How To Tell If Your Cell Phone Is Bugged 338
Lauren Weinstein writes to point us to his essay on the realities of using an idle cell phone as a bug, as a recent story indicated the FBI may have done in a Mafia case. From the essay: "There is no magic in cell phones. From a transmitting standpoint, they are either on or off... It is also true that some phones can be remotely programmed by the carrier to mask or otherwise change their display and other behaviors in ways that could be used to fool the unwary user. However, this level of remote programmability is another feature that is not universal... But remember — no magic! When cell phones are transmitting — even as bugs — certain things are going to happen every time that the alert phone user can often notice."
Easy way to detect a bugged phone (Score:5, Interesting)
Re:Easy way to detect a bugged phone (Score:2, Interesting)
It can just be using the mic and battery for its service, but generally the chirps would give it fully away.
Hell, if done properly it might wait until an actual call is in progress and then push its buffer upstream.
That doesn't work, here's why (Score:5, Interesting)
When I bought one with cash, just after I bought it, I received wrong number calls, but the people involved didn't seem to want to hang up like normal wrong number calls.
Them: "Is Mark there?"
Me: "I'm sorry, there's no Mark here, you must have a wrong number."
Them: "I'm sorry, are you sure you're not mark"
Me: "you have a wrong number"
Them: "Oh my mistake, thanks again erm Mr erm...." pauses to see if you'll complete the sentence.
This happened again and again and again, different scripts, but always a wrong number guy who just wouldn't go away. Until one day my wife answered and said my name.
Her: "No this is ???????'s phone"
After that I never received another wrong number call.
Now I put that down to random chance, since I'm not worth spying on. But then my wife got a new pre-pay mobile, again she paid cash, and sure enough she got the same pattern of calls. We were talking about it yesterday, when the phone rang, and it was woman this time, who again was a wrong number, but didn't seem to want to hang up.
Many different phone numbers used each time, we're building a list.
Re:Disposable phones (Score:3, Interesting)
Cipher indicator (Score:1, Interesting)
Slightly off-topic:
An easy way to warn you that your GSM phone call may be intercepted: look for the cipher indicator icon. It typically looks like an open lock. If your phone displays this icon, the base station has turned encryption off for this call.
This typically happens when the They have ordered the phone company to spy on you, or when reception is low.
er, tin-foil hat (Score:5, Interesting)
Hello,
Just as an experiment, I tried placing my cell phone into an anti-static mylar baggy and the signal went from 100% to 40% (or five bars to two). Repeating this with tin foil with a small opening to see the LCD (about 1cm^2) reduced the signal to 20% (or one bar).
I am wondering that if someone wants to have a private verbal conversation sans listeners on the cell phone, all they have to do is place their cell phone in metal box?
This would seem much more convenient than having to pull the battery out, as well as reduce wear and tear on the contacts or thin plastics of today's cell phones.
Perhaps someone who is a bit more familiar with electronics could explain whether or not a "tin foil hat" (or a metal box or foil bag, ala Enemy of the State) for a cell phone would work?
Regards,
Aryeh Goretsky
Re:What about recording to internal memory? (Score:3, Interesting)
Compress what you want and then send it as burst transmission.
Re:Easy way to detect a bugged phone (Score:3, Interesting)
In effect, the phone radiates more than necessary and the battery gets drained faster.
I'll try to record the conversations (Score:2, Interesting)
After that it has so far been 10 months of no wrong calls.
I asked her why she told a total stranger my full name, and she said it was the way he persisted in talking, the conversation naturally led to a point where my full name was the gap in the conversation.
Then when *she* got a prepay and it started with her, the very first call she got was in front of me, she said you have a wrong number and when he didn't hang up the penny dropped. I signaled to her remind her about the previous time she'd handed out my name.
I put my head up to listen in, and it is totally clear to me that he was trying to talk her into revealing information. If her phone supports recording, I'll try and record some of these calls and put them up on the web so you can hear for yourself. She's had 10 so far in her first 2 months of having the phone.
I also have a phone for work calls only, but I signed a service contract when I bought it and haven't made any international calls on it, it's never had a wrong number in the 12 months I've had it.
Re:Bug Detector (Score:3, Interesting)
Re:What about bugging computers? (Score:3, Interesting)
If we are talking Windows Genuine, then, delivering something to a specific Windows registration code should be trivial.
Real columbian businessmen, or Dlords.... (Score:3, Interesting)
They use high tech RF mapping signature maps to see where there are dark spots
in the FBis monitoring systems.
If your making billions in profit each year, you can afford to spend $5-10m in custom design hardware from china
or fly 1000s of flights to map the intercepts.
Only part time low lifes use mobiles, because they cannot afford anything greater than $200USD, which means they must
be very small time crooks.
Re:Old, old news (Score:2, Interesting)
Re:Old, old news (Score:5, Interesting)
The calls I made from my mobile had the time of the call, my location and the phone number called recorded.
All the websites I visit, have the domain name recorded.
All the emails I sent have the time of sending and the receipient recorded.
When I pay by credit card, the location, time and amount of the transaction are recorded.
When I cycle into town, I go past about six cameras - I'm recorded by each one.
All of this information is available to the State without any form of judicial oversight. A policeman on a whim could keep a very close watch on my life.
So I'm not being paranoid here - this list *IS* the list of the monitoring conducted on all of us.
I've committed no crime. I'm totally innocent.
Why am I being monitored? why does the State have to keep records of who I talk to and when I talk to them and where I am when I talk to them? am I suspected of something? I'm not. So why? because I *might* do something? that's outrageous! and in fact it's proper tantamout to suspecting me of something - it is suspected that I *might* commit a crime, which is just a weaker version of we *do* suspect you comitted a crime.
What people don't realise is that although the State has always recorded plenty of information on us, the game has changed because of computers. Computers plus surveillance isn't just more of the same; it's something utterly new and *different*.
I think it's call log profiling (Score:3, Interesting)
I don't think they are interested in me or my wife, (not that they know she's my wife). I think they are profiling all telephone calls for patterns of interconnection.
We both make international calls to the far east, and I think we score highly on some equation in a computer somewhere. International calls from prepay phones in foreign languages where the phones were paid for in cash and the extended guarantee wasn't accepted and the top up cards are all paid for with cash.
If you only know us from our mobile phone logs we must look very suspicious if you were a spy agency involved in call profiling.
Cells are never off..... (Score:2, Interesting)
First off, cell phones have batteries internally, much like the battery your mobo has to keep it's settings.
Why would cell phones differ? Take your main battery out, the time/alarm/etc settings are saved, doesn't that give you any clues?
The phone is powered at any given time, it's not a matter of whether the screen is lit or not...
They could, and can, and do, use cell phones as bugs, there's nothing new to that.
Hanlon's Razor (Score:3, Interesting)
I'm saying it because something similar happened on my normal (non-mobile) phone line. And the Deutsche Telekom certainly had all my data there, so there would have been no need for such a masquerade.
Anyway, someone with an extra-thick arabic or maybe turkish accent repeatedly called, first to ask to talk to Achmed or something like that, then gradually after a few calls (spaced a couple of weeks apart) it turned into trying to bully me into "admitting" that I'm Achmed. (Dunno what gave him _that_ stupid idea.) And, yeah, demanding to know who I am, if not Achmed. By the time it turned into screaming at me in his weird language, I told him I'll call the police if he doesn't leave me alone.
Re:That doesn't work, here's why (Score:3, Interesting)
What you're experiencing may be an attempt (made by whoever) to respond to these anti-surveillance strategies. Did you buy your phones in a known "hot zone" like Berlin-Neukölln?
Re:The real answer to 'who are they'- Bill Collect (Score:5, Interesting)
I'm currently stationed overseas, and I got into a car accident while on leave in the States. The other party decided to sue for damages (I love living in America) and my insurance company played the "he's overseas serving the country, are you honestly going to force him to come back to deal with this?" card, the judge agreed, and delayed the trial until my tour's up, which at the time was more than two years.
My wife has been getting calls on her cell phone (she's still in the states) that go like this:
"Is binarytoaster there?" "...No, he's overseas." *click*
It's honestly that fast from the way she puts it - they just ask if I'm there, and upon getting that answer they just hang up. Never say who they are, never leave a number, nothing. Been going on for at least a few months now.
She was completely confused by why anyone would do this, as was I, until I remembered the lawsuit. So they might not be collectors, but they're still just as annoying.
Re:That doesn't work, here's why (Score:3, Interesting)
There are also other similar calls in the UK that are scams. When telcos first dish out mobile numbers, the prefix shows the operator. I got mine over ten years ago and the original operator is now known as "BT Cellnet". I've since transfered three or four times over the years, each time taking my number with me. I am not currently a BT Cellent customer.
However, now and then I'll get a phone call asking me if I want to upgrade my "BT Cellnet" phone. They try their best to sound like the actual operator, but are careful to never actually say that. They are essentially cold-calling all of the numbers in the mobile "area" code and trying to get you to switch to their service.
I've tried pressing them a few times, just to see how brazen they are. Once I asked how they got my details and the girl instantly hung up. Another, I pointed out that my phone was no longer Cellnet and that I knew they were war-dialing. Again, an instant hang-up.
Complaints have been passed and handled by the UK telecoms watchdog, Oftel, but they just keep on adjusting their tactics to be borderline legal or to avoid getting a complaint in the first place.
Re:That doesn't work, here's why (Score:3, Interesting)
It's a classic case of `unintended consequences': the assumption circa 1995 was that the big criminal issue was theft of service. At the time the only way to get a mobile was on a contract: you needed a bank account that would take direct debits, and some proof that you weren't totally sketchy with regard to credit. The only way the operators were going to build out their userbase in that environment is to redefine sketchy, and even then it's not going to get anyone under 16. So in the new world, sketchy would be redefined upwards (ie anyone the slightest bit dubious is refused credit), but pre-pay is universally available. Shazam: instantly you have a massive increase in mobile phone userbase. Fraud drops, because (a) GSM cloning isn't as easy as ETACS cloning (b) your contract customers are better risks but (c) most importantly the prices are falling and phone fraud isn't really worth the candle.
However, for crims, losing the ability to sell phone time to Pakistan for half the standard rate is a small bump. Suddenly having access to completely anonymous, mobile, non-suspicious (as compared to hooky PMR equipment) point-to-point communication is like heaven on wheels. But once the genie is out of the bottle, how do you deal with the problem when every eleven year old has a phone (my ten year old daughter claims to be the only child in her class without one: I think she's exagerating, but not by much)? That forces you to permit cash top-up from people with no ID.
ian
My experience - They're more advanced... (Score:4, Interesting)
This time, though, I it asked if I could verify a purchase for "theme park tickets," "appliances," and some other things. I told it no, and an amazingly easy 15 minutes later, my account was frozen, all the obvious charges were rolled back, and a new card was on the way, along with some paperwork for me to flag other charges that the CC company missed.
The scammers had my old address apparently. I knew this because they tried to order a convection oven (who'd have figured?) and have it shipped to my old address. My guess is that this is the address in whatever database that got cracked. When I did get my next statement, I noticed a few charges to some random "music store"
It turns out that credit card company had cancelled far more of these "song" purchases, and "donations." The thieves had made, over a few weeks, donations of varying amounts from a few cents to about $2, and random song purchases of about $1. It seems that they were trying to establish that I was "normally" spending money in the area where I used to live, and also verifying that my card was still legit.
So yeah, some criminals are dumb. Others are not. The fraud detection systems we have are pretty good though.
Re:The real answer to 'who are they'- Bill Collect (Score:2, Interesting)
Re:On Star (Score:3, Interesting)
I am pretty sure that you can find kits on line that add an LED that lights up when you the mic is active or a switch that kills them mike
Re:Easy way to detect a bugged phone (Score:2, Interesting)
That's not bugging, all phones do that. Phones don't stay in constant contact with the tower, unlike what people think. That would suck the batteries as much as a converstation.(1)
No, a cell phone, is 99% of time when not in use, merely a radio receiver, which uses a lot less power. They watch the incoming signal, and chat with the tower, or a new tower, whenever they don't have enough signal on the old one. (Actually, I think they chat with any new tower they see on general principles.) This makes sure the tower knows who they are. They also do this at apparently random intervals. That's the thingy causing interference in speakers.
When a phone call comes in, the last X towers that saw your phone go 'Hey, I've got a call for phone #8578289829.' or whatever. Hopefully some tower is still close enough for your phone to hear, which then causes your phone to immediately check back in with whatever tower it thinks is best and find out what's happening. It also does this check-in before an outgoing call, which is the major reason it takes two or three second before the phone at the other end starts ringing, and why you can cancel calls after you make them if you're fast enough, which is damn near impossible on land lines.
So, basically, that's your cell phone trying to hook up to the network, as opposed to just passively watching the cell tower strength. I actually think it's even more complicated than that, and your cell phone and tower have to negotiate a time slice and private frequency and all sorts of crap, at least for actually connecting calls to the phone. (It would be sorta stupid to have to do that just say 'I am here' and then disconnect.)
Aptly, my phone just did that while I was typing this.
1) Incidentally, that would be the way to figure out if your cell phone is bugging you. Talking to people usually takes about ten times as much power as not, so there's your test. You can probably get exact power meter software instead of having to use that little bar.
That will only work for a simple phone. (Score:2, Interesting)
why not simply connect one of those flashy LED thingies to your phone?
Because newer phones can act as voice recorders and transmit the data later. You don't really think that an ordinary cell phone connection would have sufficient quality do you? It would be much better to make a high quality voice recording and transmit it as a file late at night or while the target is actually using the phone to talk or upload their favorite pictures to Photobucket. Internet capable phones can do all sorts of things regardless of your subscriber allowing you to benefit or not. They are computers with a good chunk of flash memory.
Re:First Privacy, Then Those Other Freedoms... (Score:3, Interesting)
A man living under the Franco dictatorship asked a sympathetic secret policeman how to stay out of trouble with the government.
The secret policeman didn't pull out the usual lie "If you have nothing to hide, you have nothing to fear". The secret policeman didn't say "Just obey the law". The advice was far simpler:
"Be invisible".