Is your mobile phone spying on you?
Nobel Hobos
09-07-2008, 08:33
A few weeks ago I bought a new mobile phone ("cell phone"). I'm not going to mention its model number, for reasons which will be apparent by the end of this paranoid rant.
I'm not very happy with it, but that's my fault for buying a phone on impulse instead of researching first. A fool and his money ... anyway, this isn't my blog.
(In the below, I have linked to definitions of technical terms which I have used strictly, knowing what they mean. Only the first occurrence of each is linked. The links are more to help people who are vague on computer terms follow the argument, NOT AS PROOF that I know what I'm talking about. If it looks nerdy and I didn't link it up, I'm probably using the word in a general descriptive sense. Or just making stuff up.)
The Conspiracy to Spy on Mobile Phone Owners.
Mobile phones have a microphone on them. Obviously: it's what you speak into.
A lot of them have cameras on them. Yes, they may have a flashing light or "shutter" sound, but that's under software (http://www.webopedia.com/TERM/s/software.html) control (since you can turn those off in the settings of the phone.)
All the time that they are turned on, and have coverage (http://www.webopedia.com/TERM/c/coverage_area.html), they stay in touch with one or more network towers, using very little battery power by that because the phone decides which tower is closer and only sends a handoff (http://en.wikipedia.org/wiki/Handoff) when one becomes stronger than what they were using before. (This is the only part of my theory I researched at all. Less than five minutes actually. God my neck is sore.)
Now, there would be some way to tell if the phone had a full voice connection to the towers when it was telling you it didn't (ie, you aren't making a call.) I could probably build an electromagnetic detector (http://www.electronics-lab.com/projects/science/006/index.html) for the range of frequencies a particular phone uses (this one is a 3G phone, I believe that's in UHF (http://en.wikipedia.org/wiki/Ultra_high_frequency). That's practical, and all it needs to detect is the difference between a handoff and an active connection, eg voice.) None of the potential bad guys want to be using the full voice connection spying trick very often, either they get caught or users take countermeasures when word starts to get around.
(Perhaps phones are used to "listen in" on criminals committing or planning a crime, but if so it's kept pretty quiet. It's always "the hostage managed to call out on his phone which was set to silent and which the kidnappers had overlooked in his pocket." Yeah, sure. That would happen often. This bit is total guess though, so on with the rock-solid conspiracy theory)
This is where (being of a paranoid inclination) I DON'T go "aww, that would never happen." This silly mobile I bought has a feature called a Voice Recorder. Digitized (http://webopedia.com/TERM/D/digitize.html) recordings from the microphone are stored in the user-visible flash memory (http://webopedia.com/TERM/f/flash_memory.html) of the phone and can be played back, sent in messages etc. All of that could easily be accomplished in the phone's firmware (http://webopedia.com/TERM/f/firmware.html). That little feature got me thinking.
If so constructed, the phone could record voices and store them in some part of the RAM the user can't see. There's a lot of flash memory in a fancy phone, but there'd be volatile RAM and hidden (from the user) flash memory too, for the firmware for its little operating system (http://webopedia.com/TERM/o/operating_system.html) and for phone settings. Has anyone busted one of these newish phones (with gigabytes (http://webopedia.com/TERM/g/gigabyte.html) of flash in them) open? Or have some experience of trying to boot them up from embedded Linux (http://en.wikipedia.org/wiki/Embedded_linux)? Anything else like that which isn't just taking on faith the manufacturer's assertions about the closed-source (http://www.securityfocus.com/columnists/281) hardware (http://www.webopedia.com/TERM/h/hardware.html)?
Just enough to sink the theory of course. We NSG, we no speak so good the fab-talk.
Now, once apon a time mobile phone signals weren't encrypted (http://webopedia.com/TERM/E/encryption.html) at all. A scanner (http://en.wikipedia.org/wiki/Scanner_(radio)) with the right band could overhear them in plain! With each generation of mobile technology (true generations, networks the old phones won't work on) the encryption has gotten stronger. Unsurprisingly, people are worried about complete strangers overhearing their phone conversations (well, certain bolshie private-school alpha girls aren't but MOST people) and each encryption scheme gets broken after a while.
Here my conspiracy theory branches into two alternatives. Rather than research it myself, I require BOTH to be refuted. If one is debunked the other remains un-debunked. (I could do this repeatedly, but that would just be mean.) But refuting one of them should be easy: either 3G is secure or it isn't.
EDIT-1: This option called into question by Velka Morava (http://forums.jolt.co.uk/showpost.php?p=13824299). Still considered possible by OP, pending further details. /EDIT
The encryption of 3G (http://webopedia.com/TERM/3/3G.html) phones is unbroken by anyone except the US NSA.
(No-one, not even the NSA, knows what they're up to.) When on a call, there isn't any way the user can know exactly what information is leaving their phone. Recordings or photographs/videos made previously could be being retrieved from the "hidden" storage in their phone, and piggybacked (http://en.wikipedia.org/wiki/Piggybacking_(security)) with their voice information before being encrypted.
This would be harder to detect by cryptanalysis (http://webopedia.com/TERM/3/3G.html) if a part of the bandwidth (http://en.wikipedia.org/wiki/Piggybacking_(security)) (pre-encryption) was set aside for this spy content, and when none was available (eg, the phone is on calls lots) it would be filled with a stream of pseudo-random numbers. (Pseudo is better than real random, I think, because the load on the phone's processor might be noticable by power analysis, or other methods, while generating true random numbers. And it's all going to be strong-encrypted anyway.)
There might be a similar channel, less necessary, back to the phone from the tower. This could be used to instruct the phone when to record or to take photographs at a time when it detects a particular sound.
This case implicates mainly C, government secret services. (See "The Likely Culprits" below.) B, network operators, are likely "second in" conspirators. A, phone manufacturers, would need to be given financial incentives but have no claim on the information, so are likely unwilling conspirators if they're in at all. D pose a risk to the conspiracy, and are very unlikely conspirators.
The encryption of 3G phones can be broken by hackers or government agents.
(Either of these parties pose the same risk. If government can't, they can access records made by hackers if they catch them. If hackers can't, but government can, hackers can hack the government. Both are pretty damn shady, anyway, so they probably both can.)
