What we need is first a way to detect these vehicles. However, that’s not enough. We should detect them and then built a publicly available list of all known uses. Its time we get them on a list.
There is no good use for this but repression. If they need to track someone, there are warrants. Cell companies are very willing to comply.
This is crazy and scary. I had no idea a system like that existed.
VPN at all times
Forgive my ignorance, but isn’t preventing this type of man in the middle attack exactly what VPNs are for?
That’s not how a VPN works. A VPN masks the information you are actually accessing by showing you query the VPN instead. To make a connection to a service you still need an address. This info is what they are using to identify your device.
Most traffic is already encrypted (httpS) so someone spying on you wouldn’t know the content of your communication only who you contact. But without a VPN a man in the Middle could see who you are contacting. E.g. looking up pornhub. With the VPN it only shows you looking up the VPN.
The lower layers all already at least moderately well encrypted, what they’re doing here is trying to pull the unencrypted device ID necessary to establish a connection. It’s not really what you’re sending (though traffic frequency analysis may be included) and more about just figuring out where a particular phone is so they can physically track the user.
This is the one of the few real things that make VPNs a security tool - security from thugs using a MITM attack on your phone. This is also a reason to avoid SMS messaging and port your number to a VoIP service instead of a direct cellular number, as VoIP traffic would be routed over the encrypted VPN tunnel with everything else instead of through the traditional cell network which is vulnerable to these attacks.
If government agents want to know what you’re saying and doing without your consent, you should leave them no choice but to get a warrant and do some actual work.