And the European jersey linen is breathable and lightweight, which is perfect once the weather warms. Up. Quints works directly with top factories and cuts out the middlemen so you're not paying for retail markups, just quality clothing that holds up to regular wear. Quints has quickly taken over my wardrobe as spring begins here in la. I've stocked up on some nice heavyweight T shirts to go with my sneakers, a sweater and a linen button down that's also in my rotation. Stop over complicating your wardrobe. You don't need a closet full of options. You need a few pieces that actually work right now. Go to quince.com 404media for free shipping and 365 day returns. That's a full year to build your wardrobe and love it. And you will now available in Canada too. Don't keep settling. For clothes that don't last. Go to Q I n c e.com 404media for free shipping and 365 day returns. Quint.com 404media what's the latest trend in hiring? Skills based hiring, which emphasizes capabilities over education and direct experience. Someone can have a resume or education that looks good on paper, but can they actually do the job? That's what you need to focus on. Well, if you're an employer who's adopted skills based hiring, the best way to ensure that your applicants have the right skills is ZipRecruiter. ZipRecruiter recommends smart screening questions to help you hone in on that perfect match for your role. And right now you can try it for free@ziprecruiter.com 404 Media ZipRecruiter's powerful matching technology finds qualified candidates fast and you can easily put ZipRecruiter screening questions into your job post so you get high quality applicants who are actually available and actively looking on the site. No wonder ZipRecruiter is the number one rated hiring site based on G2. Let ZipRecruiter help you find amazing candidates with the skills you seek. Four out of five employers who post on ZipRecruiter get a quality candidate within the first day. And now you can try it for free@ziprecruiter.com 404media that's ziprecruiter.com 404media Meet your match on ZipRecruiter at some point, every side hustle hits that moment. You're not just selling to friends anymore. Orders are coming in, people you don't know are buying your stuff and suddenly you realize this might actually be a real business. That's the point where you need Tools that can keep up. That's when you need Shopify. Shopify powers millions of businesses worldwide and about 10% of e commerce in the US from major brands to people launching their first store to of course, 404 Media. With Shopify, you can quickly and easily take yourself from side hustle to real business by building a professional storefront with ready to use templates that match your brand. And using Shopify, you can run email and social campaigns so customers actually find you. Plus, Shopify handles everything behind the scenes. Payments, inventory, shipping, analytics, all in one place. And that iconic purple shop pay button helps customers check out faster, which means fewer abandoned carts and more completed purchases. It's time to turn those what ifs into with Shopify today. Sign up for your $1 per month trial today at shopify.com media. Go to shopify.com media. That's shopify.com media.
[26:45]
404 Media Host
You mentioned 5G just there. And before we start to move to the second section, I just wanted to bring up this sort of. There's this cat and mouse dynamic, right? Not as much as the exploit industry where NSO group or whoever will make or buy an exploit, then Google or Apple will patch it. And that just goes on and on and on forever. Essentially here there's, well, we've moved to 3G, then the IMSI catchers need to deal with that, then 4G, then 5G. What is going on there? Like do they break 5G? Do they downgrade a target? What's happening there, as far as we know?
[27:20]
Cooper Quinton
Yeah, for sure. I mean, the issue with cellular networks, right? The core issue here is that cellular standards are governed by a body called the 3GPP, the 3G public private partnership. And this is a standards body consisting of hundreds of large companies, all of the largest companies, all of representatives from various governments that all have to come to an agreement on how cellular technology will work. And then they publish a thousand page standard on how, you know, 3G or 4G or 5G is going to work. And then the phone companies only sort of follow it. And so because it's such a complex standard that's designed by committee and has to work everywhere and is only barely followed, right? This leaves a lot of room for exploits, right? And because it's a standard, when exploits are found, they're slow to get patched, really. Like often you can't patch them until the next generation of cellular technology, right? And you have to keep supporting all the previous generations of cellular technology because people will still have phones that only work on 2G or only work on 3G or only work on 4G? Right. So, for example, with 2G, IMSI catchers were really easy to build because in 2G, the phone had to authenticate itself to the network as being a real subscriber using its mz. But the network never had to authenticate itself to the phone. So you could very easily set up an entire man in the middle situation to listen to all the phone calls and read the text messages and all of that. In 4G, one of the big innovations, other than speed and that stuff, is that the phone and the network now had to mutually authenticate each other. But unfortunately, a lot of messages get sent, including the IMSI before that mutual authentication ever happens. And a lot of messages are just not authenticated. So it's not like HTTPs, where when I visit a website every, I don't send anything to that website until that website verifies its authenticity. And then we establish a encrypted tunnel to communicate over. It's more like there's a bunch of unencrypted stuff that happens. And then after that, some encrypted stuff might start happening, but the phone and tower can still send unencrypted, unauthenticated packets to each other. So this is how even on 4G, a cell site simulator can spoof a tower and say, hey, please disconnect from me this tower that I am, and connect to this other tower that's over here. That's way stronger, trust me.
