Topics > Science, Technology, & Medicine
More Proof of Your Telephone Being a Spy
Delnorin:
My wife started to laugh at me when I started taking my battery out of my phone at night. The guys at work when we would get into political conversations would also chuckle when I took the battery out of my phone.
It's a great burden being informed about the real world when everyone around you is a sheep.
Here's a bit of video of a guy hooking up his phone and finding hidden software/programs on it that bypass your passwords and encryption and keeps track of your location, sms messages, every google search, every key stroke you ever do on your phone. Also gives it permission/ability to send that data..... where?
http://www.youtube.com/watch?v=T17XQI_AYNo&feature=player_embedded#
My Source:
http://www.theblaze.com/stories/secret-data-and-keystroke-logging-software-revealed-on-millions-of-smartphones/
Most of us don’t know exactly what software is installed on our phones when we purchase them. All that seems to matter is that it works. But when Android developer Trevor Eckhart found software installed on many popular mobile devices that logs every single one of your keystrokes — phone numbers dialed, text messages, encrypted web searches, etc. — people started to listen.
Last week, Wired reported that Eckhart had found a program called Carrier IQ installed rather secretly on smartphones; its a program that can track almost anything happening on your mobile phone. Carrier IQ threatened Eckhart, who had posted research and manuals on his website, saying he was in breach of copyright law and could face financial charges. But Eckhart didn’t back down.
In fact, Eckhart has released a new video and research showing Carrier IQ at work on a phone, according to Wired. The company’s website says the program is used to give “manufacturer’s unprecedented insight into their customer’s mobile experience.” Wired states that Carrier IQ said the software is used to gather “information off the handset to understand the mobile-user experience, where phone calls are dropped, where signal quality is poor, why applications crash and battery life” — not logging keystrokes.
But Eckhart‘s demonstration shows otherwise:
Now, as Eckhart notes in the video, his demonstration is shown on an HTC phone but he mentions he’s seen such software on other phones like Android, Blackberry, Nokia and more. Eckhart describes the software on his website as a “rootkit“ that is ”enabling someone continued privileged access to our computers“ and is ”hidden in nearly every part of our phones.”
Wired and Eckhart are unsure of how this software is covered under a privacy policy.
“If HTC’s privacy policy doesn’t cover the information collected by Carrier IQ, it’s unclear whose privacy policy does,” Eckhart wrote on his website. “Carrier IQ has a minimal privacy policy (http://carrieriq.com/company/privacy.htm), but it says, ‘Our products are designed and configured to work within the privacy policies of our end customers[.]‘ So whose policy covers this data — Carrier IQ, or the phone manufacturer, or the carrier? Nobody knows for sure.”
Eckhart writes, “An application should never be this hard to fully remove for security reasons — especially out of contract — when it serves no good purpose for the user, and its use should be opt-in ONLY.”
Last week, Wired reported that the Electronic Frontier Foundation came to Eckhart‘s rescue when he was threatened with legal action by Carrier IQ:
“I’m mirroring the stuff so other people are able to read this and verify my research,” he said. “I’m just a little guy. I’m not doing anything malicious.”
The company is demanding Eckhart retract (.pdf) his “rootkit” characterization of the software, which is employed by most major carriers, Eckhart said.
The EFF says Eckhart’s posting of the files is protected by fair use under the Copyright Act for criticism, commentary, news reporting and research, and that all of Carrier IQ’s claims and demands are “baseless.” (.pdf)
[...]
Marcia Hofmann, an EFF senior staff attorney, said the civil rights group has concluded that “Carrier IQ’s real goal is to suppress Eckhart’s research and prevent others from verifying his findings.”
Wired had the opportunity to interview Carrier IQ’s marketing manager Andrew Coward who said the company should have control of distributing materials. Coward did acknowledge that if they wanted to look at text messages the probably could, but that wasn’t the point of the program, which is designed for metric analysis.
Afterward, Carrier IQ released a message of apology to Eckhart, CNET reported:
“Our action was misguided and we are deeply sorry for any concern or trouble that our letter may have caused Mr. Eckhart,” the company said in response to the EFF’s letter. “We sincerely appreciate and respect EFF’s work on his behalf, and share their commitment to protecting free speech in a rapidly changing technological world.”
It did use this apology as another opportunity to say that the company does not use the software to record keystrokes, provide tracking tools, inspect or report content of communications, or provide real-time data to any customer.
Sprint admitted to CNET that it was a Carrier IQ customer but sides with the software company in that it doesn’t use the data to spy on customers but to “understand device performance.”
Weisshaupt:
--- Quote from: Delnorin on November 30, 2011, 02:30:35 PM ---My wife started to laugh at me when I started taking my battery out of my phone at night. The guys at work when we would get into political conversations would also chuckle when I took the battery out of my phone.
--- End quote ---
If you root your phone you can get a load without this stuff if it worries you. Then you can leave your phone on at night,so you can, you know, get that call that your kid is at the police station. I don't worry too much about this, even if they are tracking me, they can't possibly sift through all of the data for everyone-- I am sure they mostly use it for just what they say- aggregate data to track network problems. that doesn't mean there aren't back-doors to let you be tracked if Law enforcement wants it, nor that they would necessarily need a warrant. But really, if you are going to commit a crime, don't bring your cell phone. Duh. Don't record the crime. Duh. Don't tweet it to your friends and put it on your facebook page. Duh. (People have done these things with staggering regularity)
And if you want to have smart phone while committing crimes I suggest rooting the phone, getting a custom build of the OS and using a VoIP client that supports TLS and SRTP so at least they will have to do some work to decrypt it. Set up your email to use PGP. Use anonymous and https secured web proxies in foreign countries. Access the internet from Hotel Lobby wireless connections and other "free" access at coffee shops. Or even your idiot neighbor's unsecured WiFI.
