Rigmaiden maintains that in order for the stingray to be able to collect location data from his air card, Verizon Wireless had to write data to the air card consisting of identifying information for the FBIs emulated cell sites as well as make configuration changes that would cause the air card to recognize the FBIs emulated cell tower as an authorized tower for providing service and cause the air card to attempt connections to the emulated tower prior to attempting connections with actual Verizon Wireless towers.
Verizon's cooperation would not be required in this instance. So long as the "stingray" is broadcasting the appropriate SID any nearby Verizon Wireless device is going to prefer it over more distant cell sites with weaker signal.
The FBI technical agents needed Verizon Wireless to write data to the aircard in this manner because the aircards properly configured Preferred Roaming List prevented it from accessing rogue, unauthorized cell sites
Not if the "unauthorized" cell site is masquerading as a legitimate one. The PRL doesn't list towers, it lists system/network IDs, and priority frequencies to scan for service when the phone is cold booted. The "stingray" likely behaves just as a femtocell does, broadcasting on the exact same frequencies as the macro cellular network. No PRL modification would be necessary. Hell, a system that depended on PRL modifications would be useless for 3G devices, since the user controlled (via *228) when they would pull such an update, and most aren't proactive enough to bother.