[30:06]
404 Media Host
It's a mess. You know, that's what it sounds like.
[30:08]
Cooper Quinton
It's a huge mess. Yeah, it's a huge mess. And so 5G fix a lot of those problems. It is definitely a step up from 4G. Right now, the IMSI is always sent encrypted, right? Or it is always like the actual imsi, which is called the. I think it's the subscribed user permanent identity, and the subscribed user concealed identity, something like that. I might be messing up the SEU part, but it's permanent identity, concealed identity. So the permanent identity is the analog to the imsi. And then the concealed identity is changed each time and derived from a key that both the user and the tower have. And this is the only one that's ever sent in 5G. So police are still able to use McCaches over 5G by downgrading users to 4G. That has been the case for a bit. But also there was actually just a paper that was released at Black Hat this year, the big hacker conference in Las Vegas, the big cyber I shouldn't call it a hacker conference. The big cybersecurity industry conference in Las Vegas. There was a paper this year called 5G Titanic where a researcher demonstrated the ability to man in the middle conversations in 5G. So I think it's curtains for 5G, man.
[31:21]
404 Media Host
Yeah, we already need to jump to the 8G or whatever. But it's exactly that dynamic where there are improvements and then we find more vulnerability. And that's just cybersecurity and offensive security as well. Absolutely, yeah. It's just the same thing here. Well, let's shift gears a little bit and let's talk about Ray Hunter. Because you have all of that context from cell site simulators. You've helped build and release this tool. Could you first just tell us where the idea for it came and then maybe tell us what it is? How did this actually come about, first of all?
[32:00]
Cooper Quinton
Yeah, for sure. So I actually had a previous project called Crocodile Hunter and we named it Crocodile Hunter because stingrays had killed Steve Irwin and we were going to take one back for Steve.
[32:13]
404 Media Host
Right.
[32:15]
Cooper Quinton
So basically I had gotten excited about IMSI catchers after I got asked to come out to the Standing Rock Reservation in North Dakota during the no Dapple pipeline protests. This was a Dakota Access pipeline. It was a big oil pipeline that was going to cut across Indian land and go all the way across the US and leak oil all over the place and be generally horrible for the environment. The protesters there were worried about IMSI catchers and had some apps that were telling them that maybe IMSI catchers were present. So I went out there to go see if I could corroborate this because I would be concerned about that. What I figured out quickly was that I had no, no idea what I was doing and I had no idea how to actually tell if there was an IMSI catcher. Right. I had some apps that were saying some things that were, you know, maybe could be IMSI catchers, maybe could not be McCatchers. Right. I had some software defined radios I really had no idea what to do with. And I realized that we needed better, a better method to actually determine if McCatchers were being used and actually prove it. Right. So we started out with a project called Crocodile Hunter where the idea was that using some high end software defined radios and some programs I had written on Linux, we could take these around and map out all of the cell networks in a specific area and then look for any anomalies, any changes. Cell towers that are moving, cell towers that are not where they should be cell towers that are broadcasting at extremely high signal, extremely high volume, basically. And then we could actually physically track those down, right. And look at them with our eyes. Right. And if it's a established cell tower that's 200ft high, that's probably fine. It's probably just misconfigured. If the signal is coming from the back of an unmarked truck and four dudes with buzz cuts jump out, that's probably a good sign that it's an IMSI catcher, right? The problem with this is that it was a great system for me, it was a really good system for somebody who compiles their own kernel for fun and likes to program in C and C and is a huge nerd. But I really wanted journalists and activists to be able to use this on their own because I can't be everywhere all at once. Most journalists, for good reason, don't have the same amount of technical acumen that say, for example, you do, Joseph.
