Silently, but with increasing frequency, government agencies
and private individuals around the world are bugging cellular phones.
Some of those phones are surreptitiously transmitting copies of their SMS,
emails, call histories, and locations to Websites where the data may be viewed
by those who have installed the clandestine software.
Most cellular subscribers don't have to worry about this
happening to them, at least not yet. But anyone -- suspected criminals,
spies, corporate executives, spouses, and even ex-lovers -- could be targeted. Thanks to software you can purchase over the Web, you don't have to be a secret
agent to listen to cellular conversations or retrieve data transmissions.
Recently, a Swedish man was found guilty of hiding
a cellular phone behind the headboard of his ex-girlfriend’s bed and
remotely turning on the phone to listen to conversations. A YouTube
video demonstrates software capable of automatically turning a phone into a recording
device.
Although listening to voice conversations certainly has an
old-fashioned allure, snooping on data transmissions is so much more
contemporary. For the latest in cellular spyware, check out FlexiSPY. The software comes in four versions
with varying degrees of sophistication and compatibility with Symbian, Windows
Mobile, and BlackBerry handsets.
Unfortunately, the software can't be installed remotely, so
you'll need to have the phone to download the software. But don't
despair; after FlexiSPY is downloaded, it's hidden so the phone's owner isn't
likely to suspect any foul play. Once installed, it can be controlled
remotely via SMS transmitted to the handset.
The most full-featured version, PRO-X, enables users to view
SMS text, email, the phone's location, and call logs, including the name of the
person calling if it's in the phone's address book. The software also can
be used to listen to calls. All this value doesn't come cheap; it's €250 (US$387) for a one-year license. But that fee also buys you a secure Website to which the
phone's data is sent.
FlexiSPY isn't the only bugging software available. Mobile Spy enables you to record SMS
(including the sender's and receiver's number), the URLs of Websites accessed
from the phone, and voice call logs, including the phone number called and the
call's length. It's $99.97 for a one-year license. Mobile Spy also
includes a Website for viewing the phone's transmitted data.
Tim Wilcox, a private investigator in Indiana, wrote in 2006, "Two-thirds of all eavesdropping devices found these days are cell phone
bugs." If you think your phone might be bugged, check out these tips
from privacy expert Lauren Weinstein, or view his video.
"But who would bug my phone?" you might ask naively.
How about: the company you work for, a business competitor, a jealous
spouse or friend, a nosy family member, or almost any government
agency in the U.S. or abroad.
Anyone who can purchase the software, and is alone with your phone for a few
minutes, can bug you. With half of the world's population already
using cellphones, I suspect it's a tempting opportunity for many people.
I'm not an expert in European computer security. Europeans are more expert about cellular phones and Bluetooth than Americans. However, when it comes to computers, Americans are rather heavy users compared to, I think, most other countries where the phone, not the computer, is often the wireless Internet device of choice.
I think the development of computer security probably is better than in Europe. We've got many more experts. But it's not a hard and fast rule. You might have read about the denial of service attacks in Estonia and what occurred. The Estonians seem to be rather Internet savvy.
Overall, though, American computer security competence is rather good. If you get into the concept of protecting individual liberties, that's another subject.
Yes, those guys do some pretty wild stuff. One of the guys, I think it's Larry, has an RFID chip implanted in his arm and invites anyone to hack it.
I agree that a lot of people aren't aware of the vulnerabilities and exploits that are out there for the devices they carry every day. I'd bet that a lot of them also figure that they aren't anyone important, so they're not a target.
I wonder how many of the 'linksys' wifi's we'll see if the internet providers start charging for bandwidth used, as was discussed in another post?
The sad thing on those wifi ids is that they are so easy to change. Change it to something boring that doesn't give away your location or the fact that you are the owner. Or if your router allows it, turn off the id option altogether.
I wrote in a comment to this article, I think, that I am amused how I can see so many Bluetooth-enabled phones when I'm wandering around -- that users don't have a clue about securing.
I think it's insane not to use a headset or some hands-free device while driving. Using a phone while driving is a distraction regardless, but holding it to your ear with one hand on the wheel is even worse.
A previous commenter -- Geekess -- wrote about Bluetooth jacking via headsets. Perhaps the time is ripe for the San Francisco Chronicle and others to write about this.
Americans are some of the least knowledgeable Bluetooth users -- especially compared to Europeans and others overseas who have been using Bluetooth for years to send contact information, download apps and tether as a modem to a computer. Americans mostly use Bluetooth for headsets.
I think Americans are getting a bit better about securing their WiFi routers at home. But one reason is, I think, because some DSL providers have security (at a minimum WEP) turned on as the default and require you to set a passphrase.
I personally am shocked that there hasn't been a greater effort to secure bluetooth communications. To this day you can go into any public setting and scan dozens of bluetooth devices.
Just venting, as of July 1st my state (California) is making it mandatory that all vehicle cell phone calls be conducted with a handsfree device. Hackers Holiday.
Very interesting. Those guys at Pauldotcom.com do some crazy stuff from what I've seen on their site.
