Since June of 2011, visitors to this page have come from:

free counters

Followers

10 June 2014

BAD IDEA OF THE WEEK: Phone tapping

Law enforcement agencies in six countries have direct access to Vodafone's network, allowing them to monitor phone calls and messages without the carrier's knowledge, the company said Friday. The British telecom firm said it couldn't name the countries for legal reasons, and for fear of retaliation against its business and staff. A year after Edward Snowden first leaked details about the U.S. National Security Agency's far-reaching surveillance programs, Vodafone's revelations are likely to fuel concern about the growing use of mobile networks and the Internet by governments to snoop on citizens. In most countries, a warrant would be required for Vodafone to provide information or access to its data. But in a small number of countries, local law dictates that certain authorities must have "direct access to an operator's network, bypassing any form of operational control over lawful interception on the part of the operator." Direct access is established via permanent secret wires into the company's data network. That gives state authorities the ability to listen into and record private conversations without a warrant, and without Vodafone's knowledge. The company said it believed the practice should end. They're right. Governments should amend legislation which enables agencies and authorities to access an operator's communications infrastructure without the knowledge and direct control of the operator, and take steps to discourage agencies and authorities from seeking direct access to an operator's communications infrastructure without a lawful mandate. This is most needed in the US, where even if you power off your cell phone, the government can turn it back on. That's what ex-spy Edward Snowden revealed in last week's interview with NBC's Brian Williams. It sounds like sorcery. Can someone truly bring your phone back to life without touching it? No. But government spies can get your phone to play dead. It's a crafty hack. You press the button. The device buzzes. You see the usual power-off animation. The screen goes black. But it'll secretly stay on - microphone listening and camera recording. So how did they get into your phone in the first place? Here's how: government spies set up their own miniature cell network tower. Your phone automatically connects to it. Now, that tower's radio waves send a command to your phone's antennae: the baseband chip. That tells your phone to fake any shutdown and stay on. A smart hack won't keep your phone running at 100%, though. Spies could keep your phone on standby and just use the microphone - or send pings announcing your location. John Pirc, who did cybersecurity research at the CIA, said these methods - and others, like physically bugging devices - let the US hijack and reawaken terrorists' phones. The only way you can tell is if your phone feels warm when it's turned off. That means the baseband processor is still running. This isn't easy to accomplish, but if you are really concerned about the government's ability to reawaken your phone, here are some things you could do:
  • Put your phone on what's known as recovery or Device Firmware Upgrade (DFU) mode. This bypasses the phone's operating system. It's fairly easy (albeit cumbersome) for iPhone users. Plug it into a computer with iTunes open. Hold down the Power and Home buttons for 10 seconds (no less) then let go of the Power button. Wait for an iTunes pop-up. That's it. But if you have an Android, click here.
  • Use a signal-blocking phone case. You can buy them from Off Pocket or HideCell, or even make your own - assuming you have the patience to do so.
  • Pull out the battery. Without a power source, the phone can't come back on. This is the best, most surefire option. It's also, annoyingly, no longer a choice on most top-of-the-line smartphones. The iPhone, HTC One, and Nokia Lumia don't have removable batteries. Luckily, the Samsung Galaxy and LG G3 still do. Silent Circle, a company that enables top-end private communication, kept these issues in mind when it co-created the Blackphone. It has a removable battery. It uses PrivatOS, a stripped-down version of Android that reduces tracking. And because spoofed cell towers can target its antennae too, Blackphone's makers are working with chipmaker Nvidia to develop their own custom, more secure baseband chip.

Or, you could always just wrap your phone in tinfoil when it's not being used.

No comments:

Post a Comment