ICE is using fake cell towers to spy on people's phones

I think GP is talking about a scenario where Microsoft would serve either malicious source tree or binaries to just one user, not all of them. that would be fairly hard to detect. but in such scenarios we'd also have to start asking questions about the state of the entire CA ecosystem.

I don't know why you'd trust a checksum structure your adversary has complete control over.

That Merkle tree prevents the naive case where the adversary tries to serve a version of a repo, to a client who already has an older version, differing in a part the client already has. (The part the client has local checksums for). They shouldn't do that. The git client tells the server what commits it doesn't have, so this is simple to check.

Code signing could be a safeguard if people did it, but here they don't so it's moot. I found no mention of a signing key in this repo's docs.

The checksum tree could be a useful audit if there were a transparency log somewhere that git tools automatically checked against, but there isn't so it's moot. We put full trust in Microsoft's versions.

Lots of things could be helpful, but here and now in front of us is a source tree fully in Microsoft's control, with no visible safeguards against Microsoft doing something evil to it. Just like countless others. It's the default state of trust today.

> Also: code signing is / can become a thing.

To that end, I started a project last month so that code signing can be done in multiple geographical locations at once: https://github.com/soatok/freeon

Technically a Merkle DAG

GP was probably referring to the binary releases on the GitHub repo.

This shame feels like something that would get one extraordinarily renditioned to some black site where nobody would ever know about the shame

ThatsThePoint.jpg

The article I'm replying to is the parent comment's "Exclusive: Evidence of cell phone surveillance detected at anti-ICE protest"; not the HN OP.

IMSI catchers aren't observing things in plain sight; they're invasive searches that the Fourth Amendment prohibits outside of narrowly-defined circumstances.

The First Amendment precludes protected political speech from being used as a basis for such a search.

The Fourth Amendment further prohibits dragnet searches of indefinite groups of people, such as a protest, because it requires a warrant to "particularly describe" the "persons or things to be seized". (The "Particularity Clause").

I fully agree with your comment in the different case, which is not this case, where government merely passively observes things happening in a public space. IMSI catchers are different; one way being, in that a Stingray *actively interacts with* a device, without authorization, by sending it corrupted packets. (So I understand). A second way being that it violates general social expectations of what's in "public" and what's in "private"; by analogy, if police used laser microphones to listen in on faraway conversations; or in public crowds, used terahertz radiation to look under people's clothes; those are non-public searches, any pedantic interpretations of physics notwithstanding.

Courts have repeatedly held that the government cannot chill lawful protest activity by imposing undue surveillance or intimidation. Sure, there is no explicit “right to anonymity,” but the Supreme Court has recognized in cases like NAACP v. Alabama (1958) that forced disclosure of membership lists can violate First Amendment rights, because it deters participation and chills association.

Of course, the Fourth Amendment also has clauses against “unreasonable searches and seizures.” I'm not a constitutional lawyer, but it's easy to see, from modern cases like Carpenter v. United States (2018) (which limited warrantless cellphone location tracking) why this could be perceived poorly.

But the Constitution tries to ensure that risk doesn’t come from government retaliation against lawful expression. I would ask why you're so keen to allow it.

> What part of the constitution guarantees me the right to be anonymous while I protest?

The fourth amendment: unreasonable searches and seizures. This is an unreasonable search.

Also, protests aren't civil disobedience. Civil disobedience is civil disobedience. Protests are explicitly protected by the first amendment and you can protest all day long.

Start at the Fourth Amendment. (I guess the First would be more appropriate place to start, but the Fourth is quite pertinent.)

Also,

> [...] if you disagree with me and think the government is fascist and thus can't be trusted not to throw you in prison just for saying things they don't like

this is happening:

https://www.msn.com/en-us/crime/general/tourist-refused-entr...

edited for phrasing / completeness

Whether an action has gotten a legal thumbs-up or not is of little relevance here.

I'd like to leave the question of why that's true as an exercise for the reader, but your comment makes it sound as if you have trouble with this concept, so let's be explicit - a state operating autocratically can, and often will, rubberstamp whatever it decides it wants to do.

