I recently watched a TV thriller in which the CIA was able to eavesdrop on a terrorist’s meeting by remotely hijacking the mobile phone that was in his pocket and using its microphone to listen-in to his conversations. I’m not talking here about when the phone was in use, but when it was sitting innocently in his jacket; it was suddenly under their remote control.
Phooey, I thought. A large percentage of my career in the electronics industry was spent designing mobile phones, and I couldn’t imagine how that could be done. “That’s nonsense,” I told my wife and huffed to myself.
But yesterday I stumbled across a magazine article about how the CIA did that very thing, so I decided to investigate – was it the bunkum of an ill-informed TV script writer or was there something behind it after all?
Apparently, the FBI used this method to eavesdrop on an alleged mobster, John Ardito, and his attorney. The principle works because modern mobile cell phones are basically small computers that load and run software. Even better, they aren’t normally fully disabled when switched off so that an alarm can power it back up under the microprocessor’s control.
As a Financial Times article pointed out, mobile service providers can remotely install software on your handset without you knowing. That software can then do anything, even when you think your phone is off – it can use the inbuilt GPS to determine your location, activate its camera and send out the video, or turn on the microphone and initiate a call. All without your knowledge.
Security conscious business men now remove batteries from their phones when not using them – the only way to guarantee they can’t do anything sneaky.
In theory, your laptop can be made to do the same thing, of-course, and there are stories of intelligence agencies having loaded malware onto a suspect’s machine to perform a similar trick. However, you no doubt have a firewall and run anti-virus software and have all sorts of other security in place to defeat such a hack, but what about your mobile? Who has Norton or MacAfee installed on their cell phone?
Perhaps it’s time to start if you’re ever worried about a government agency eavesdropping on your calls.
Is it illegal for an organisation like the FBI to use such techniques to spy on you? Surprisingly, no: a court ruling in 2006 gave law enforcement agencies carte-blanche to use this method.
Scarier still is the report that the NSA has embedded its software into the Android operating system. So no need even to persuade a cellular operator to download code anymore. Google (the manufacturer of Android software) can, should it wish, activate your phone’s camera and microphone at will. So next time your mobile phone’s battery goes flat unusually fast – is it because your phone is secretly giving the FBI your location and whatever the microphone can pick-up?
And what about internet tablets? I haven’t seen reports of governments ensuring suitable malware is present in their operating systems yet, but as the majority run Google’s Android, why should they be any different to phones? So that tablet that’s sitting innocuously on your side table, apparently turned off…? Perhaps you had better go and remove its battery.
If you’re worried about having your phone messages intercepted, though, be grateful you don’t live in The Bahamas. The island’s image seems lovely: soft warm sand, gentle waves, palm trees… but according to one of the documents leaked by the NSA’s Edward Snowden last year, the U.S. intelligence agency recorded the audio of every single mobile phone call made in The Bahamas. That’s over 100 million calls per day according to Wired Magazine. Codenamed Somalget, the system stores the audio for thirty days to allow it to be sifted and analysed.
Defending the practice, the NSA’s Crime & Narcotics division claimed it had led to the discovery of international narcotics traffickers and people smugglers.
So what do you think? Right or wrong? Eavesdropping on your calls can lead to the capture of criminals, but are you happy with the idea of your phone call being recorded and available for analysis for all of the following month?