[34:36]
404 Media Host
I mean, maybe, but I also don't have much time, right. Whereas you are already an expert and you can kind of jump into it. I simply can't do that.
[34:47]
Cooper Quinton
Yeah, yeah. I mean, that was the other problem, right. Is that the few journalists who did use this, right. Like I needed to be there as backup to actually interpret the results, right. Because they weren't easy to interpret. So we kind of scrapped this idea. Also, it required at least $1,000 worth of software defined radios, which is really inaccessible. So I scrapped this idea and went back to the drawing board. And then a friend of mine, Matthew Garrett, showed me this device, this little orbic hotspot, right? And this was a couple of years later. And he said, hey, I've rooted this device and it turns out it has this diag protocol on it, which I bet you could use to get a log of the mobile traffic, right? The traffic going between the modem and the tower itself. And I thought I was, oh, that's interesting. And so I started taking a look at it, right? And it turned out that we can. So Qualcomm chips, Qualcomm is one of the big cellular modem manufacturers and their chips have this built in diagnostic protocol that on a rooted device you can access and it'll give you raw packet logs of the control data going back and forth between the device itself and the tower that it's connected to. And so what we decided was that we could turn this device into sort of a intrusion detection system or antivirus for MC catchers. Right?
[36:13]
404 Media Host
Right.
[36:14]
Cooper Quinton
So by looking at that traffic, we can look for the things that MC catchers that one might expect McCatchers to do. Right. So this is what became Ray Hunter, and it's because it's called Ray Hunter. Again, hunting for stingrays, we had cooler names in mind, but they were all trademarked. So Ray Hunter is what it came to be. But yeah, you go buy a older, last generation mobile hotspot, they're like $20, $10 on eBay. You install our custom firmware on it, you throw it in your pocket and you go about your day. When it detects something, there's a little green line at the top of the screen. That line turns red if it detects something. And then you can connect to the hotspot, connect to the web interface and go download the files, the packet captures and send them to us. Or send them to another friend who's really into LTE for further analysis. Right. But we have some signatures to detect what we think are signs of an IMSI catcher. And this is things like, did the tower request your IMSI when it shouldn't have? Or did the tower try to downgrade your connection to 2G in a way that's suspicious? Right. And other things like that. Those are the sorts of things we're looking for. Kind of really obvious signs, or not obvious, but like, you know, really high quality signs of MC catchers.
[37:34]
404 Media Host
Yeah. Like a 2G downgrade is very, very unusual for a normal tower.
[37:42]
Cooper Quinton
Yes. Yeah. Especially in the U.S. where there are no more. We've shut down our 2G networks in the U.S. right. So if you see a 2G downgrade in the the U.S. that's a pretty strong sign that something weird is going on. Right, Right. The IMSI one, unfortunately, is much harder to get. Right. Because like I've said, the cellular network is bad. It was designed by hundreds of companies, all with competing interests. Right. And it turns out that towers request your MZ fairly often for legitimate reasons. So if we just naively notified you every time your IMSI was requested, this would cause a of lot of false positives. And it did when we first started this. Right. And we've had to figure out smarter ways to determine when a request looks suspicious. So we have a few goals with this project. One is to get a better understanding of how McCatchers work in the U.S. right. One of the problems with McCatcher research is that we've never had a ground truth. Right. We've never had baseline data about how McCatchers work. And now for the first time, we have actual packet captures from actual MC catchers, like confirmed commercial McCatchers. And we can say, you know, exactly how they work. Right. On a very technical, low level.
[38:56]
404 Media Host
Right. Because you never had packets before. And I know we're kind of glossing over, but kind of to spell it out for listeners. Packets are almost like the ground truth of what is happening. I'm trying to think of a way to make it accessible at the same time. But like it's the gold dust basically of cybersecur or security research and that sort of thing. It's like you want packets, basically. It shows what's actually going on.