This initially seems a more scary scenario. But it has one upside, and that's white-hats. The scheme may be exposed by a clever hacker who just can't bear the thought of innocent people being spied on. Then, if it's D (the black-hat hackers) acting alone, all the damage to the commercial interests of B (carriers) has already been done, they have no incentive to cover-up and will be very wary of C (government) trying to make them co-operate. In any case, I find B and C the most likely culprits, and A very likely an unwilling participant or only partial participant.
Interestingly, I find that insecure encryption in the 3G protocol actually protects us more from the possibility of phones being used to spy on owners all the time, (rather than just during calls) since it opens so many channels to break open the conspiracy.
The Potential Culprits
A.
Phone manufacturers: even if only one manufacturer (*stares hard at Sony*) is putting a spying facility in the closed-source firmware of phones, it might be the manufacturer of YOUR phone. Or, if you're lucky and didn't buy that brand of phone, one of your friends or colleagues might have that brand in the room with you. And even if NONE of them knowingly put that in the firmware, culprits C or D might have infiltrated their design house.
It wouldn't even be entirely necessary to change the design in the design house, merely get a copy of it, introduce changes to the design, and switch it on the way to or at the factory making the phones. Any honest (and self-interested) phone manufacturer would check this carefully. And it would need to be done again for every substantially new model of phone. All round, at least one manufacturer probably needs to be in on the conspiracy.
B.
Phone companies. The "carrier." Least suspect would be the smallest companies, which service only a small area. In developed economies, these are rare. Networks tend to be nation-wide. Only one carrier needs to be in on the conspiracy for many people's privacy to be at risk (just as in the first two sentences of A.) As explained below, C has an incentive to get maximum spy coverage while letting as few parties as possible into the conspiracy -- so they'd try to co-opt the carriers with the widest coverage and most subscribers first. Even one big carrier would be a major invasion of privacy and very useful for surveillance.
At least one carrier is a likely conspirator, but they are the less likely ringleader. It's difficult for them to make money or power from information gained by spying, without getting caught. But even if they are innocent, their commercial interests would be badly damaged by exposure of the conspiracy, so if they detected it they'd probably settle for a fee from C. If they detected D doing it, they'd appeal to C (secretly of course ... those commercial interests) who would probably arrest D and turn them to their own service. If bothered again by the carriers, C would just shake their heads and say "damn those hackers are sneaky, huh? Perhaps you could catch them yourselves."
C.
Government. More specifically, secret services. These are the prime suspects. The cream of D are competing to get a job with these guys, because not only do they get good pay, but they get immunity from prosecution if the whole conspiracy breaks open, for doing this spying to help catch terrorists, etc. Sure, heads will roll but the national interest is not served by the super-smart ones rolling.
Government secret services have the greatest incentive to be able to spy on people who aren't even making a call. Phones can be accurately located any time they are turned on (using triangulation (http://en.wikipedia.org/wiki/Triangulation) between towers, rather like a small-scale GPS system) so if they could have a microphone in almost every citizen's pockets and a map showing where those pockets are at the time the recordings are made, the spooks have almost universal surveillance.
D.
Hackers, collectively or acting alone. That these may just be doing it for fun or kudos is not so bad, but more likely they would be aiming to acquire information which could be used to make money. If 3G is crackable, they have access to the content of ordinary phone calls and the on-hook spy recordings (but pose a risk of exposure to the conspirators too.) A, B and C would all be well-secured against individuals hacking for fun, perhaps not against well-funded hackers with collateral assets like hit teams or a handle on a corrupted official or employee.
If 3G isn't crackable, hackers are very unlikely ringleaders. They would need to have infiltrated A and B because intercepting the calls won't suffice, they would need to alter equipment at one end of the connection (the phone) and access to data at the other (the carrier.) But I could be wrong here, if the firmware of a mobile phone can be updated through the network -- then they need only infiltrate the carrier (B.)
One last thing though. Even a small battery hidden inside the phone (not the battery you can take out) would keep the phone alive for quite a few minutes, or even hours. Remember, it doesn't have to be able to call out during this time, merely store recordings.
The Challenge.
So, are you still sure your phone isn't spying on you? Even when it's turned OFF? Even with the battery out?
If I don't get a satisfactory debunking on this one, I'm going to pull the phone apart from curiosity and examine the insides closely. Then I'm going to take it out to my chopping block, and beat it into an unrecognizable ball of broken evil ex-spy with the back side of the axe. Then I'm going to set that on fire before soaking it in caustic liquid for a few days, then burning it and beating it again.
It's quite a nice phone, really. Do it for the poor little phone! Convince me it isn't spying on me.(I reserve the right to use the edit button to change this conspiracy theory. That phone's going DOWN!)
Bullitt Point
09-07-2008, 08:35
My local DWP has the power to cycle off my A/C condenser on the weekdays without warning.
I am less worried about my $20 cellphone spying on me. :p
Reading OPs like this makes me glad I don't have a cell-phone.
*returns to cave*
Barringtonia
09-07-2008, 08:43
Can you video smashing your phone, upload on Youtube and post the link.
Try and be a little more creative in how you smash it as well, the video should be entertaining, maybe an increasing variety of ways, running it over, burning it, blending it, etc., etc.,
Nobel Hobos
09-07-2008, 08:47
Can you video smashing your phone, upload on Youtube and post the link.
I'll consider that.
Try and be a little more creative in how you smash it as well.
Suggestions?
I was aiming for, in order of urgency:
Stop it spying on me. Probably.
Destroy its plastic parts.
Destroy its metal parts.
Repeat in case it has very well protected homing beacon for something nasty.
Non Aligned States
09-07-2008, 08:58
Suggestions?
I was aiming for, in order of urgency:
Stop it spying on me. Probably.
Destroy its plastic parts.
Destroy its metal parts.
Repeat in case it has very well protected homing beacon for something nasty.
1: Open rear battery cover.
2: Leave power on.
3: Run through powerful electromagnet.
4: Your phone now has permanent head damage.
Barringtonia
09-07-2008, 08:58
Anyway, I'm not sure whether I can link but you can find sites that help you download software onto your target's phone so that it sends all information to a site you can then log into and monitor.
It's possibly not the same as pre-installed software but that's possibly the part you didn't think about, you don't need hidden RAM or similar, you simply need a software program that transmits information to a location on the web.
