Assange: 'iPhone, BlackBerry, Gmail users - you're all screwed' Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge, said a representative from the Bureau of Investigative Journalism at a panel chaired by Julian Assange™ today. Companies also sell products that will let them change the messages you write, track your location and nick …
It's funny you mention the iPhone when it's Android users who are the most exposed. There's a nice opt out setting on the iPhone, what about Android?
I thought open source was supposed to stop this sort of thing? how can so many people who roll their own ROMs and tinker with the OS have missed this?
There was a time when your only guarantee of having a private conversation was face-to-face in the middle of nowhere. Satellite surveillance put an end to that years ago, but it's hellish expensive. It's far more cost effective in these hard economic times for government and corporate spooks to bribe a few OEMs to facilitate cellphone and tablet spying to monitor our collective arses 24/7.
Simple - turn it off when you don't want to be monitored. It can only track you if it's switched on (including in standby). No power to the device = no way for it to run apps or be connected to remotely. Same as with bluetooth - security hole so you turn it off when not using it.
I'm a network engineer with 30 years of experiance in the field of Information Security. Computer Forensics and penetration testing of various devices and netwoeks is what I do for a living.
I can confirm EVERYTHING that Julian Assange made reference to in that article.
You can either stick your head back in the sand, or open your eyes to reality and decide where to draw the line, or you can be perfectly okay with it all, but you have no right to complain later, as you would be accepting it now.
Not everything is as much an issue as first made out.
"Speaking on the panel, Pratap Chatterjee of the Bureau of Investigative Journalism (which works out of City University, but is an independent organisation) said that your phone could be used to record and send information about you even when it is in stand-by mode."
Blackberry devices still have removable batteries - the only way to ensure something is off rather than in low power mode and it's a bit difficult to do with no power. iPhone users are definitely fucked.
We'll no doubt soon be able to buy apps to detect and remove surveillance software, or perhaps more amusingly, send it spoof info.
Spookmaster: 'Are we getting the surveillance feeds from Brannigan's phone?'
Spook: Loud and clear. He's on top of the Empire State Building. I can't make out the conversation - those aardvark mating calls are too loud. Very clear pictures though - don't you think he has an uncanny resemblance to Kim Kardashian?
Yeh, but FOOLGLE won't GIVE them to us. If they did, many of us would promptly block every damned thing but the text or photos we specifically asked for. I'd blackhole all sorts of crap, even nix javascript, flash, and more unless I *specifically* needed it.
Imagine:
-- the police logging your porn to build a prospective "likely child molester/serial killer db"
-- your care provider snooping your dining habits
-- your creditors/lenders poking around finding reasons to raise interest rates on YOU or a CLASS of "yous"
-- imagine your employer paying to get wind of your shopping around for a new job
-- imagine your ISP sussing out your feelings and creating sneaky campaings tailored JUST to keep you from defecting, but rooking you 6 months later
Imagine some or all of just THOSE examples getting loose.
The only GOOD thing about aggregation of all this information is that so long as no one is out the F*CK YOU, you have corroborative trails exonerating YOU (for now, for now) of something you were initially going to be accused of or placed into an open, non-closing, never-let-go-cold-case file.
But, wait till a killer with money finds a broker who'll pay to cascade tampered evidence down a number of backups and live data stores -- even into credit card and other companies -- to find a fall guy. It may not be YOU as in YOU because of YOU, but just that your patterns fit a nice distractive or diversionary path to take attention off the real killer or kidnapper or molestor or swindler or whatever. Even if you are eventually cleared and never brought to a court, it'll still be hell proving you're not sabotaging your own trail to wrongfully cast doubt on yourself.
Yep, these may be movie-grade ideas, but for people with VERY SHALLOW footprints, it might become VERY easy to be selected as a mark to fall for someone else, whether it's a bad guy or an investigator wanting to close a case... Wait, if you're lucky, your truthfully used DNA may exonerate you, too.
Maybe a nexus of universal hell-evil has to come together to be your (or someone else's) undoing.
For a conspiracy: No evidence is needed.
However, there is little here that is new. e-mails can be intercepted, read, altered and faked, and that's been available since the first e-mail client was written. 20+ years ago, students were getting shocked by e-mails they apparently sent to themselves while they were asleep... or were sent from... no one.
Just about everything they claim about phones already exists, has existed for years and has been abused by students and others for years. It just hasn't been associated with phones until recently when phones became 'smart' enough to run such applications.
Here's the proof - published in physical newspapers as well. A la News Of The World , if a paper says mobile hacking happens then they know what they are talking about :)
From the Business Standard newspaper, India :
The two men behind India's 'secret' surveillance industry by Akshat Kaushal & Surajeet Das Gupta / New Delhi December 3, 2011, 0:39 IST
URL : http://business-standard.com/india/news/the-two-men-behind-india%60s-%60secret%60-surveillance-industry/457443/
Another article with a video showing OEM spy software on your phone.