[39:20]
Cooper Quinton
Yeah, exactly. It's the raw stenographic court log of exactly what two computers said to each other. And this is something that I can pass to another researcher. I can have my own interpretation of it, but I can pass it to another researcher and it can have their interpretation. You know, they can confirm or disprove my interpretation. Right. But we all, we're all working from the same ground truth, and that's not something that we've had in the past. So that's huge. One of the other goals of this was to get something that people could actually use and bring with them. Right. Like this is something that's really easy for a journalist to use. It's really easy for activists to use. Right. The hardest part is, is, you know, opening a terminal on your computer to actually run the program to install it on the device. But once that's done, right. It's something, you just throw it in your pocket and go about your day and see if the line turns red. And so that's been great. And because it's so cheap, we can, you know, a lot of people can use it all over the country. This lets us get to our other goal, which is we wanted to find out whether IMSI catchers are being used for the, you know, to surveil sort of First Amendment protected activities like I was talking about earlier. Right. So we want to know if these are being used at protests or being used at mosques, you know, abortion clinics. And as we've had people carrying these around, what we've found is no evidence to support that embassy catchers are being used at protests in the U.S. we have found several instances that we think are likely to be MCC catchers, Right. In the US and also outside of the US we have found data from the Rohento project that suggests the use of an IMSI catcher in the area. But none of them were at protests.
[41:05]
404 Media Host
Right. That's very, very interesting because for years the narrative is too Strong. But one of the concerns obviously was that, well, this pretty indiscriminate technology which may or may not be deployed with or without a warrant, obviously depends on the year we're talking about. But a massive concern was that, well, you could put this protest and you get all of the imsis of the people who were at this protest and then use that for later. Completely fine theory to have. And now it's really interesting because you and others and people using this tool are going out into the world and almost like collecting scientific data, which is not supporting that that is actually going on. So that's fair to say.
[41:47]
Cooper Quinton
Yeah, yeah, that's absolutely fair to say. And I mean, that was a big impetus behind this project. I'm fairly deeply connected to the activist community around the US and you know, the sort of anarchist community around the US And I've a lot of people were very concerned about IMSI catchers being used at protests, right? And there was this, this sort of idea, right, that these must be at every protest, right? And that like, you know, maybe every cop had one. We don't even know, right. And people were really unreasonably scared of these. And as a cybersecurity person, I want people to have, have accurate threat modeling, right? People are going to take risks and I want them to take informed risks, right. I want them to know what the actual risks they're. I actually, I felt pretty strongly that cell site simulators were not being used as often as activists tended to think, but yeah, exactly. This lets us do some, you know, sort of citizen science and actually gather data from the field all over the place to, you know, show with evidence whether or not these are being used at protests. And the evidence points to that they're most likely not being used in the US at protests right now. But that could also change, right. ICE has definitely escalated their tactics, right. And I wouldn't be surprised if they just decided, you know, we don't actually need warrants for this to use this thing. Right. Who's going to stop us?
[43:13]
Advertiser/Voiceover
You?
[43:13]
Cooper Quinton
No. Right. So like that's. We want people to keep using this because we want to know if that situation does change, right. And if this is a threat that activists do need to start being worried about.
[43:25]
404 Media Host
Yeah, that makes sense. I will just say before I ask, I think probably my last couple of questions is that I have installed this myself. I can't remember the exact process, but it was incredibly painless. It was so smooth. And it kind of reminded me of the setup process of a grapheneos Phone where with graphene you plug the phone into your computer, you open a web browser and it installs. It's like magic. This was very close to that in that I installed it. I was like, oh, is that it? Like I'm detecting IMSI catches now. It was really, really smooth. So I thought it was very interesting in that respect where you took something that was so technologically obscure as you were saying, and now basically anybody can do it. If you can open the terminal and you feel like about us doing it, if you've never opened a terminal before, you're like, you get to have that fun experience. But yeah, very easy to use, for sure.
[44:17]
Cooper Quinton
Yeah, yeah, we've been. That's one of our design goals has been to make it as easy to use and as easy to install as possible. Definitely we want to get to that graphing level where you can just do it over a browser. That's something we have definitely looked into and are trying to figure out how best to do. The only thing really stopping us there is that the easiest way to install on these a lot of times is over the wireless interface, right? By actually connecting to the WI FI interface that these hotspots provide is usually the easiest way to install these. So that's not something that can work sort of the same way that graphene does, because graphene works over the USB connection that graphene is able to access. But anyway, sorry, getting way too into the weeds there.
