Why can't the FBI just trace every phone inside the capitol building during the coup attempt

They distributed a Docker image (a small, self-contained package that can safely run a program inside its own isolated environment) for everyone in their group to run. Each instance works on a different section of the site, so both the bandwidth and storage are distributed. If their group has 100 people, each one only needs to download and store a half terabyte. Peanuts. Though you’re probably right that they’ll merge it onto the cloud somewhere. Amazon themselves offers their “Glacier” cold storage service for $1/TB-mo.

YouTube really isn’t the right comparison, because YouTube’s content is video, while Parler’s content is text. Typical postings on YouTube will be literally about a million times larger than typical postings on Parler.

But yeah, the number looks reasonable for the entire history of the site.

Parler stores text, photos, and videos. I’m sure the text portion is a tiny portion of that, of course. I’m not sure whether photos or videos dominate the rest (videos tend to be bigger, but there are likely fewer of them).

Points to ponder:

the capitol I hope has a modern enterprise-level WiFi system. This means every device with wifi enabled would ping the system to try to get authenticated. Worse yet, if they have an unlocked “visitor” wifi, then they would have connected. Either way, it’s likely the MAC address of the wifi interface for the phone would have been used, and presumably logged. This is unique and l assume part of the cellphone purchase details.

Similarly, if there was an internal cell inside the capitol, it would have been logging the IMEI number which is also unique and identifiable.

As people marched toward the Capitol, their phones would have been seen moving from tower to tower.

So we’ll take it as a given that the phones of many / most / all participants are known to police. The problem is what to do about 10,000 pieces of data. The first step is of course to eliminate the ones legitimately there. Bonus points if they can pinpoint who was inside the building.

(Although I have seen claims that some people getting in after the initial rush were saying They thought the doors had been thrown opened and they were legitimately allowed to enter.)

I have turned on maps to see my phone location down the street or across the street and then within 10 or 20 seconds it moves to pretty much my correct location.

Digital photos typically are internally tagged with identifying “Exif” info - the camera details, exposure details, GPS data unless turned off, date, time, etc. - unless someone specifically edits them to remove this.

Apparently some instigators are now advising their followers to destroy their phones so that they can’t be traced. This is convenient since it adds obstruction of justice to possible charges. Destroying evidence you should know is needed for an investigation is a felony. And it does not eliminate the phone company’s data trail up until then, or all those media posts. Deleting media posts may not eliminate them immediately from backups or social media archives.

There’s allegations that some rioters got reconnaissance tours - despite all tours being closed since March due to Covid, at least one congresscritter was showing around a bunch of her “constituents” the day before. Who that was on tour, too, should be provable with phone data if it was being logged.

There was also a post online about some participants, in the same clothes, discussing things the night before or the morning of. If the FBI has not requested lobby camera footage from all the surrounding hotels they would be sleeping on the job; this would help identify clothing, plus perhaps better views of people before they put on masks. Nowadays, a lot of fancy footwear is unique and distinguishable too.

(My wife worked in a retail chain that was being hit by a series of blatant thefts - she mentioned that although the perps changed clothes and covered their faces, they wore the same fancy sneakers in every theft.)

Again - phone data is not proof, it’s corroborating evidence to be added to the mix. I’ve seen news reports about several riots in past years similar to this (but smaller in scope) and the police there mentioned they had a computer system where they could feed in reams of video, and the computer would identify people by clothing types. You could isolate an individual to track their movements from place to place, from one video to the next, to basically get a timeline of their movements. i would imagine for whoever wrote this software, adding cellular data to the mix would be simple.

These guys were rank amateurs. I was in London on 2000 and after a riot from Parliament to Trafalgar Square, where a number of businesses were trashed, we were in the tube (subway) and a number of rowdy 20-somethings were busy changing hats, jackets, etc. so the stations’ video surveillance would not identify them when they got off the train. Twenty years ago these guys knew enough to do this. I only regret that this riot will be a learning experience for the more devious in the hard-of-thinking crowd.

IOS 14 and Android 10 and 11 randomize the MAC address, so this type of identification won’t work. IOS 14 should be on almost all iPhones going back to the first generation SE and the 6s, but Android 10 and 11 probably only account for about 40% of Android phones. There are ways to identify and track phones despite the randomization, but much of it depends on having the phone active and in the area—it can’t be done just looking at logs.

If the phone joined the guest wifi, it will save the randomized MAC addressed it used, so a look at the phone will show if it had one of the recorded MAC addresses.

MAC address randomization is designed to protect against an adversary with the resources of Walmart. Plenty of money to install MAC or bluetooth trackers, but without the power to compel cooperation from mobile providers, Google, or Apple. The federal government is a whole different level of adversary. They can track phones through lots of methods, just possibly not this one.

Either way, it is very poor OpSec to engage in illegal activity while carrying a personal tracking device.

@md-2000: great summary. As to this:

One might expect the crowd to be 10,000 yahoos and 100 semi-professionals with some clue. Folks clue-ful enough to arrange for a reconnaissance tour may well have been smart enough to have different clothing & leave their phones tracking devices at home.

At least nowadays the CCTV in the subway cars would mostly defeat that.

Folks, especially hard RW folks, have spent 20 years imbibing the kool-aid that “the government is totally incompetent.” They might be surprised at just how big & capable this particular fully awakened & mightily pissed off Kraken is.

Bad tradecraft strikes again. Kids! Whaddayagonnado?

I assume the capitol has security cameras so not having your phone is a pretty useless tactic if you were properly signed in with ID and captured on video wherever you went.

(I sure hope the capitol has security cameras)

Heck, if they were competent, they’d have been wearing masks. Especially since, right this moment, mask-wearing happens to be quite common.

The vast majority of them weren’t wearing masks. The implication is left as an exercise for the reader.

I recall that in some primitive societies folks believe that prayers, or a blessed ceremonial amulet, or some such will protect them from enemy spears, swords, and even bullets.

Apparently these folks think their MAGA hats (even if only worn virtually that day) protect them from not only COVID, but from detection by CCTV and the FBI.

Works for me. Who knew there really was such a crime as “criminal stupidity”?


I’m going to remind people of the subject of this thread. It is not to criticize the perpetrators of the insurrection or other issues. There are other threads for that. To reiterate my previous instructions:

Going forward, please confine your posts to the technical aspects of tracing phones. This thread is not about assigning criminal culpability, the psychology of mobs, or political issues. Limit your responses to factual information directly related to the OP.

General Questions Moderator