With the popularity of consumer electronics, we are seeing more and more attacks. Seeing a "netgear" or "linksys" wifi network tells you something - that same thing happens with bluetooth, etc. Most people don't even know what some hackers can do - or don't think they can be the target of an attack.
I follow the same practice of leaving services off unless I need them. Much safer that way, although I'm sure there's probably something out there than can remotely activate them!
The PaulDotCom.com guys have been doing podcasts for a while, and they're hilarious. The main guy has a book out on WRT54G hacks, and just started teaching a course on wireless hacks through SANS.
As for the MI 'this cellphone will self-destruct' scenario: Yeah, the vendors probably would have trouble fitting a smoke generator into the phone! TSA personnels' lack of a sense of humor has been demonstrated numerous times as well...
I did happen to recall the case where the FBI had bugged a suspect's car using their OnStar system. The case involved a strip club owner bribing a local San Diego politician to be more lenient in laws related to strip clubs. I think it was the strip club owner's car that was bugged. The defense questioned the legality of bugging the car by effectively making OnStar inoperable, saying that it wouldn't have been available in an emergency situation. The FBI said that they'd have dutifully released their bugging 'stuff' and let OnStar take back over in this scenario... The prosecution won the case.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
When government officials talk about information “transparency,” they don't mean augmented reality (AR). But AR will play a major role in enhancing government transparency, although it won't be welcomed by many officials.
I am somewhat addicted to the Internet, and I like visiting Finland. But the Finnish government's declaration that access to broadband Internet is a legal right waves a red flag in front of many people, including me. That said, despite the inflammatory nature of the concept, it has more merit than you might think.
T-Mobile
customers with Sidekick cellular phones might have the dubious "honor" of experiencing one of the worst-ever consumer cloud computing meltdowns in the United States -- if not the worst.
While Google introduces its new Chrome OS (which I'm hearing will be widely available in one year? Did I mishear that?), IBM announced 10 new products today to help companies using IBM System z mainframe technology.
Smarter Collaboration: How to Thrive in a Challenging Business Environment Market conditions are changing faster than ever, and organizations need to improve their agility and adaptability in order to provide better service and improve processes. The ability to work with customers, business partners, and employees as effectively as possible - while at the same time holding down costs - is a key to success. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Is there such a thing as complete anonymity on the Internet? It is something of a philosophical question, but the consensus among experts seems to be 'No.' However, there are degrees of anonymity, which might be more practical for most people – and more necessary than ever before.
In the final episode of this series about the death of Internet anonymity, Saunders describes how the Internet of the future will start to attain a level of intelligence that requires no human intervention. Scary.
What can users today do to protect their online privacy? The simplest and most obvious option is to not use the Internet – at all. However, once all digital information is consolidated over the Internet, trying to protect digital identity by simply unplugging from the Internet becomes impossible – a fact that has manifest implications for civil liberties, Saunders says.
By 2011 the number of Internet-connected sensors will exceed 1 trillion, making your chances of doing anything or going anywhere unnoticed pretty much zero. Saunders talks about how the 'sensortization' of the Internet is eliminating the traditional divide between online and offline populations.
The 20th Century Internet was characterized by the ability to interact with other people and information on the Internet largely without anyone knowing who you were. The Internet of this century, conversely, will be defined by identity. Saunders explains how Internet users are unwittingly contributing to the demise of the anonymous Internet.
The FCC is throwing money at rural broadband empowerment, but it's dealing with the wrong problem. The real issue is how we get users who could get broadband but choose to reject it to change their minds. The answer lies with mobile technology – but it may surprise you!
China is investing heavily in fiber to the premises to propel itself into the world broadband Internet first division. What's it deploying, and what's it going to do with all that bandwidth?
Verizon is making a big noise about making its wireless network open, but how will we measure if they've been successful? Do we count devices? Applications? Or just take their word for it?
It is 20 years since the invention of the World Wide Web, and the Internet has changed beyond recognition since then. Steve Saunders peers into the future to predict what the Web will look like in another 20 years time – and he doesn’t like what he sees.
Industry initiatives and government stimulus funds are giving enterprise software vendors a great opportunity to help build out and manage smart grid technologies.
The problem with telepresence is that it's not universally accepted, because video calling isn't. While we can all do video calling, we also apparently worry too much about how we look. If we want HD telepresence in our future, we have to dress down, mess up our hair, and dive into our online life.
The US loses about $20 billion a year on pirated software, movies, and music. But public policy can help stem the tide of digital theft. For example, France has recently passed a 'three strikes and you’re out' law, whereby if after two warning letters an individual continues to download pirated software then his Internet access will be cut off. US policy makers should consider adopting similar policies.
Financial management planning does not need to include Voodoo economics, but it does help to tap into the knowledge base of your team through some sort of real-time system. We explore your options.
When Reiter gets incensed over incompetent Verizon FiOS order-taking and support, he broadcasts it via Twitter. Did it do any good? How should your company offer Twitter support? Watch this for all the answers.
The successor to the BlackBerry Bold 9000 – the Bold 9700 – will be available soon in the US. Is it worth upgrading? Reiter's got one, and offers advice.
Digg
Del.icio.us
Reddit
Email This
TWEET THIS