Start smashing.
Nobel Hobos
09-07-2008, 09:08
Anyway, I'm not sure whether I can link but you can find sites that help you download software onto your target's phone so that it sends all information to a site you can then log into and monitor.
It's possibly not the same as pre-installed software but that's possibly the part you didn't think about, you don't need hidden RAM or similar, you simply need a software program that transmits information to a location on the web.
Start smashing.
Heh, my conspiracy theory is so lo -- uh strong, that no-one will ever disprove it!
Perhaps I should have offered a prize of some sort.
*goes off to smash governmint*
any communication device on which you talk verbally with anyone else is capable of being listened in on, is just a public as if you were carrying on your conversation, as many cell phone users do anyway, in a normal or louder voice in a well populated public area.
how LIKELY your conversations are to be monitored depends entirely upon how much attentention you've attracted to yourself, IN ANY CONTEXT.
big whoopie. anyone with half a brain already know this and takes it for granted and into consideration.
anyone trys to tell verbal communication in ANY form is "secure" is either spinning you to death to try and sell you something, or is just bald faced lying or plain ignorant.
unless maybe in an anechoic room, in the most acoustically dead zone, and miles away from anything human.
forget about expecting ANY verbal communication to be "secure". that's just a fact of life. one they made damd sure we understood before issuing, the one time i was given, any kind of security clearance.
as for cell phones, the last thing in hell i want is anyone and everyone being able to demand my attention no matter where i am or what i'm doing.
you could pay me to have one, maybe, part of the time, if you paid me enough, but that is the only cercumstance under which i'd ever want to have one anyway, reguardless of "security" issues.
=^^=
.../\...
Itinerate Tree Dweller
09-07-2008, 09:20
This is one of the reasons I have a prepaid phone. My name is not attached at all to the phone, I merely purchased the phone and activated it, periodically adding money to it, all anonymously.
okay... if they really wanted to know how my parents pet dog is going, then they could have just asked...
Lackadaisical2
09-07-2008, 09:24
I'll consider that.
Suggestions?
I was aiming for, in order of urgency:
Stop it spying on me. Probably.
Destroy its plastic parts.
Destroy its metal parts.
Repeat in case it has very well protected homing beacon for something nasty.
Well, I definately don't know enough about thsi kind of stuff to say one way or the other beyond I think it'd be possible, certainly with the assistance of the carrier or manufacturer.
However, while I think your method would be very effective, its not very interesting since its so methodical. Therefore you should try a variety of things that won't really harm it in a new way- I mean whats the difference if you destroy it now or 10 minutes form now, they still know where you live and your dog's name, and that weird thing you did to the cat last Saturday.
Besides, what is a paranoid person doing on the internet? Aren't you afraid that could be used against you, or do you care more about the active tracking capability of a cellphone you carry around?
While I don't have the technical expertise (even with your very helpful links) to say whether such a thing as you describe would be possible, I do know that intelligence is only effective and actionable if it eventually moves from the digital realm to that of human awareness -- somebody has to actually put their eyes on the information and interpret it.
Even assuming a variety of filters and parameters, we'd have to assume there would be far too many 'hits' on such a broad net to be useful for general surveillance. For an idea of frequency I googled the words "bomb" and "Allah" -- which I think we can fairly assume would be words included on a list for a surveillance system to act on -- and they returned 142 million and 92 million results respectively. Even refining my search to examples of both words together returned 2,150,000 results. That's just the text of webpages -- relatively static compared to the many daily conversations of millions and millions of people. This just doesn't seem to me like it would be an effective or efficient tool for the intelligence community.
A similar argument applies in the case of hacker-culprits. Even assuming they could access information from people's cell-phones, how useful would it be? The camera wouldn't pick up much useful data from inside a pocket or a purse, and how often do people recite things like Social Security, credit card, and PIN numbers in the presence of their phones? I'd be willing to bet it's not much compared to the number of gullible people happy to surrender that information to a faked website, spam e-mail, or con-job telemarketer. (I had one call me the other night, incidentally, who wanted to send me a free T-Mobile phone. . .he just "needed" my Social Security number so he could set up an individual account for me. I gave him the name Leeroy Jenkins and the fake number 246-01-1701 [Jean Valjean and the U.S.S. Enterprise :cool:] and hung up.) There are so many better ways to gather illicit financial information that I can't imagine a hacker or group of hackers doing this -- and even if they were so inclined they'd have to physically alter the manufacturing process,
Obviously, either of these rebuttals can be negated if the perpetrator(s) were to apply enough manpower, but that in itself works against the nature of a conspiracy -- in order to use enough manpower to make cell-phone surveillance effective they (whoever "they" are) would have to use so many people that keeping their activities secret would be practically impossible.
On the other hand, as I write this, I find that I have to admit one area in which cellular surveillance would indeed be useful: point surveillance. Although it's pretty useless if cast as a wide net to gather information, used in conjuction with a name-and-number database (easy to obtain as the white pages) this could be used to monitor specific individuals. And who knows whether it's the government monitoring criminals or hackers blackmailing businessmen or the government blackmailing hackers or what? So by all means, give that phone what it's got coming to it -- and do please post footage.
Cookiton
09-07-2008, 10:44
Hmmmm, Phones spying on people, are you sure that it wasn't George Bush?
Rambhutan
09-07-2008, 11:32
I think my toaster is out to get me as well
There are 300 million Americans. I'd guess 299 million of them have cellphones. Good luck, sorting my rather boring conversations from all that.
1 it takes up a shitload of power to have a constant conection
2 why would they do that when can just as easly intercept any calls during transit
3 GPS is the most usefull tracking tool built into all phones
4 cellphhone mices suck when in pocket
5 unless ur stupid enough to plan illegal activites on YOUR FONE!!!!! its not a problem
6 stop taking triple dose aderall :)
Egg and chips
09-07-2008, 11:57
So you're worried about them hiding stuff in the closed-source firmware of your phone? Wounds to me like you should get an open source phone *cough*openmoko*cough*
Velka Morava
09-07-2008, 12:26
The encryption of 3G phones can be broken by hackers or government agents.
(Either of these parties pose the same risk. If government can't, they can access records made by hackers if they catch them. If hackers can't, but government can, hackers can hack the government. Both are pretty damn shady, anyway, so they probably both can.)
