EFForg
Telemetry
Are you open to a discussion around supporting a community effort to have centralized collection and reporting capabilities to create a citizen-run network of detectors?
I had this same question when reading the blog post! There's a desire to gather this info and learn -- but where do we collect it? :)
I think I can get the ball rolling on this, would like to see some more interest first before getting started.
It'd be great to have something like https://pwnagotchi.ai/map/ for this. I've just finished setting up an orbic device with rayhunter and want to figure out how to contribute to a dataset!
It'd be great to have something like https://pwnagotchi.ai/map/ for this. I've just finished setting up an orbic device with rayhunter and want to figure out how to contribute to a dataset!
I'm working on something, stay tuned. Anyone have any ideas for a cool name?
It'd be great to have something like https://pwnagotchi.ai/map/ for this. I've just finished setting up an orbic device with rayhunter and want to figure out how to contribute to a dataset!
I'm working on something, stay tuned. Anyone have any ideas for a cool name?
RayHive
hey folks, thanks for all the interest in this! it's genuinely great to see so much enthusiasm for furthering this research.
while we do think that collecting CSS-positive recordings is a desired and useful outcome of the project, EFF as an organization is fiercely protective of people's privacy, and we have to be very careful with how we approach something like this. as it stands, we aren't planning on hosting some kind of central server which collects people's recordings.
it's possible that in the future we design a sufficiently privacy-preserving way of submitting people's recordings to some community-run service, but i don't think this idea is ready for active development.
for now, if you find a noteworthy recording, please feel free to send it to us at [email protected]!
I don't really see why this can't be implemented. The destination for the events is user configurable, as-in, you get to choose where this stuff would actually end up going to. It's not really any different than having an option for a logging host.
this feature can't be implemented yet because it hasn't been designed yet.
a telemetry system that simply logs when the few heuristics we currently support trigger isn't particularly useful for us, since researchers will need the raw recordings to give those heuristics context to develop new & better ones. but the raw recordings contain plenty of possible identifiable information -- most obviously, IMSIs and unique cell IDs which could allow someone to geolocate the user. as such, we need to be very careful with handling this data, and by extension so does any telemetry system we'd want for the project.
but as i said, we haven't started designing such a system yet, so going ahead with some sort of remote logging server feels premature to me.
@wgreenberg Makes sense to me. When this issue was opened, there wasn't a mention of where to email the data. That's in the readme now. I'll open a separate issue with a suggestion of reminding folks to use PGP encryption when sending data.
I propose closing this as #wontfix
this feature can't be implemented yet because it hasn't been designed yet.
a telemetry system that simply logs when the few heuristics we currently support trigger isn't particularly useful for us, since researchers will need the raw recordings to give those heuristics context to develop new & better ones. but the raw recordings contain plenty of possible identifiable information -- most obviously, IMSIs and unique cell IDs which could allow someone to geolocate the user. as such, we need to be very careful with handling this data, and by extension so does any telemetry system we'd want for the project.
but as i said, we haven't started designing such a system yet, so going ahead with some sort of remote logging server feels premature to me.
I get what you're saying but those sound like implementation details that we could work out in this PR or evolve over time.
Just an idea about sending the data... I know is is quite a lot a work to implement this, but ideally, we could have an Android app, that will connect to Rayhunter device and receive all the data to your phone. Then you will have an option to encrypt and upload all the data with one click.
Because in reality... it is very likely that not all users will be willing to connect to the device, download data, encrypt and send them to e-mail. It is too much steps. Automatic, or one click at most would be much better option I think.
Perhaps an incremental step could be a script to sanitize sensitive data from dumps, and a web portal where captures can be submitted? Automatic log submission, an endpoint, etc. could be implemented further on.
Generally, we at EFF are very wary about collecting any user data. If we are going to go down this road we want to be very careful about what we collect and how we sanitize that data. I never want EFF to be the one that gives up a bunch of user data in a data breach.
That said I do want to make it easy for people to submit logs to us. And as @wgreenberg said we are really only interested in the qmdl files (and maybe pcaps). The other data that you collect here is not at all necessary for our purposes. I do think an app might be the way to go for this but I don't want to develop an app myself and wouldn't want it to live in this repository. I think for my purposes I want rayhunter to expose an API that can then be used by multiple apps, including a mobile app or a native UI like you wrote @mfreeman451. Then if you wanted to have your particular app report telemetry I have no problem with that, and it can use the API to get that data.
So the real prerequisite for any of this is for us to develop an API for rayhunter.
I think the UI should be a separate repo since as should any app but I would happily link to it from the README! This makes me realize that I need to make an issue for the API though.
to generalize this, it would be great if there is an option to upload/stream the results to a remote server, either a file server or a specific protocol (like the one for remote pcap streaming) This way users can have an option to perhaps join effort into centralized location where everyone can collaborate or upload data to their private server. Additionally there can be two levels, one is to upload the pcap/data and second is webhook only without any data, second option can be used to preserve the privacy but provide an alert that something is going on at a specific location/cell and at the same time can be used with IFTT or other automation frameworks to send out alerts to target devices such as phones etc... I believe it may be good to have an option if users want to participate or send the data to private server for further analysis. In this case the privacy factor is still respected as it's up to user to decide if data is send and even then users can do both as I for example specifically purchased a sim not associated with my identity but to be able to track the use of IMSI catchers for further research
