The Spy In Your Pocket

I recently watched a TV thriller in which the CIA was able to eavesdrop on a terrorist’s meeting by remotely hijacking the mobile phone that was in his pocket and using its microphone to listen-in to his conversations. I’m not talking here about when the phone was in use, but when it was sitting innocently in his jacket; it was suddenly under their remote control.

Phooey, I thought. A large percentage of my career in the electronics industry was spent designing mobile phones, and I couldn’t imagine how that could be done. “That’s nonsense,” I told my wife and huffed to myself.

But yesterday I stumbled across a magazine article about how the CIA did that very thing, so I decided to investigate – was it the bunkum of an ill-informed TV script writer or was there something behind it after all?

Apparently, the FBI used this method to eavesdrop on an alleged mobster, John Ardito, and his attorney. The principle works because modern mobile cell phones are basically small computers that load and run software. Even better, they aren’t normally fully disabled when switched off so that an alarm can power it back up under the microprocessor’s control.

As a Financial Times article pointed out, mobile service providers can remotely install software on your handset without you knowing. That software can then do anything, even when you think your phone is off – it can use the inbuilt GPS to determine your location, activate its camera and send out the video, or turn on the microphone and initiate a call. All without your knowledge.

Security conscious business men now remove batteries from their phones when not using them – the only way to guarantee they can’t do anything sneaky.


In theory, your laptop can be made to do the same thing, of-course, and there are stories of intelligence agencies having loaded malware onto a suspect’s machine to perform a similar trick. However, you no doubt have a firewall and run anti-virus software and have all sorts of other security in place to defeat such a hack, but what about your mobile? Who has Norton or MacAfee installed on their cell phone?

Perhaps it’s time to start if you’re ever worried about a government agency eavesdropping on your calls.

Is it illegal for an organisation like the FBI to use such techniques to spy on you? Surprisingly, no: a court ruling in 2006 gave law enforcement agencies carte-blanche to use this method.

Scarier still is the report that the NSA has embedded its software into the Android operating system. So no need even to persuade a cellular operator to download code anymore. Google (the manufacturer of Android software) can, should it wish, activate your phone’s camera and microphone at will. So next time your mobile phone’s battery goes flat unusually fast – is it because your phone is secretly giving the FBI your location and whatever the microphone can pick-up?

And what about internet tablets? I haven’t seen reports of governments ensuring suitable malware is present in their operating systems yet, but as the majority run Google’s Android, why should they be any different to phones? So that tablet that’s sitting innocuously on your side table, apparently turned off…? Perhaps you had better go and remove its battery.


If you’re worried about having your phone messages intercepted, though, be grateful you don’t live in The Bahamas. The island’s image seems lovely: soft warm sand, gentle waves, palm trees… but according to one of the documents leaked by the NSA’s Edward Snowden last year, the U.S. intelligence agency recorded the audio of every single mobile phone call made in The Bahamas. That’s over 100 million calls per day according to Wired Magazine. Codenamed Somalget, the system stores the audio for thirty days to allow it to be sifted and analysed.

Defending the practice, the NSA’s Crime & Narcotics division claimed it had led to the discovery of international narcotics traffickers and people smugglers.

So what do you think? Right or wrong? Eavesdropping on your calls can lead to the capture of criminals, but are you happy with the idea of your phone call being recorded and available for analysis for all of the following month?


Twitter: @ian_coates_





It’s Not Only Walls That Have Ears

He became suspicious when he noticed his mobile was connected to a UK phone network. It was strange because he was standing in Ireland: that was either one very powerful base station or something strange was happening.


That’s how one member of the Irish government’s GSOC organisation realised his phone was being monitored.

Cell phone calls can be intercepted using a “man in the middle” technique in which the spy sets up a fake base station close to the mobile in question. If it gives the strongest signal, the phone will latch onto the fake one, which in turn connects to the genuine one and passes your call on. All the data from your handset can now be collected and analysed.

Of-course, mobile phone transmissions these days are encrypted, so the spy still needs to break the cipher, but once he has collected the data from your call, he can process it later with powerful computers. This is also where he brings a second technique into use. Data from 4G and 3G systems are a lot harder to crack than those made over the older GSM network. The latter uses 1980’s technology, which is much simpler to decode. If you have a 4G phone, you’ll probably have noticed that it’s not always on a 4G network. That’s because coverage is still sparse: as soon as you leave the city, your phone automatically switches to the best network it can find – either 3G or GSM.

So your spy also brings along a jammer. He blocks all 4G and 3G signals; your phone automatically moves onto GSM and your data is now far more weakly encrypted – a synch for our spy to decrypt. He can make it even easier for himself if you have an older phone – the basic GSM security keys were broken some years ago and posted on the internet. So one other thing he will try is to get his fake base station to instruct your mobile to switch to that older GSM encryption – an older phone will meekly change over and give him even easier pickings on your conversation.


The recent story of the Irish GSOC employee’s cell phone being intercepted in this way has a lovely irony to it because GSOC’s role is to monitor the Irish police force. After an investigation, it was found that the organisation that had arranged the intercept was…. yes: the Irish police! At first I couldn’t help but laugh, but I then wondered whether a police organisation, no doubt cash-strapped these days, wouldn’t do better spending its limited resources targeting criminals instead.

Large government agencies like America’s NSA, of-course, also use similar techniques to gather intelligence. They no doubt target terrorists or criminals but they also seem to be burning resources on intercepting calls made by supposedly friendly parties. Angela Merkel, the German chancellor, recently discovered the NSA had been bugging her phone for the last ten years. That came to light, not because of strange mobile behaviour, but from Edward Snowden’s leaks about America’s Prism programme.

There was an uproar, and the Americans were forced to stop. Some time later, though, it transpired they were bugging ten of her close colleagues instead. Bizarre. True spy thriller material.

So how do you call a friend these days if you want to ensure no-one can eavesdrop on your conversation? Certainly don’t switch to Skype! Carrier pigeon, perhaps? What’s your imaginative way to communicate with a friend so that what you say can’t be intercepted by a spy?



Twitter: @ian_coates_