This one is the case.
One of the 3G consortium worries was to come up with a strong enough encription to guarantee enough privacy for casual users and still allow for government agencyes to access the data. Government agents don't have to break the encription, they do have the algorithm to access it from the 3G consortium.
Nobel Hobos
09-07-2008, 13:21
any communication device on which you talk verbally with anyone else is capable of being listened in on
This is one of the reasons I have a prepaid phone. My name is not attached at all to the phone, I merely purchased the phone and activated it, periodically adding money to it, all anonymously.
I think my toaster is out to get me as well
"Well okay then, if not a Pop tart then how would you like a few crispy pieces of ..."
There are 300 million Americans. I'd guess 299 million of them have cellphones. Good luck, sorting my rather boring conversations from all that.
1 it takes up a shitload of power to have a constant conection
You posters either missed the point (it was repeated several times): the phone could record your conversations whenever you have the phone with you, and send them later. Not just leak your calls.
Or else your first posts to the thread display no sign of having wred the OP. This is an important matter to me, weighing my privacy against my need to be contacted 24/7. I sleep odd hours and if I didn't have the phone beside my bed I would miss important calls. Yes, I can keep quiet about the secret flying taco while I'm awake ... but how can I be sure I'm not muttering it in my sleep?
Sorry, posters, you all fail and will be replied to no more in this thread.
Oh, thanks for posting and all. Post all you like in reply to others or each other, but I'm not replying. You're out.
The OP concludes with a "Challenge" and by that standard you fail. If you haven't grasped the central argument of the OP, your chances of debunking it aren't worth consideration by me.
Remember: debunk the conspiracy theory, or the phone dies.
Brutland and Norden
09-07-2008, 13:33
Remember: debunk the conspiracy theory, or the phone dies.
I won't try to debunk the conspiracy theory so the phone will die. However my preferred method of killing your phone is putting it in a box, and shipping it off to me. Thank you. :fluffle:
Remember: debunk the conspiracy theory, or the phone dies.
okay. Kill it. Just destroy the phone now.
...........
You didn't do it did you?
Therefore, using logic:
If the conspiracy theory is not debunked, the phone gets smashed
If the phone does not get smashed, then the theory is debunked.
Therefore, QED, your cell phone is not spying on you.
Intestinal fluids
09-07-2008, 14:01
Option #3 Go see a Psychiatrist for treatment ASAP as you have begun to let your real life actions be dictated by morons as crazy as you in a chat room.
Nobel Hobos
09-07-2008, 14:11
Anyway, I'm not sure whether I can link but you can find sites that help you download software onto your target's phone so that it sends all information to a site you can then log into and monitor.
It's possibly not the same as pre-installed software but that's possibly the part you didn't think about, you don't need hidden RAM or similar, you simply need a software program that transmits information to a location on the web.
Baz gets one more chance to reply to me, attempting to debunk.
Perhaps two, for scaring me witless. In truth, I fear hackers more than government. Government can employ hackers with deniability (the hacker's word is weak if they must admit to a crime to prove their case, plus the government can shut them up first.)
==========
any communication device on which you talk verbally with anyone else is capable of being listened in on
=^^=
.../\...
I'll give you another chance to debunk too.
Partial credit for rave (raves take time, my OP took time), but mostly so I can debunk the point I rejected as "ignorant of the conspiracy set forth in OP"
Two steel cans. Line of sight. String. Bug that, spooks! :p
==============
I won't try to debunk the conspiracy theory so the phone will die. However my preferred method of killing your phone is putting it in a box, and shipping it off to me. Thank you. :fluffle:
You get another chance to debunk too. For suggesting a suitable prize.
It's so crazy, it makes sense. "My phone is fine, I'm so relieved, now I have to send it to some stranger"
That is actually better than destroying it. Fifteen minutes of fame on Youtube notwithstanding.
Katganistan
09-07-2008, 14:14
A few weeks ago I bought a new mobile phone ("cell phone"). I'm not going to mention its model number, for reasons which will be apparent by the end of this paranoid rant.
I'm not very happy with it, but that's my fault for buying a phone on impulse instead of researching first. A fool and his money ... anyway, this isn't my blog.
(In the below, I have linked to definitions of technical terms which I have used strictly, knowing what they mean. Only the first occurrence of each is linked. The links are more to help people who are vague on computer terms follow the argument, NOT AS PROOF that I know what I'm talking about. If it looks nerdy and I didn't link it up, I'm probably using the word in a general descriptive sense. Or just making stuff up.)
The Conspiracy to Spy on Mobile Phone Owners.
Mobile phones have a microphone on them. Obviously: it's what you speak into.
A lot of them have cameras on them. Yes, they may have a flashing light or "shutter" sound, but that's under software (http://www.webopedia.com/TERM/s/software.html) control (since you can turn those off in the settings of the phone.)
All the time that they are turned on, and have coverage (http://www.webopedia.com/TERM/c/coverage_area.html), they stay in touch with one or more network towers, using very little battery power by that because the phone decides which tower is closer and only sends a handoff (http://en.wikipedia.org/wiki/Handoff) when one becomes stronger than what they were using before. (This is the only part of my theory I researched at all. Less than five minutes actually. God my neck is sore.)
Now, there would be some way to tell if the phone had a full voice connection to the towers when it was telling you it didn't (ie, you aren't making a call.) I could probably build an electromagnetic detector (http://www.electronics-lab.com/projects/science/006/index.html) for the range of frequencies a particular phone uses (this one is a 3G phone, I believe that's in UHF (http://en.wikipedia.org/wiki/Ultra_high_frequency). That's practical, and all it needs to detect is the difference between a handoff and an active connection, eg voice.) None of the potential bad guys want to be using the full voice connection spying trick very often, either they get caught or users take countermeasures when word starts to get around.
(Perhaps phones are used to "listen in" on criminals committing or planning a crime, but if so it's kept pretty quiet. It's always "the hostage managed to call out on his phone which was set to silent and which the kidnappers had overlooked in his pocket." Yeah, sure. That would happen often. This bit is total guess though, so on with the rock-solid conspiracy theory)
This is where (being of a paranoid inclination) I DON'T go "aww, that would never happen." This silly mobile I bought has a feature called a Voice Recorder. Digitized (http://webopedia.com/TERM/D/digitize.html) recordings from the microphone are stored in the user-visible flash memory (http://webopedia.com/TERM/f/flash_memory.html) of the phone and can be played back, sent in messages etc. All of that could easily be accomplished in the phone's firmware (http://webopedia.com/TERM/f/firmware.html). That little feature got me thinking.