[45:01]
404 Media Host
No, that makes complete sense. It's very interesting. Actually it is a different problem because you are manipulating, connecting to a literal WI FI hotspot and you kind of need to do that in virtue of all the devices. Yes.
[45:12]
Cooper Quinton
Yeah, but we're working on a graphical installer right now so that people no longer have to open the terminal. They can just open a normal GUI program and then click the install button and it installs. That's one of our big priorities coming up here. So yeah, we're really, really always trying to make it as easy as possible to use and you know, we're trying to minimize the number of false positives so that when people get an alert they can feel, you know, pretty confident in something. Because we don't want to be in the position of spreading even more fear about McGotchers. Like a lot of people have asked, why don't we make this an app, right? And there's a couple of reasons. Like one, one is that you can't get this sort of low level data on the phone very easily. You can really only get it from certain Phones, if you root your phone. And I don't want to be in the business telling people to root their phone because that's. That's far worse for security a lot of times. Right. Like, I think most people should be much more concerned about rooting their phone than about an IMSI catcher. Right. Like, more people should be concerned about, like, mobile forensic tools like cellebrite. Right. If you're at a protest and you get arrested, you're much more likely for your phone to interact with a cellebrite device, which is a mobile forensic device that'll vacuum up all of the data on your phone and store it for later analysis by police than you ever are to interact with an IMSI catcher. And if your phone is rooted, it's going to be so much easier for Celebrite to do all that.
[46:37]
404 Media Host
It's already easy when it's not rooted, it's. Relatively speaking.
[46:40]
Cooper Quinton
Exactly.
[46:41]
404 Media Host
You've just opened the door for them.
[46:43]
Cooper Quinton
Yeah, yeah. So that's why we haven't done it as an app, but we're trying to make it as easy as possible and we're trying to make it as reliable as possible so that people are given actually an accurate picture of what's going on. Right. I think one of the things I really liked about the Crocodile Hunter project was that we could actually physically track down cell site simulators. Right. And that's something. Still something I very much want to do. Like I was saying, the problem that we're facing is that people are sending us all this data and it's great. And I can look through the day and say, Yes, I am 90% confident that this was an IMSI catcher that you saw in downtown Chicago on this day. Right. But who was running that MCC catcher? Can we be sure there was NIMSA catcher? Why were they using it?
[47:30]
Advertiser/Voiceover
Right.
[47:30]
Cooper Quinton
We can't answer any of those questions. Right. And if you could actually physically track it down, you would, A, have proof that there was NIMSA catcher being used and B, be on your way to figuring out who was using it and possibly why. And so that's something we're trying to figure out how to do on this device as well. But that's a. It's a bit of a harder problem.
[47:51]
404 Media Host
Yeah, I bet. So I think just to wrap up beyond that sort of technical stuff where you're making these improvements to the interface and the capabilities of this tool, what are you hoping for for the future? Is it that just more people download and use this and gather data, even if I don't know they don't find anything because most people are probably not actually going to find anything. An interesting problem or I guess a scientific issue. But what are your hopes for this project going forward beyond the technical stuff?
[48:22]
Cooper Quinton
I mean, we hope you won't find anything, right?
[48:24]
404 Media Host
That's the right silver lining.
[48:26]
Cooper Quinton
But also I hope you will and I hope you'll send it to me. But yeah, our hopes for this project, I think, are one to decrease the amount of fear that people have about MC Catchers, right? And I kind of hope that this is already starting to work, right? We've put out a blog post, we've put out a report kind of talking about what we found so far and highlighting the fact that we haven't really found this at protest, right? So I'm hoping that the sorts of people like me who intended to give technical advice to protesters will kind of disseminate that information as well and say we can kind of get to a point where we're like, look, these aren't being used to spy on protesters, and that's good. But the bad news is these aren't being used to spy on protesters. And there's a lot of other technologies that we know are being used to spy on protesters, like facial recognition, like license plate readers, like tools from Penlink, like Weblog and Tangles. Right? And celebrate, right? But the good news is that all of the things that you want to do to protect against those, like putting on airplane mode, turning off location services, or just turning your phone off entirely, right? Those are also, also useful protections against nimsicatcher. So if nimsicatcher does show up and you've already protected yourself against these much more likely technologies, you get free protection from McCachers just for doing that, right? So like, I'm hoping for that information to get out there. The other thing that I hope for from this project is now that, you know, as we sort of gather a ground truth of how MC Catchers work, that companies who are higher up in this chain, right, Companies like Apple and Google, companies like Qualcomm, right, Who make a lot of the bulk of the cellular modems, right. That they can start to integrate protections against McCatchers directly into their devices. Right? And Google has already done a really great job of this, right? So on modern Pixel devices now, you can turn off your 2G modem entirely. And I think with Apple phones on lockdown mode, they will also not connect to 2G connections.
