
from the That-girl's-standing-over-there-listening-and-you're-telling-him-about-our-back-doors? dept.
Submitted via IRC for Bytram
Nobody's Cellphone Is Really That Secure
There are two basic places to eavesdrop on pretty much any communications system: at the end points and during transmission. This means that a cellphone attacker can either compromise one of the two phones or eavesdrop on the cellular network. Both approaches have their benefits and drawbacks. The NSA seems to prefer bulk eavesdropping on the planet's major communications links and then picking out individuals of interest. In 2016, WikiLeaks published a series of classified documents listing "target selectors": phone numbers the NSA searches for and records. These included senior government officials of Germany—among them Chancellor Angela Merkel—France, Japan, and other countries.
Other countries don't have the same worldwide reach that the NSA has, and must use other methods to intercept cellphone calls. We don't know details of which countries do what, but we know a lot about the vulnerabilities. Insecurities in the phone network itself are so easily exploited that 60 Minutes eavesdropped on a U.S. congressman's phone live on camera in 2016. Back in 2005, unknown attackers targeted the cellphones of many Greek politicians by hacking the country's phone network and turning on an already-installed eavesdropping capability. The NSA even implanted eavesdropping capabilities in networking equipment destined for the Syrian Telephone Company.
Alternatively, an attacker could intercept the radio signals between a cellphone and a tower. Encryption ranges from very weak to possibly strong, depending on which flavor the system uses. Don't think the attacker has to put his eavesdropping antenna on the White House lawn; the Russian Embassy is close enough.
The other way to eavesdrop on a cellphone is by hacking the phone itself. This is the technique favored by countries with less sophisticated intelligence capabilities. In 2017, the public-interest forensics group Citizen Lab uncovered an extensive eavesdropping campaign against Mexican lawyers, journalists, and opposition politicians—presumably run by the government. Just last month, the same group found eavesdropping capabilities in products from the Israeli cyberweapons manufacturer NSO Group operating in Algeria, Bangladesh, Greece, India, Kazakhstan, Latvia, South Africa—45 countries in all.
[...] Another way to hack a cellphone is to install a backdoor during the design process. This is a real fear; earlier this year, U.S. intelligence officials warned that phones made by the Chinese companies ZTE and Huawei might be compromised by that government, and the Pentagon ordered stores on military bases to stop selling them.
(Score: 0) by Anonymous Coward on Tuesday October 30 2018, @12:35AM (6 children)
Au contraire! My cell phone's battery is dead and I haven't had cell service in over a month (something about a bill or some such nonsense). I'd say my phone is very secure at the moment.
(Score: 2) by The Mighty Buzzard on Tuesday October 30 2018, @01:47AM (3 children)
My previous cell phone is amazingly secure. It's been at the bottom of a lake for a decade or so because it rang at me one time too many while I was fishing.
My rights don't end where your fear begins.
(Score: 2) by MostCynical on Tuesday October 30 2018, @03:12AM (2 children)
The only truly secure storage is one where not even you can access the information.
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 4, Insightful) by c0lo on Tuesday October 30 2018, @06:58AM (1 child)
It is called WOM [wikipedia.org] - write-only memory.
In software, it a usually emulated by /dev/null
In hardware, the simplest semiconductor construct that allows efficient WOM support is the monode.
The use of WOM greatly enhances the performance of FINO schedulers [wikipedia.org] - I'm sure TMB is more familiar with the FISH term (first-in, still-here)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 4, Funny) by The Mighty Buzzard on Tuesday October 30 2018, @10:26AM
S'true. It's almost certain no tasks will be accomplished when my FISH scheduler is engaged.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Tuesday October 30 2018, @06:29AM (1 child)
Not having service means you're not allowed to access the network, it doesn't somehow magically stop Powers That Be spying on you using your device. Just like removing a SIM card renders the device somewhat useless ... for you, not them. Phones are devil's tools.
(Score: 2) by hendrikboom on Tuesday October 30 2018, @04:48PM
Dead battery might make it inaccessible online, though.
(Score: 0) by Anonymous Coward on Tuesday October 30 2018, @01:00AM
Heh... Seriously, we all knew this right?
(Score: 2, Troll) by Ethanol-fueled on Tuesday October 30 2018, @01:05AM (4 children)
Groan. If there's any motivation to start submitting again, it's to see stuff in the queue that wasn't submitted by Hillary, salty Hohols, or Otpor! stable-boys.
(Score: 4, Informative) by bob_super on Tuesday October 30 2018, @01:09AM (3 children)
Regardless of who is in the White House, and what device is in their pocket, it's pretty safe to assume that every single embassy in D.C., especially the Russians and the Chinese, is trying to listen.
Picking "the Chinese" would be more fashionable, but the Russians have been in the DC listening business for a century, so call that the force of habit.
(Score: 2) by el_oscuro on Tuesday October 30 2018, @01:35AM (2 children)
I can see the Soviet embassy from my office. Big white building on the top of one of the highest hills in DC. Great for listening. Our embassy in Moscow is situated in the crappiest location possible.
SoylentNews is Bacon! [nueskes.com]
(Score: 4, Funny) by Arik on Tuesday October 30 2018, @01:53AM
Really? Interesting. So what year is it in your office?
If laughter is the best medicine, who are the best doctors?
(Score: 1, Funny) by Anonymous Coward on Tuesday October 30 2018, @06:47AM
Who knew Sarah Palin posted on SN?
(Score: 3, Interesting) by Snotnose on Tuesday October 30 2018, @01:53AM
on my cellphone. We've had 10-20 years to figure out security on PCs, and what, less than 10 for cellphones? Not to mention cellphones seem to like bleeding edge tech (NFC anyone).
I'll let you find the security holes, maybe in 5-10 years I'll trust my cell phone enough to access my bank account on it.
Then again, I'm old and according to the insurance industry there is a 30% chance I'll be dead in 5 years, 50% in 10 years, and after that I can't buy life insurance.
Is anyone surprised ChatGPT got replaced by an A.I.?
(Score: 2) by Thexalon on Tuesday October 30 2018, @02:45AM (3 children)
The reason is that they can store all the communications they care to, and that way if someone becomes an individual of interest at a future date they now have years of potential dirt on them.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin
(Score: 5, Insightful) by The Mighty Buzzard on Tuesday October 30 2018, @03:02AM (2 children)
s/individual of interest/political office holder/
The NSA is probably the single most dangerous of America's enemies.
My rights don't end where your fear begins.
(Score: 2, Funny) by Anonymous Coward on Tuesday October 30 2018, @06:33AM
Naw, there's zero change of our Watchers acting in a bad way. Can't happen in the USA.
Or is there? https://en.wikipedia.org/wiki/J_edgar_hoover [wikipedia.org]
(Score: 2) by Thexalon on Tuesday October 30 2018, @12:26PM
Political office holder, or outside political organizer, or business leader, or the new beau of someone working for the NSA, or local law enforcement investigating something the TLAs don't want to be made public, or member of a religion the TLAs don't like, or ...
There's a lot of things you can do to end up on the hit list, and you might not even be aware you've done it.
"Think of how stupid the average person is. Then realize half of 'em are stupider than that." - George Carlin