If so constructed, the phone could record voices and store them in some part of the RAM the user can't see. There's a lot of flash memory in a fancy phone, but there'd be volatile RAM and hidden (from the user) flash memory too, for the firmware for its little operating system (http://webopedia.com/TERM/o/operating_system.html) and for phone settings. Has anyone busted one of these newish phones (with gigabytes (http://webopedia.com/TERM/g/gigabyte.html) of flash in them) open? Or have some experience of trying to boot them up from embedded Linux (http://en.wikipedia.org/wiki/Embedded_linux)? Anything else like that which isn't just taking on faith the manufacturer's assertions about the closed-source (http://www.securityfocus.com/columnists/281) hardware (http://www.webopedia.com/TERM/h/hardware.html)?
Just enough to sink the theory of course. We NSG, we no speak so good the fab-talk.
Now, once apon a time mobile phone signals weren't encrypted (http://webopedia.com/TERM/E/encryption.html) at all. A scanner (http://en.wikipedia.org/wiki/Scanner_(radio)) with the right band could overhear them in plain! With each generation of mobile technology (true generations, networks the old phones won't work on) the encryption has gotten stronger. Unsurprisingly, people are worried about complete strangers overhearing their phone conversations (well, certain bolshie private-school alpha girls aren't but MOST people) and each encryption scheme gets broken after a while.
Here my conspiracy theory branches into two alternatives. Rather than research it myself, I require BOTH to be refuted. If one is debunked the other remains un-debunked. (I could do this repeatedly, but that would just be mean.) But refuting one of them should be easy: either 3G is secure or it isn't.
The encryption of 3G (http://webopedia.com/TERM/3/3G.html) phones is unbroken by anyone except the US NSA.
(No-one, not even the NSA, knows what they're up to.) When on a call, there isn't any way the user can know exactly what information is leaving their phone. Recordings or photographs/videos made previously could be being retrieved from the "hidden" storage in their phone, and piggybacked (http://en.wikipedia.org/wiki/Piggybacking_(security)) with their voice information before being encrypted.
This would be harder to detect by cryptanalysis (http://webopedia.com/TERM/3/3G.html) if a part of the bandwidth (http://en.wikipedia.org/wiki/Piggybacking_(security)) (pre-encryption) was set aside for this spy content, and when none was available (eg, the phone is on calls lots) it would be filled with a stream of pseudo-random numbers. (Pseudo is better than real random, I think, because the load on the phone's processor might be noticable by power analysis, or other methods, while generating true random numbers. And it's all going to be strong-encrypted anyway.)
There might be a similar channel, less necessary, back to the phone from the tower. This could be used to instruct the phone when to record or to take photographs at a time when it detects a particular sound.
This case implicates mainly C, government secret services. (See "The Likely Culprits" below.) B, network operators, are likely "second in" conspirators. A, phone manufacturers, would need to be given financial incentives but have no claim on the information, so are likely unwilling conspirators if they're in at all. D pose a risk to the conspiracy, and are very unlikely conspirators.
The encryption of 3G phones can be broken by hackers or government agents.
(Either of these parties pose the same risk. If government can't, they can access records made by hackers if they catch them. If hackers can't, but government can, hackers can hack the government. Both are pretty damn shady, anyway, so they probably both can.)
This initially seems a more scary scenario. But it has one upside, and that's white-hats. The scheme may be exposed by a clever hacker who just can't bear the thought of innocent people being spied on. Then, if it's D (the black-hat hackers) acting alone, all the damage to the commercial interests of B (carriers) has already been done, they have no incentive to cover-up and will be very wary of C (government) trying to make them co-operate. In any case, I find B and C the most likely culprits, and A very likely an unwilling participant or only partial participant.
Interestingly, I find that insecure encryption in the 3G protocol actually protects us more from the possibility of phones being used to spy on owners all the time, (rather than just during calls) since it opens so many channels to break open the conspiracy.
The Potential Culprits
A.
Phone manufacturers: even if only one manufacturer (*stares hard at Sony*) is putting a spying facility in the closed-source firmware of phones, it might be the manufacturer of YOUR phone. Or, if you're lucky and didn't buy that brand of phone, one of your friends or colleagues might have that brand in the room with you. And even if NONE of them knowingly put that in the firmware, culprits C or D might have infiltrated their design house.
It wouldn't even be entirely necessary to change the design in the design house, merely get a copy of it, introduce changes to the design, and switch it on the way to or at the factory making the phones. Any honest (and self-interested) phone manufacturer would check this carefully. And it would need to be done again for every substantially new model of phone. All round, at least one manufacturer probably needs to be in on the conspiracy.
B.
Phone companies. The "carrier." Least suspect would be the smallest companies, which service only a small area. In developed economies, these are rare. Networks tend to be nation-wide. Only one carrier needs to be in on the conspiracy for many people's privacy to be at risk (just as in the first two sentences of A.) As explained below, C has an incentive to get maximum spy coverage while letting as few parties as possible into the conspiracy -- so they'd try to co-opt the carriers with the widest coverage and most subscribers first. Even one big carrier would be a major invasion of privacy and very useful for surveillance.
At least one carrier is a likely conspirator, but they are the less likely ringleader. It's difficult for them to make money or power from information gained by spying, without getting caught. But even if they are innocent, their commercial interests would be badly damaged by exposure of the conspiracy, so if they detected it they'd probably settle for a fee from C. If they detected D doing it, they'd appeal to C (secretly of course ... those commercial interests) who would probably arrest D and turn them to their own service. If bothered again by the carriers, C would just shake their heads and say "damn those hackers are sneaky, huh? Perhaps you could catch them yourselves."
C.
Government. More specifically, secret services. These are the prime suspects. The cream of D are competing to get a job with these guys, because not only do they get good pay, but they get immunity from prosecution if the whole conspiracy breaks open, for doing this spying to help catch terrorists, etc. Sure, heads will roll but the national interest is not served by the super-smart ones rolling.