Extract:
Your Android-based smartphone could be watching just about everything you do, Android security researcher Trevor Eckhart argues in a video posted earlier this week.
In the nearly 20-minute video clip, Eckhart shows how software developed by mobile-device tracker Carrier IQ logs each keystroke and then sends them off to locations unknown. In addition, when Eckhart tried placing a call, Carrier IQ's software recorded each number before the call was even made.
Although Eckhart's data comes from Android devices, it's worth noting that Carrier IQ's software is running on over 130 million mobile devices worldwide, including those made by Nokia and Research In Motion.
URL: http://au.news.yahoo.com/technology/mobile-technology/article/-/12213799/android-app-that-spies-on-your-phone/
Regards,
287 documents from 160 companies in 25 countries.
Pretty through evidence really. Now you can say he forged it, but for all their faults, Wikileaks is kinda known for leaking things (hence the name) not forging them.
As opposed to foil hat bridge, I would propose that you acting like an ostrich and putting your head in the ground, as I pretty sure most people assuming that this was indeed going on, it just wasn't proven with evidence until now.
BTW don't the Palm products on this list, or mentioned in Carrier IQ discussions either.....
Sorry, but if a device has the capability to do something, then you can write software to use it. This applies to any software driven computing device.
I worked all this out two nanoseconds after I knew some phones had GPS locations in them. You can either take it as a benefit, that your phone can always be found, or not, if you don't want geolocation, buy a phone without it.
BTW Tom Tom Live can also report your location, as it has a 3G connection for live trafic updates.
You should also realise that because there are so many people out there, and so few security people to watch you, you are just noise until you do something to come to their notice, like plant a bomb, or rob a bank.
Alternately you can forbid this practice and have a tax hike to pay for all the extra officers required to keep you safe.
The cell carriers...and anyone using thier information...can track ANY cell phone, simply by looking at the cell sites the phone has/is connected to.
THIS IS NOTHING NEW.
Sorry Julian...you’re tilting at windmills once again. Now...go outside and get some Sun. You look awfully PALE!
"You should also realise that because there are so many people out there, and so few security people to watch you..."
That argument might have carried water 30 years ago, but not today. With things like face-recognition software, behavioural-analysis software and the massive storage capabilities of today's computers, you don't need "security people" to watch you - the software does all that for them. Effectively, you ARE being watched all the time, and the moment you do or say something that the ruling elite don't like, that software will flag you up and turn you in within a heartbeat.
"You can either take it as a benefit, that your phone can always be found, or not, if you don't want geolocation, buy a phone without it"
What if all the phones have it? What if you can no longer get one without it?
Don't like breathing air with the chemicals in it? DON'T breath. It's YOUR choice. You HAVE the option.
"Now, if only I was doing something worth being surveilled :) :)"
That depends on the agenda of those watching you. They may decide to come after you because of your ethnicity, but if they do, it will be too late for you to do anything about. The potential for abuse is all in their hands, and none of it is in yours.
and it's YOUR fault.
Commercially available, but they have to be installed (see: mobile spy) This is not an OtA type thing where your phone suddenly gets pwned. Target doesn't have a screen lock key enabled, or leaves their desktop unlocked, and does not have any idea how many junkie apps they have either. The exploit requires physical access, but once installed you are "live."
There are various spheres of desktop snoop software. The "legal" snoop-on-your-spouse crap and then malware like Zeus and SpyEye.
I guess I should read the rest of the comments, but yours caught me thinking, "Hey right! Is this something new? Where is the proof?"
While I don't doubt some of what was said (insert 'shocked' face that Gmail is a marketing tool), some of it comes across as plain bonkers.
Maybe I'm wrong, but it just sounds like too much effort for any potential gain.
"products that will let them change the messages you write" - apart from spellcheckers, how would you not notice that your messages are not what you wrote?
As for the illicit sending of personally identifiable information (photos, recording sounds, etc.), if anyone ever put a proxy in the way and discovered the suspect data (and there are people out there that do this often enough), it would be a media storm to dwarf the current Leveson inquiry.
This post has been deleted by its author
This post has been deleted by its author
Never really believed anything different........The same is true of loyalty cards. The information used from those are used against you. But people are distracted rom the 10p off of whatever product.
It's no different to real life.
If you hand information over to someone else - you have delegated responsibility. Regardless of laws. Similar to a cheating partner.
They both know it hurts you. But you'll just get a sorry and have to move on......
Last year I was on a boat trip up and down the Thames, I took lots of photos on my plain old Samsung U600 feature phone, including several of Vaxhaul Cross (MI6 HQ).
When I got home and downloaded the pics from my SD card there were NO photos of Vaxhaul Cross, but all of the pics up to that point were there, as well as all of those taken after when we left the boat...
What's more; the filenames were still in sequential numbered order, with no numbers missing in the middle.
The handset had no wifi, can't remember if bluetooth was turned on but I think not as I generally keep it off by default.
So - what happened there...?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