Law enforcement is just lucky that the criminals they have to go after are so stupid. Once Obama decides to make all smart and productive people criminals, they will have a whole other order of crime to deal with.
Delnorin:
--- Quote from: Weisshaupt on November 30, 2011, 03:08:56 PM ---
--- Quote from: Delnorin on November 30, 2011, 02:30:35 PM ---My wife started to laugh at me when I started taking my battery out of my phone at night. The guys at work when we would get into political conversations would also chuckle when I took the battery out of my phone.
--- End quote ---
If you root your phone you can get a load without this stuff if it worries you. Then you can leave your phone on at night,so you can, you know, get that call that your kid is at the police station. I don't worry too much about this, even if they are tracking me, they can't possibly sift through all of the data for everyone-- I am sure they mostly use it for just what they say- aggregate data to track network problems. that doesn't mean there aren't back-doors to let you be tracked if Law enforcement wants it, nor that they would necessarily need a warrant. But really, if you are going to commit a crime, don't bring your cell phone. Duh. Don't record the crime. Duh. Don't tweet it to your friends and put it on your facebook page. Duh. (People have done these things with staggering regularity)
And if you want to have smart phone while committing crimes I suggest rooting the phone, getting a custom build of the OS and using a VoIP client that supports TLS and SRTP so at least they will have to do some work to decrypt it. Set up your email to use PGP. Use anonymous and https secured web proxies in foreign countries. Access the internet from Hotel Lobby wireless connections and other "free" access at coffee shops. Or even your idiot neighbor's unsecured WiFI.
Law enforcement is just lucky that the criminals they have to go after are so stupid. Once Obama decides to make all smart and productive people criminals, they will have a whole other order of crime to deal with.
--- End quote ---
I did root my phone. It took me 3 days of Google searching and reading forums to figure it out.. but I did that before I loaded anything on my phone.
The act of rooting the phone though.... to my understanding... is illegal. Or does it just break my contract with Verizon? What trouble can I really get in for doing that? The salesman at Verizon whispered to me to research rooting the phone ("but I didn't tell you") sort of a thing when I got the phone. I wanted to use it as an internet service. With my Blackberry I could just plug in the USB cord and wham... internet connection. When I switch to the Android, Verizon had blocked being able to do that because they want to charge you $30 a month for a 4 GB limit.... bah... rooting it... is free and I have an unlimited limit.
Anyway... yeah.. not planning on engaging in any crimes.. but.. .you know.. yes I do plan on engaging in crimes. Like reading my Bible, meeting with like-minded men and women to discuss the U.S. Constitution.. things like that. But yes... like going to meet that Navy Seal group... my battery comes out of my phone before I get anywhere near his house.
My issue is that, yeah... they don't have the time to focus law enforcement on everyone.. just the trouble makers. Well... I own guns, I read the Bible, I speak out against Marxism... I think I'm high on the list.
Weisshaupt:
--- Quote from: Delnorin on November 30, 2011, 03:16:27 PM ---I did root my phone. It took me 3 days of Google searching and reading forums to figure it out.. but I did that before I loaded anything on my phone.
The act of rooting the phone though.... to my understanding... is illegal. Or does it just break my contract with Verizon? What trouble can I really get in for doing that?
--- End quote ---
Well, you want to make sure you root and load with an image that doesn't include the spyware. I haven't been able to confirm ( or deny) that verizon uses that CID system, but if they don't I would bet they use something similar. My understanding is that a root invalidates the warranty on the device, and of course by avoiding the tethering fee you are breaking the service contract ( I occasionally do it too.. I found a way to do it on my OG droid without rooting using an APP that exploits a USB development mode) If you ever had trouble with the device you can just load the original image back on and Big Red should be none the wiser.
--- Quote from: Delnorin on November 30, 2011, 03:16:27 PM ---My issue is that, yeah... they don't have the time to focus law enforcement on everyone.. just the trouble makers. Well... I own guns, I read the Bible, I speak out against Marxism... I think I'm high on the list.
--- End quote ---
If you are on a list already you can bet thy have your name correlated with your SN (if you ever filled it out on your NICS check) and from there they can link to anything - tax forms, medical records, employment records, you kid's school records, property deeds, so on and so forth. They know where you live. The only info your cell phone gives away is the current location unless you pulled a Bruce Banner and are pretending to be dead and using an assumed name. And even then, they will just use other methods.
I had contact with a Green Beret recently.. I don't know if I should believe him or not, but he says he had someone in front of his house rechecking his home GPS co-ords, and claimed other military "in the know" confirmed that. . He is highly trained and could effectively train and lead a civilian force. He thinks they were marking his house for targeting purposes. Or he was pulling my leg. Who knows.
Bottom line, if the SHTF so bad that we have martial law, a complete break down of the rule of law, and a full on police state, you just WILL NOT win an information war with them. Yeah, you can make it harder for them, while making it harder on yourself. But if they want to know something, chances are they will find a way to do it. Safety in the herd is the only recourse. If they decide to do surveillance they will succeed- especially if you plan to use any sort of modern communications.
Delnorin:
Soon after the Census I heard tell in several sources (cable tv, radio) that the feds had people going around marking the doorsteps of homes with GPS... correlating data.
Navigation
[0] Message Index
[#] Next page
Go to full version