Government secret services have the greatest incentive to be able to spy on people who aren't even making a call. Phones can be accurately located any time they are turned on (using triangulation (http://en.wikipedia.org/wiki/Triangulation) between towers, rather like a small-scale GPS system) so if they could have a microphone in almost every citizen's pockets and a map showing where those pockets are at the time the recordings are made, the spooks have almost universal surveillance.
D.
Hackers, collectively or acting alone. That these may just be doing it for fun or kudos is not so bad, but more likely they would be aiming to acquire information which could be used to make money. If 3G is crackable, they have access to the content of ordinary phone calls and the on-hook spy recordings (but pose a risk of exposure to the conspirators too.) A, B and C would all be well-secured against individuals hacking for fun, perhaps not against well-funded hackers with collateral assets like hit teams or a handle on a corrupted official or employee.
If 3G isn't crackable, hackers are very unlikely ringleaders. They would need to have infiltrated A and B because intercepting the calls won't suffice, they would need to alter equipment at one end of the connection (the phone) and access to data at the other (the carrier.) But I could be wrong here, if the firmware of a mobile phone can be updated through the network -- then they need only infiltrate the carrier (B.)
One last thing though. Even a small battery hidden inside the phone (not the battery you can take out) would keep the phone alive for quite a few minutes, or even hours. Remember, it doesn't have to be able to call out during this time, merely store recordings.
The Challenge.
So, are you still sure your phone isn't spying on you? Even when it's turned OFF? Even with the battery out?
If I don't get a satisfactory debunking on this one, I'm going to pull the phone apart from curiosity and examine the insides closely. Then I'm going to take it out to my chopping block, and beat it into an unrecognizable ball of broken evil ex-spy with the back side of the axe. Then I'm going to set that on fire before soaking it in caustic liquid for a few days, then burning it and beating it again.
It's quite a nice phone, really. Do it for the poor little phone! Convince me it isn't spying on me.(I reserve the right to use the edit button to change this conspiracy theory. That phone's going DOWN!)
Um, use an older phone?
Or don't worry about it anyway -- 1) there are literally millions of phones in the world, with many people in places outside of the US eschewing land lines entirely. Monitoring all of them is impossible.
2) Be a boring person. My conversations consist of "Yeah, just calling to tell you I'm going to be late". And "Damn, where the hell IS that phone."
3) Place it in a refrigerator or freezer when you're not using it. (Kidding!)
Nobel Hobos
09-07-2008, 14:18
Option #3 Go see a Psychiatrist for treatment ASAP as you have begun to let your real life actions be dictated by morons as crazy as you in a chat room.
That was your one shot. Join the No-More-Replies-From-OP List.
Crazy smart people need advice from Crazy morons. If it looks like good advice, we don't have to worry about being tricked into doing something Sane. So we just do what they say.
Intestinal fluids
09-07-2008, 14:18
3) Place it in a refrigerator or freezer when you're not using it. (Kidding!)
Think of the battery savings!
Katganistan
09-07-2008, 14:34
as for cell phones, the last thing in hell i want is anyone and everyone being able to demand my attention no matter where i am or what i'm doing.
This is one that drives my friends crazy... because unless I am expecting a call from someone or unless *I* am in the mood to accept calls, my phone stays off.
"I TRIED TO CALL, WHY DON'T YOU EVER HAVE YOUR CELL ON?"
"I was busy. It's for my convenience, not yours. But I'm available now, what's on your mind?"
Aren't you afraid that could be used against you, or do you care more about the active tracking capability of a cellphone you carry around?
Remember, all new phones have GPS capability. Mine SAYS you can turn it off... but you know, THEY just want you to think that.
Two steel cans. Line of sight. String. Bug that, spooks! :p
Your dog walks into the room. Since you love him and want him returned should he get lost/stolen, you've chipped him. Chip sends recording of His Master's Voice to shadowy government agents.
Oh, and one of those big microphone-gun looking things you see in the movies, with the big dish on front, to pick up what's being said over there. ;)
If you have a cat, forget it. Chipped or not, those evil masterminds will sell you out first chance they get.
Brutland and Norden
09-07-2008, 14:36
You get another chance to debunk too. For suggesting a suitable prize.
It's so crazy, it makes sense. "My phone is fine, I'm so relieved, now I have to send it to some stranger"
That is actually better than destroying it. Fifteen minutes of fame on Youtube notwithstanding.
I'll pass on that chance. However... (http://www.youtube.com/watch?v=I1F7hJNsi5M)
Intestinal fluids
09-07-2008, 14:40
I got it! How about making a tinfoil hat for your cellphone?
Thirdguy
09-07-2008, 14:49
Let's assume for a moment that your phone does spy on you. Whose going to go and sit on hours of information to stop, lets face it, minor crimes. Sure the government has operatives sitting on terrorist chatter, but thats for terrorism, a much more pressing matter then robbery.
If your phone is recording secret information, how would that be useful to anyone? There are too many things that need to be done, your phone has to be near you, your microphone has to not suck, the sound waves can't be too obstructed, and you have to speak loudly and clearly. It would be much more efficient to just more easily intercept key telephone calls, usually with a warrant, sometimes without. If you have a warrant out on you, you don't have times for conspiracy theories.
Also phones do track you all the time, when their on and even without GPS. Your phone sends out a signal every six seconds to the phone towers, and its easy enough to triangulate your rough position.
Randomly gathering conversation snippets is a useless way to gather information. I would be more worried about well placed bugs that would be way more efficient on gathering information.
Vakirauta
09-07-2008, 14:54
My phone is a Transformer.
No shit, I was walking through mission city when the all-spark went off and I swear it's secretly watching me, plotting to kill me.
The_pantless_hero
09-07-2008, 14:57
Let's assume for a moment that your phone does spy on you. Whose going to go and sit on hours of information to stop, lets face it, minor crimes.
I imagine people paid to do it. Like the people who are doing it in Britain right now with all those cameras they have set up everywhere.
Thirdguy
09-07-2008, 15:03
I imagine people paid to do it. Like the people who are doing it in Britain right now with all those cameras they have set up everywhere.
There aren't enough people in the U.S. government to spy on the entire U.S., the average American. Cameras are much easier to watch, you can watch multiples, but sound can only be heard one at a time.