Had a quick look for the numbers from FISA to give you an example of this. https://www.motherjones.com/criminal-justice/2013/06/fisa-co... says that they denied 11 requests for surveillance warrants out of 33,900 requests over 33 years of operation.

That's a pass rate of 99.07%!

So allow me to say - a warrant wouldn't have changed anything, they give them out like nothing.

In the article though, it does say: "ICE did not respond to requests for comment from SAN. It is not clear whether ICE or any other law enforcement agency obtained a warrant to use an IMSI catcher — commonly referred to as a “Stingray” — to conduct surveillance."

It'd be flatly unconstitutional to approve a dragnet warrant targeting a protest.

When you treat with someone you know to be a compulsive liar, the onus of proof is on them.

If this government has not proven that they had one, you'd be mad to trust that they did.

There are no consequences to it for lying, or for not following the law, or not acting in good faith. It has a well-documented history of doing all three, and is headed by a convicted criminal.

A warrant for several thousand people at a spontaneous event ?

Can we stop sanewashing these people?

They clearly don't care for legality, constitutionality, anything positive or good.

> I mean, our president is a criminal himself. Repeatedly violating the law and the constitution while in office

Allegedly. No convictions have come from any of the accusations as POTUS.

It's funny to me how Build That Wall was such a key part of Trump 45 but is a giant nothing burger for Trump 47. How could it be that it is so much less important just 4 years later, oh, right, never mind

They don't, which is why racial profiling is back on the menu.

Citizens on the streets don't need to show their papers to ICE, but that's been worked around by yesterday's SCOTUS. Being brown at Home Depot is now sufficient cause to get arrested by ICE.

The time to be concerned was 10-15yr ago when these tactics were being normalized (if you take issue with the means) and the policies that teed up the current immigration showdown were being figured out (if you take issue with the end).

The left was a Cassandra the whole time -- it's been nothing but warnings from the left. The Democrats (note: the Dems are not a left party) refused to listen, assuring everyone it was fine, that we just needed to return to norms and decorum. If we just elected the most proper guy, if we just went a little more rightwards in our policies, all this would be fine.

Meanwhile, the left out there pointing at Obama's extrajudicial killings, Bush's whole post 9/11 fiasco, Clinton's "Superpredators" nonsense, etc. etc. and making tons of noise about how this was all going to end.

Turns out, the left was right, the Dems were wrong. But the Dems are still fighting to try and shut down the left. Look at how hard the Dem establishment hates Mamdani.

They aren't absolved, but it's pretty normal to put more blame and attention on willful criminals as opposed to neglectful bystanders.

Absolutely, we older types used to argue with the term, "slippery slope". ICE is a classic slippery slope that will most likely be used, eventually, against all of us if the current administration isn't stopped breaking the law.

Isn't it obvious? How many people has ICE killed extra judicially?

I agree with you about cell phone data being sucked up when exercising your rights. I love the EFF: https://ssd.eff.org/module/attending-protest

This particular article was about using Stringray with a warrant. I'm sure that the government is abusing Stingray but it'd be nice to have evidence first.

My mistake - wrong article !

https://san.com/cc/exclusive-evidence-of-cell-phone-surveill...

To LTE? Doesn't work there either.

There are IMSI catchers - but they all require GSM. At least on Google Pixels you can turn off 2G with a switch. The phone even shows a message about its insecurity.

In Germany I'm running 100% on LTE/5GNR-only for many months now without having a single coverage gap.

I could've been more clear :) don't think I could engage in prevention without violating some FCC laws. But in general, yes - prevention > detection > awareness > ignorance.

that's what i would do, just leave the phone at home. Bring a camcorder and post your social media engagement dopamine hit when you get back home. No need for constant connectivity, people protested pretty effectively in the 60s before cell service even existed.

My phone has hardware kill switches, so I can be sure the modem is off when I need it.

No phone actually stands out a lot in real life surveillance systems and will very quickly get you a bunch of additional attention because it’s so unusual.

Not usually that I’m aware of as a single data point in any system but if there are other reasons to thing you’re trying to act surreptitiously you are going to be very close to the top of the list of people of interest.

There’s a lot to be said in 2025 for appearing uninteresting to anyone who might be watching.