"Stingray" Entry in iPhone logs.

Discussion in 'iPhone Tips, Help and Troubleshooting' started by swampmac, Jun 7, 2015.

  1. swampmac macrumors newbie

    swampmac

    Joined:
    Jun 6, 2015
    Location:
    USA
    #1
    I posted previously about finding a strange log entry from my iPhone6 in my backups folder on a PC. I have since decided to look closer at these logs,, due to issues Ive been having recently with my phone and my MacBook Pro (that's a whole separate post..) but I have found a log that was very unsettling as it mentions the "stingray" in one of the strings,
    I do know that stingray is a tool which is used to track and eavesdrop on cellular devices.. I don't know what to make of this but figured I should post it in hopes someone can tell me this is just a coincidence.. or not--- here's the output from the file:
    --------------------------------------------------------------------------------------------------------
    May 27 23:36:00 default-users-iPhone accountsd[230] <Debug>: PCSIdentityCollectionSetup: <CFBasicHash 0x15ce78fb0

    [0x195d4df50]>{type = mutable dict, count = 6,
    entries =>
    0 : <CFString 0x1988dc2d0 [0x195d4df50]>

    {contents = "kPCSSetupAuthToken"} = <CFString 0x1988dc850 [0x195d4df50]>{contents = "<<VALUE>>"}
    1 :

    <CFString 0x1988dc290 [0x195d4df50]>{contents = "kPCSSetupPassword"} = <CFString 0x1988dc850 [0x195d4df50]>{contents

    = "<<VALUE>>"}
    2 : <CFString 0x1988dc230 [0x195d4df50]>{contents = "kPCSSetupUsername"} = <CFString

    0x15cebd650 [0x195d4df50]>{contents = "-----"}
    3 : <CFString 0x1988dc330 [0x195d4df50]>

    {contents = "kPCSSetupiCloudEnvironment"} = <CFString 0x15cec16f0 [0x195d4df50]>{contents = "PROD"}
    4 :

    <CFString 0x1988dc2f0 [0x195d4df50]>{contents = "kPCSSetupEscrowURL"} = <CFString 0x15cec0bd0 [0x195d4df50]>

    {contents = "https://p09-escrowproxy.icloud.com:443"}
    6 : <CFString 0x1988dc310 [0x195d4df50]>{contents =

    "kPCSSetupDSID"} = <CFString 0x1988dc850 [0x195d4df50]>{contents = "<<VALUE>>"}
    }
    May 27 23:36:00 default-users-

    iPhone accountsd[230] <Debug>: __PCSAccountHasStingrayIdentities
    May 27 23:36:01 default-users-iPhone accountsd[230]

    <Error>: PCSHasStingrayIdentities: YES
    May 27 23:36:03 default-users-iPhone accountsd[230] <Error>:

    PCSCopyStingrayIdentity: <CFData 0x15d022a00 [0x195d4df50]>{length = 1776, capacity = 1776, bytes =

    0x628206ec308206e80c126d6f62726f34 ... 5b44df63fab331b2} (error: (null))
    May 27 23:36:03 default-users-iPhone

    accountsd[230] <Debug>: PCSIdentityCollectionSetup: done <PCSIdentity@0x15cd7e8c0 name: mb4sho pubkey:

    NRYZtUX3y6pLEWrSBhNpFgaQv9+PyEUeGPlrT/4ofz0= service: 1 <haveDupKey> BAT: old-identity
     
  2. Killchain macrumors member

    Killchain

    Joined:
    Jan 15, 2013
    Location:
    Albuquerque,NM
  3. Applejuiced, Jun 14, 2015
    Last edited: Jun 14, 2015

    Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
    #3
    Either you or someone close by.
    It functions as a fake cell tower so multiple clients might connect to it not only the person they are monitoring.

    Stingrays Collect Data on Hundreds of Innocent People
    And when police use a Stingray, it’s not just the suspects’ phone information the device sucks up, but all the innocent people around such suspect as well. Some devices have a range of “several kilometers,” meaning potentially thousands of people could have their privacy violated despite not being suspected of any crime. This is another fact the government didn’t fully explain to the magistrate judge in Rigmaiden.

    The government now claims it protected privacy by deleting all third-party data on its own after it collected it. But the government’s unilateral decision to binge and purge comes with its own consequences. Now there’s no way to know what exactly the government obtained when it used the device.
     
  4. swampmac thread starter macrumors newbie

    swampmac

    Joined:
    Jun 6, 2015
    Location:
    USA
    #4
    Okay, I'm not feeling any better about this.. Thanks!! :eek:
    I found some info 2 days ago that led me to think the logs contents are likely just associated with the Microsoft scripting library called "SFL" which is "StingRay Foundation Library"
    I haven't confirmed it yet though..
    Im having the logs and other files checked out by an acquaintance in the Info Security Industry..
    As there are numerous other "issues" Ive experienced lately on my iPhone and my MBP
    running OSX Mavericks..
    we shall see what the experts concluded soon.
     
  5. Applejuiced macrumors Westmere

    Applejuiced

    Joined:
    Apr 16, 2008
    Location:
    At the iPhone hacks section.
  6. _darkparty macrumors newbie

    _darkparty

    Joined:
    Oct 17, 2016
    #6

    Hey man, what ever happened with this? I found "Stingray iCDP status is armed" in the log files on my laptop. I saw this thread and now I'M freaking out. Did you ever find out what it was? In my case it's probably my girlfriend
     

Share This Page