Nobel Hobos
09-07-2008, 15:10
This one is the case.
One of the 3G consortium worries was to come up with a strong enough encription to guarantee enough privacy for casual users and still allow for government agencyes to access the data. Government agents don't have to break the encription, they do have the algorithm to access it from the 3G consortium.
Bad spelling, but good debating.
Also, you have taken an important step (if your assertion is correct): you have eliminated one of the branches of the conspiracy theory. This makes it easier for other posters to debunk the theory.
Links to the proceedings of the 3G consortium in devising the encryption, or commentary on same, would put you in the front running for the thread win.
At this stage, you stand to win the top half of the phone (it's a slide phone) as prize.
ColaDrinkers
09-07-2008, 15:13
Also phones do track you all the time, when their on and even without GPS. Your phone sends out a signal every six seconds to the phone towers, and its easy enough to triangulate your rough position.
This is a totally useless way to gather information. I would be more worried about well placed bugs that would be way more efficient on gathering information.
No, this is a fantastic way of gathering information. For example, you could easily get a nice list of witnesses/suspects by looking up which cell phones were around the place of a crime. It's also fantastic if you're a government employee with access to this information and want to stalk your ex girlfriend. It's not like it hasn't happened before. Many companies would love to know exactly where you are at all times, from your employer to your insurance company to everyone that would like to advertise to you.
Your phone is spying on you, even if it never transmits any audio or images. Luckily not much is being done with the information right now, but if you want to be safe, you better start smashing.
Ashmoria
09-07-2008, 15:15
so, nobel, what you are saying is that you bought a fancy-dancy cell phone that had web capabilities and now you are worried that it is or will be hacked by malicious strangers or the govt?
welcome to the real world.
of course its possible. its the net.
if you dont use your phone for anything that might be a disaster if hacked into (or lost) you dont have to worry. so no sensitive financial information, dont pay bills online from your phone, make all of your phone passwords different from your non-phone passwords.
if you are doing things that your phone might provide legal evidence of, dont use your phone for those things and dont take it with you when you do them.
there are RF shields that you can buy. store you phone in one except for when you actually use it. its a little paranoid but so what? it will give you peace of mind and you will leave no trackable trace except when you turn it on.
if you have not bought a fancy-dancy cell phone but just have one that will make calls, text messages and send an occasional photo, you have nothing to worry about. if the "they always know where i am" thing bothers you, keep it turned off.
The Infinite Dunes
09-07-2008, 15:18
You posters either missed the point (it was repeated several times): the phone could record your conversations whenever you have the phone with you, and send them later. Not just leak your calls.
Don't microphones generate electric current when they pick up sound -- that's how they work. So if your spy agency could set up a very local receiver then the phone could maybe transmit what it was picking up. And what about about wireless power transmission as well. Essentially what mobiles do already, just on a lower scale. Therefore the government receiver might also be able to transmit power to the mobile which it can return, but modified by the sound it was picking up.
My view is that the conspiracy probably is true, but they only really bother to listen into people that they already have reason to be suspicious of. Too much data processing otherwise... nothing that could really be easily automated.
Thirdguy
09-07-2008, 15:22
No, this is a fantastic way of gathering information. For example, you could easily get a nice list of witnesses/suspects by looking up which cell phones were around the place of a crime. It's also fantastic if you're a government employee with access to this information and want to stalk your ex girlfriend. It's not like it hasn't happened before. Many companies would love to know exactly where you are at all times, from your employer to your insurance company to everyone that would like to advertise to you.
Sorry i edited my post for clarity, the way I'm reading your post I believe you misunderstood it.
Although you are essentially correct, they do track criminals down to their crime scene through their phone, although not quite the way you described. Your method would involve a thousand person long list of suspects, and your criminal might not have had a cellphone. Its mostly used the other way around, once they found a good suspect they check his phone records.
My view is that the conspiracy probably is true, but they only really bother to listen into people that they already have reason to be suspicious of. Too much data processing otherwise... nothing that could really be easily automated.
How can you be suspicious of them already? How can you tell if they're serious?
There is little point in listening to people before a crime is committed, you cannot prevent a crime and still charge them with a crime unless it was in progress. If you have a suspect plant bugs, its more efficient then a phone that may be lost/stolen/broken/no where near them.
I don't think many criminals announce it to the world that they are about to commit a crime...
Nobel Hobos
09-07-2008, 15:23
So you're worried about them hiding stuff in the closed-source firmware of your phone? Sounds to me like you should get an open source phone *cough*openmoko*cough*
Constructive suggestion also. You stay eligible for your initial attempt to debunk, plus one bonus attempt.
If you would kindly get working on Openmoko so it will run on all hardware with or without the manufacturer or carrier's consent, and spread the new Freedom Phone Ethos to at least 40% of phone users worldwide, you will be awarded: the charger for the phone, the extensive instruction manual, and your choice of three of my six antique computers.
Still, debunking the OP should be easier than that. All those links are deceptive, I did no research other than to find what the mobile network handshake is called (handoff). Nothing spoils a good conspiracy theory like research!
============
Bodnari, you too keep your starting debunk credit. Returned for "rave."
Rave looks good, should probably earn at least a bonus debunk. I'm getting around to the reply.
Neo Bretonnia
09-07-2008, 15:24
Can you video smashing your phone, upload on Youtube and post the link.
Try and be a little more creative in how you smash it as well, the video should be entertaining, maybe an increasing variety of ways, running it over, burning it, blending it, etc., etc.,
Heh if you're gonna upload to YouTube and you're worried about being spied on better get a new account and upload from an Internet cafe... Now that Viacom will be looking at the user access records...
ColaDrinkers
09-07-2008, 16:03
Sorry i edited my post for clarity, the way I'm reading your post I believe you misunderstood it.
Although you are essentially correct, they do track criminals down to their crime scene through their phone, although not quite the way you described. Your method would involve a thousand person long list of suspects, and your criminal might not have had a cellphone. Its mostly used the other way around, once they found a good suspect they check his phone records.