[50:30]
404 Media Host
Interesting.
[50:32]
Cooper Quinton
So this is a great first step, right? Not connecting to 2G already stops a lot of the men in the middle type attacks also sort of the worst attacks that a MC Hatcher can perform. Right. Google phones will also now let you know if your phone connects to a tower. And that tower suggests not using any encryption for the connection between the phone and the tower. Right. This is another good way to do a man in the middle attack, and it shouldn't usually happen. The reason that's there is only really for 911 calls or emergency service calls where like if you have a phone that's not a part of that network, you should still be able to connect to the nearest tower and make a 911 call. That's the, the most important thing. Right. And so they need the. And you need to not have encryption for that because that network doesn't have any key material to set up an encrypted connection. But if you're not making a 911 call and a tower says, hey, let's not use encryption, right, That's a pretty big red flag. So Google is now alerting people on that on the latest Pixel phones. Right. And I would like to see Apple catch up with that. I would actually like to see. And there's, there's been some movement on Qualcomm to allow OEMs to sort of build these protections in. Like Qualcomm will raise a. The Qualcomm chip will raise a flag to the phone when something weird happens, but nobody's really implementing this yet. To put that in a simpler way, Qualcomm chips have some really neat anti IMSI catcher protections that they started building in a while back, but unfortunately none of the phone manufacturers are using those. So I'm hoping that as this project gets some success, right. And we can say here are the actual attacks that we know are happening in the wild, right? And here's the evidence. Here are the packet captures that people from these companies will start to build in protections on the phone because that's where it's actually needed. Right. Hunter can't protect you from an McCatcher. It can just let you know that one was maybe there. Right. But your phone should be the one actually protecting you from an IMSI catcher.
[52:27]
404 Media Host
Yeah, that totally makes sense. Or of course, telecommunications networks actually fixing themselves or that's not going to happen.
[52:33]
Cooper Quinton
The phone company should be the ones protecting you from this. And they could actually detect these really easily because they have the picture of the entire network landscape. But they are not.
[52:43]
404 Media Host
No, that's not going to happen. Well, Cooper, thank you so much for joining us. On the show this week. I thought that was a fascinating conversation. Thank you so much. I really, really appreciate it.
[52:54]
Cooper Quinton
Yeah, thank you. Super happy to be here. Big fan of 404 Media and all you guys and all the work you've done in the past as well. And yeah, it's an honor to be on the podcast.
[53:03]
404 Media Host
Of course. Thank you so much. As a reminder, 404 Media is journalist founded and supported by subscribers. If you do wish to subscribe to 404 Media and directly support our work, please go to 404 Media co. You'll get unlimited access to our articles and an ad free version of this podcast. You'll get to listen to the subscribers only section where we talk about a bonus story each week. This podcast is made in partnership with Kaleidoscope and Alyssa Midcalf. Another way to support us is by leaving a five star rating and review for the podcast. That stuff really does help us out. This has been 404 Media. We'll see you again next time. Lifelock how can I help?
[54:06]
Cooper Quinton
The IRS said I filed my return, but I haven't.
[54:08]
Advertiser/Voiceover
One in four tax paying Americans has
[54:10]
Cooper Quinton
paid the price of identity fraud.
[54:12]
404 Media Host
What do I do?
[54:13]
Cooper Quinton
My refund though. I'm freaking out. Don't worry, I can fix this. Lifelock fix is identity theft guaranteed and gets your money back with up to $3 million in coverage. I'm so relieved.
[54:22]
Advertiser/Voiceover
No problem.
[54:23]
404 Media Host
I'll be with you every step of the way.
[54:25]
Cooper Quinton
One in four was a fraud paying American.
[54:27]
Advertiser/Voiceover
Not anymore.
[54:28]
Cooper Quinton
Save up to 40% your first year. Visit lifelock.com podcast terms applied.