The "roving bug" in your cellphone Posted by: McQ
on Sunday, December 17, 2006
Maybe we should all come to understand that whatever you have that can download stuff can also be compromised. Your cellphone for instance. We're all aware that cellphones can be tapped. But did you know they can also be used to eavesdrop on you?
The FBI converted the Nextel cellphones of two alleged New York mobsters into "roving bugs" —- microphones that relayed conversations when the phones seemed to be inactive, according to recent court documents.
Authorities won't reveal how they did this. But a countersurveillance expert says Nextel, Motorola Razr and Samsung 900 series cellphones can be reprogrammed over the air, using methods meant for delivering upgrades and maintenance.
It's called "flashing the firmware," said James M. Atkinson, a consultant for the Granite Island Group in Massachusetts.
"These are very powerful phones, but all that power comes with a price. By allowing ringtones and stock quotes and all this other stuff, you also give someone a way to get into your phones," Atkinson said.
Now, of course, it doesn't take much imagination to realize that more than Nextel, Motorola Razr and Samsung 900 series cell phones have firmware which can be upgraded and maintained over the air. And as you can imagine, it has privacy advocates a bit upset:
"This is a kind of surveillance we've never really seen before. The government can and will exploit whatever technology is available to achieve their surveillance goals. This is of particular concern, considering the proliferation of microphones and cameras in the products we own," said Kevin Bankston, a lawyer for the Electronic Frontier Foundation.
Converting mobile phones into stealth microphones violates the Fourth Amendment protection against overly broad searches, Bankston contends.
"They are planting a bug on a person and roping in conversations with many other people, wherever they go," he said.
Of course the FBI disagrees:
Legally, he said, bugging cellphones differs little from placing microphones "in a chair or a wall or behind a picture."
"It's not a situation where we just turn the tape on and we gather everything," Margolin said. "By law, we only listen to what the warrant authorizes us to listen to."
Well yeah, except walls, chairs and pictures don't move. So, since the locations are usually static and in a particular place where certain type of activity is expected (and a certain type of person to be involved), the possibility of intruding on the privacy of others not involved in such activity is greatly reduced. Not so with mobile bugs.
And, of course, whatever the government can do, you can bet hackers can do as well:
Hackers probably can pull this off as well, said Lauren Weinstein, who first warned of the possibility in 1999 on his online Privacy Forum.
"A lot of people know an awful lot about the inner workings of these phones," Weinstein said.
No kidding. And just to make it more fun, turning off your phone doesn't defeat the eavesdropping:
A listening device installed in Ardito's phone "functioned whether the phone was powered on or off, intercepting conversations within its range wherever it happened to be," Kaplan wrote.
’"This is a kind of surveillance we’ve never really seen before. The government can and will exploit whatever technology is available to achieve their surveillance goals. This is of particular concern, considering the proliferation of microphones and cameras in the products we own," said Kevin Bankston, a lawyer for the Electronic Frontier Foundation.’
Ya know, this particular EFF dude sounds almost like he is only bothered by this because of the possibility that the government can (and will?) exploit it.
Dude. It was already exploited. By people worse than the government.
if you think that’s bad just wait until smart homes become more popular. you will be waking up to find out somebody hacked your coffee maker and reset it to brew at 6pm vice 6am. That roast you put in the oven that was supposed to start cooking at 2 so it would be ready when you got home well it started the minute you walked out the door cause the voice activated TV was converted into an bug so the hacker knew when you left. He also told his not so computer savvy buddies who broke into your house and stole your autosensing toaster with built in jelly dispenser.
Yes, I was never allowed to bring my phone into government intel installations. I asked a friend and he told me that they had been using phones that way and said it was well known in the biz (so to speak).