My apologies, I misunderstood you. But what I described is what we're moving towards; I didn't say we did it (often) right now. We are increasingly sifting through huge amounts of data in search of relevant information - just look at Echelon or Sweden's new cross-border internet surveillance, where things such as key words like terrorism are looked for. The lists of "suspects" are of course gigantic, but they can be narrowed down. For example, is anyone that was around the scene of a crime already in the police database? It can't replace traditional police work, but it can certainly be a very good compliment.
The reason we do it like you say today isn't so much because of technical limitations as it is for protecting the privacy of innocent people, but this is a problem that our friendly governments are working hard to solve. And the solution of course is to declare it a non-issue.
Corporatum
09-07-2008, 16:05
The most ironic part about all these conspiracy theories is that most of the time the guys inventing them have/know nothing the government would ever be interested about :rolleyes:
Nobel Hobos
09-07-2008, 16:31
Let's assume for a moment that your phone does spy on you. Whose going to go and sit on hours of information to stop, lets face it, minor crimes. Sure the government has operatives sitting on terrorist chatter, but thats for terrorism, a much more pressing matter then robbery.
I'm talking about recorded and digitized sound. It can be archived, more of less indefinitely (storage gets cheaper by Moore's law still I think.)
A boon for law-enforcement. If you trust them. If the information wasn't tampered with while in the possession of the secret agents ... or the phone carriers ... or hackers.
The appearance of a past record could be more dangerous than a day-by-day record of specific individuals. That at least can be disputed by eyewitnesses.
If your phone is recording secret information, how would that be useful to anyone? There are too many things that need to be done, your phone has to be near you, your microphone has to not suck, the sound waves can't be too obstructed, and you have to speak loudly and clearly.
The microphone is excellent. Placed on a table in a quiet room, it can pick up conversations in another room. The question is ambient sound -- you can whisper and the circuitry adjusts to make it sound like a normal speaking volume. IF there is no ambient noise.
It's important to note that I am not just talking about my phone. I am talking about a generational change, a trend in phones. Several parts of it are upgraded to take advantage of the far greater bandwidth of 3G.
It would be much more efficient to just more easily intercept key telephone calls, usually with a warrant, sometimes without. If you have a warrant out on you, you don't have times for conspiracy theories.
If you have a conspiracy, there's no need for warrants.
One point I'm not sure I have made yet: illegally-gathered information is still useful to guide investigation. If you know everything about a person, it is easy to entrap them. You know their proclivities even if they have not yet broken a law.
Also phones do track you all the time, when their on and even without GPS. Your phone sends out a signal every six seconds to the phone towers, and its easy enough to triangulate your rough position.
Useful information. Which I would probably know if I'd visited HowThingsWork or some such. You get a partial credit for this.
Randomly gathering conversation snippets is a useless way to gather information. I would be more worried about well placed bugs that would be way more efficient on gathering information.
When it's comprehensive enough, "random gathering" makes a searchable database. Of sound, admittedly. But civilly available speech recognition has advanced hugely in the last few years ... who knows what the spooks have.
Partial credit for "Rave." Two partial credits = keep your option to debunk the OP.
==============
No, this is a fantastic way of gathering information. For example, you could easily get a nice list of witnesses/suspects by looking up which cell phones were around the place of a crime. It's also fantastic if you're a government employee with access to this information and want to stalk your ex girlfriend. It's not like it hasn't happened before. Many companies would love to know exactly where you are at all times, from your employer to your insurance company to everyone that would like to advertise to you.
Your phone is spying on you, even if it never transmits any audio or images. Luckily not much is being done with the information right now, but if you want to be safe, you better start smashing.
Good points CD.
Not addressed to the OP directly, so you too get to keep your debunk credit.
I'm inclined to disqualify you, since you seem to be arguing in favour of the OP. That would make you one of Them, spreading misinformation. :p
Nobel Hobos
09-07-2008, 16:49
While I don't have the technical expertise (even with your very helpful links) to say whether such a thing as you describe would be possible
Nor do I! Partial credit for rave, and partial credit for covering most of the "impracticality" aspects other posters pursued later.
Your post gives me a further idea: in a room with several phones which are all surveillable, timestamps (time encoded into the sound recording) or even simple pattern matching, the quality of recording could be improved massively by eliminating spurious noises like clothing rustling (on one phone but not another.) The person would also be known to be in the room at the same time as another, simply by the matching sounds. No need to even be able to hear the words.
"Point surveillance" should have been in the OP, very useful phrase.
You win a shoebox of old Nokia chargers. Every one still works perfectly!
Nanatsu no Tsuki
09-07-2008, 16:51
I don't even want to start thinking that my conversations are being recorded by my phone, in any way. I think the government... wait... the government already intrudes upon my life enough as it is. If it were to record my convos and personal confessions, I think I wouldn't be surprised. Sadly, nothing surprise me much these days.:( The spice has gone out of my life.:(
Yootopia
09-07-2008, 17:08
They can all be used to track people. So can your cars. And your credit cards. Whatcha going to do about it, the world is covered by Telstar, so even if yer in Africa or something, they can still trace you.
Nobel Hobos
09-07-2008, 18:04
Sorry if I freaked anybody out. The thread was more or less an experiment as to whether an arbitrary conspiracy theory would stand unchallenged if it was long and closely argued, and didn't involve an odious villain (like Neocons or Jews).
I initially intended to defend it with all my strength, but that felt too much like trolling when it came around to that time.
I think it's over. Who knows, I have no sense for which thread goes and which one doesn't.
I will say this: with a perfect police and judiciary, and an uncorruptible repository for the surveillance data, people carrying around cameras and microphones and logging everything around them would make interpersonal crime much less attractive. We could reduce punishments proportionally to the increasing 'clear-up rate' or, alternatively, keep strict punishments and reduce such crime drastically. Probably a balance of both.
In an odd synch-up with a post of mine to the "What is Rape?" thread, the question of proving consent could finally be resolved. Both partners would just leave their cameras and mics on, the logged recordings would be archived without anyone ever watching them unless rape was alleged.
But who would do that without utter faith in the surveillance system? No hackers, no profiteers, no corrupt or coup-planning spooks. It's fairyland.
I should go join some weirdo fringe-group and write propaganda for them. That theory seemed insupportable to me, but I apparently made it sound plausible, with no research to speak of and pretty much just writing it from the top to the bottom. I'm evil. :(
Or ... did I accidentally choose a whacko conspiracy which is really there ? :eek: