Speculation On Large-Scale Phone Location Snooping 234
An anonymous reader recommends a speculative blog entry by Chris Soghoian up on CNet. Soghoian makes a convincing case that the NSA could be using loopholes in the law to gather real-time location information on the mobile phones of millions of people. There is no hard evidence that this is happening, but the blog post sheds light on the dense undergrowth of companies populating the wireless space that could be easy pickings for a National Security Letter with a gag order attached. "While these household names of the telecom industry [AT&T, Verizon, and Sprint] almost certainly helped the government to illegally snoop on their customers, statements by a number of legal experts suggest that collaboration with the NSA may run far deeper into the wireless phone industry. With over 3,000 wireless companies operating in the United States, the majority of industry-aided snooping likely occurs under the radar, with the dirty work being handled by companies that most consumers have never heard of."
Why? (Score:2, Interesting)
Location snooping is only the beginning (Score:2, Interesting)
I was recently hired by a company that works on classified information. Cell phones are not allowed, by DOD policy. The risk lies in the ability of [??] to remotely activate the phone and eavesdrop on the microphone. This wasn't a joke, several people believe the capability already exists.
Too many people would know (Score:4, Interesting)
It is easy to keep a secret: tell no-one! Two people can only keep a secret if one or both of them are dead.
Sure, the NSA could try. Maybe even under a legal smoke-screen. The problem is the gag order wouldn't stick. Too many people would need to know, or see the traffic. Somebody, somewhere would leak. Lots of good, anonymous ways. And it is not as if they're comitting treason.
Besides, I don't think this would yield much. Anyone concerned with surveillence should have their cells turned off unless making a call or expecting incoming/gathering txts. More concerned invidividuals will use disposible phones.
siiiiigh, no... (Score:5, Interesting)
I was recently hired by a company that works on classified information. Cell phones are not allowed, by DOD policy. The risk lies in the ability of [??] to remotely activate the phone and eavesdrop on the microphone. This wasn't a joke, several people believe the capability already exists.
Having the cell phone remotely activated is the least of their concerns. They're more concerned about YOU activating it, or using it to store something.
I have a friend who works on classified stuff too (as does just about anyone who works in DC/Maryland.) They have a room that is for use of classified systems and materials.
Cell phones etc are kept outside because everything that goes in, stays in, so that it can't be used to bring something out. For example, he took a USB mouse in, and had to buy a new one to replace it- they wouldn't let the USB mouse out, because it could be used to hide stuff. Maybe it had been modified with memory, or opened up and something classified stuffed inside the case. Etc.
Re:Location snooping is only the beginning (Score:4, Interesting)
This has been possible for a long time already. The Nokia 5160i released in 1998 could be used to eavesdrop. Simply short the answer button to the light up key pad. Toss it in a room and call it at your convenience. The phone will answer immediately without ringing.
1984 is now affordable (Score:4, Interesting)
305,063,243 Americans
talk 0.11 hours per day on the phone or 6.6 minutes on average per day or 2,409 minutes a year
or 734,897,352,387 total minutes a year
Using GSM cellphone audio compression technology of 5.6kbps or 336kbpm or 246,925,510,402,032 kb/year or
30,865,688,800,254 KB/year
or
30,142,274,219 MB/year
or
29,435,815 GB/year
or
28,746 TB/year
or
28 PB/year
and if you assume people mostly talk to other Americans you only need to record half of the conversions
or 14 PB/year
1TB drive currently costs about $200 or
$3 million dollars to store all the made calls in the US in a year plus overhead.
Encrypted Mobile PHones (Score:5, Interesting)
At this point, I think it's pretty clear that people need a secure way to perform key exchange with friends and have the keys stored and the conversations decrypted off of their mobile phone devices.
Why aren't such systems in the consumer space yet, and cheap?
Re:This is why I keep my phone powered off.... (Score:5, Interesting)
Without encryption, your expectation of privacy should be no more than that of a ham radio operator.
That said, the article seems to be about phone location snooping — somebody, somewhere records where you (or, rather, your phone) were, and not, what you said. Encryption will not help you here, but your privacy is not violated either — or not nearly as much, as the "Heil Bush" moron [slashdot.org] would like you to think.
It is not even illegal — for example from an earlier era, consider the fact, that although the contents of your mail correspondence is private, the fact of the correspondence is not. The government can observe/record/use against you the fact, that you wrote to so-and-so and/or received letters from such-and-such even if it does not know, what was written, because it could not (or would not) obtain a warrant to open up your mail.
Re:All I can say... (Score:4, Interesting)
I think one can reasonably take the position (like I do) that I might be annoyed if something private about my life were to be released. My credit card number, for example, or conversations I have with friends and relatives. But I wouldn't be ashamed or otherwise hurt.
I may not want it to be released, but if it were released, the only major harm would be my annoyance.
Demand privacy. Do not require it, or you will become a slave to it. You can't be blackmailed if you have no secrets...
Privacy is an illusion, (Score:3, Interesting)
See, people like to think that nobody else knows about them. At least, when they don't want anybody to.
But the truth is that when you are in public, there's this horrible electromagnetic vibration generated by a large source (called the "sun") which generates EM radiation. Almost without exception, some of these EM rays will bounce off you and be detectable by other biological units that contain passive EM radiation sensors. (eyes)
Once so recorded by biological units, the information about your whereabouts is thereafter not private at all. Said biological unit might be your wife, who may or may not appreciate the red-head's hand that you are holding at the fancy restaurant you told her last week was "too expensive" for a Friday night date.
Get over it! The problem isn't the PRIVACY of your data but its TRANSPARENCY.
When your county's land ownership is a matter of record as a piece of paper at the county office (circa 1960) the fact that it's "public record" is no big deal, because there's a certain amount of privacy in the fact that, to find out who owns your house, somebody has to physically go to the county office, talk to the extremely overweight clerk (the one in the white sweater with breasts the size of small watermelons) in order to view the deed for your street address, and then write that down to know who you are.
But it's different when there's a website with your house ownership, phone number, social security number, and just about everything else known about you, available with a mouseclick or a google search. I just searched my home address, and found that google dutifully returned my name, and both of my home phone numbers. It took me another 2-3 minutes to search and get my SSN.
Privacy? Fat chance. And anything that uses the airwaves is, by definition, part of a public resource. You are no private with your cell phone, cellular card, or wifi card than you are with the sunlight and your wife.
Get used to it. Decide if it's worth it, and make up your mind.
Re:All I can say... (Score:2, Interesting)
I feel the same way about email. I keep my email application closed except when I feel like emailing people. I don't have email so people can email me whenever they feel like it. Its so I can email them. And when I send emails, I don't even check what people have sent me.
Hopefully, the people I email don't work the same way. Then every one would turn off their phones^w email and no one would ever be able talk to each other.
It is obviously your choice, but if you think about, why would you have a cell phone at all? If its there for your own convenience, and all of your friends phones are for their convenience, and you don't expect them to answer when you call. The only reason you would have for a cell phone is to call businesses.
Or I suppose you could arrange phone calls over email....
Comment removed (Score:3, Interesting)
Re:Loopholes? (Score:3, Interesting)
With about 1000 dollars of radio gear and gnuradio, I could set up a similar system. If I dump 1000 more into an fpga I can passively crack a phone call every 30 minutes. This was demonstrated, and code was released 2 years ago. It has also been on the market since at least 2001.
Sure, I think it would be dumb if our three letter agencies were wasting our tax dollars on this, but I don't really see any legal issues here. This tech is even currently deployed in many shopping malls around the country so market researchers can see what sets of stores people like to visit.
To me it equates to "OMG the GOVMNT can use wireshark to see what websites I'm looking at!" By now this is public knowledge, and can be used offensively or defensively by anyone. I sort of have a pretty liberal view that once the information is in the air, it's fair game for interception.
It all began in germany, ever heard of ww2? (Score:2, Interesting)
The populace didnt think it was wrong either to letting the church or local govt know your religeons or history or gayness.
Then the psychos took over germany, had all the census data, and thought - wow theres a lot of scum around, lets purge.
The people rule, not the govt.
Friends map relational diagrams. (Score:2, Interesting)
Ages ago like in the 90s, when documentaries used to show all the fbi secrets, one showed how they used a relational map between criminals and friends, who knew who how often and for how long, this made a nice tidy pretty map, that could show hidden relationship layers or indirect 'friends'.
If facebook did this it would be amazing. Iam sure that old program has been expanded to every citizen and foreigner.
Surveillance's contribution to law enforcement (Score:3, Interesting)
These claims are often made by privacy advocates [epic.org], but other sources have the opposite view [bbc.co.uk].
However, even the EPIC acknowledge, that there was some contribution made by the CCTV surveillance: "Evidence from Europe, however, suggests that the benefits of CCTV are significantly overstated." They then skillfully juggle the facts: "While the average Londoner is estimated to have their picture recorded more than three hundred times a day, no single bomber has been caught," — omitting completely the case of the fairly high-profile recent case of German train-bombers [wikipedia.org]. The EPIC-guys are not being entirely honest, and you should not be falling for it.
I don't think, a camera is any worse, than a policeman standing there watching. A society just can't afford so many policemen, so we resort to these cameras as productivity tools.
Re:Loopholes? (Score:3, Interesting)
Suggest you read the most recent issue of Scientific American. You'd be surprised what can be done with RFID chips.
It's one thing to read sufficient information to complete a sale; it's something else to just be able to track someone. Also, the "five feet" is what can be accomplished with commercial equipment. Any bets that a higher gain antenna can do better? It may not be convenient for a retail application but it probably is feasible if someone really wants to track you.
Cheers,
Dave