Vodafone, one of the world's largest mobile phone groups, has revealed the existence of secret wires that allow government agencies to listen to all conversations on its networks, saying they are widely used in some of the 29 countries in which it operates in Europe and beyond.
The company has broken its silence on government surveillance in order to push back against the increasingly widespread use of phone and broadband networks to spy on citizens, and will publish its first Law Enforcement Disclosure Report on Friday. At 40,000 words, it is the most comprehensive survey yet of how governments monitor the conversations and whereabouts of their people.
The company said wires had been connected directly to its network and those of other telecoms groups, allowing agencies to listen to or record live conversations and, in certain cases, track the whereabouts of a customer. Privacy campaigners said the revelations were a "nightmare scenario" that confirmed their worst fears on the extent of snooping.
In Albania, Egypt, Hungary, India, Malta, Qatar, Romania, South Africa and Turkey, it is unlawful to disclose any information related to wiretapping or interception of the content of phone calls and messages including whether such capabilities exist. (more)
...the cops deployed a secretive device called a stingray, which operates as a fake cell phone tower used to track targeted phones.
Though law enforcement typically fights attempts to learn how stingrays work or how often they are used, a court victory by the American Civil Liberties Union (ACLU) has just unsealed Tallahassee police testimony of exactly how the 2008 cell phone hunt happened.
This newly released transcript (PDF) provides what is likely the first-ever verbatim account of how stingrays are used in actual police operations. And it shows that stingrays are so accurate, they can pinpoint the very room in which a phone is located. (more)
...Like any magic trick, the most plausible method of eavesdropping through a switched-off phone starts with an illusion. Security researchers posit that if an attacker has a chance to install malware before you shut down your phone, that software could make the phone look like it’s shutting down—complete with a fake “slide to power off” screen. Instead of powering down, it enters a low-power mode that leaves its baseband chip—which controls communication with the carrier—on.
This “playing dead” state would allow the phone to receive commands, including one to activate its microphone, says Eric McDonald, a hardware engineer in Los Angeles. McDonald is also a member of the Evad3rs, a team of iPhone hackers who created jailbreaks for the two previous iPhone operating systems. If the NSA used an exploit like those McDonald’s worked on to infect phone with malware that fakes a shutdown, “the screen would look black and nothing would happen if you pressed buttons,” he says. “But it’s conceivable that the baseband is still on, or turns on periodically. And it would be very difficult to know whether the phone has been compromised.”
The Solution
McDonald suggests users turn off their iPhones by putting them into device firmware upgrade (DFU) mode, a kind of “panic” state designed to let the phone reinstall its firmware or recover from repeated operating system crashes. In DFU mode, says McDonald, all elements of the phone are entirely shut down except its USB port, which is designed to wait for a signal from iTunes to install new firmware. (more)
P.S. If you do this, be sure to watch the tutorial about getting your iPhone out of DFU mode.
UK - A cyber stalker who bugged computers to spy on women has walked free from court with a 12-month suspended sentence and a fine.
Andrew Meldrum, 30, secretly installed spying software on his victims' computers, allowing him to access private, nude pictures taken covertly.
Andrew Meldrum's 11,000 covert images included some of one victim naked, in her underwear, on the toilet and "in positions of intimacy". Credit: Police handout
Meldrum admitted three counts of unauthorized access to computer material and was found guilty of two counts of voyeurism after a trial at Woolwich Crown Court.
One of his victims wept in court and held her head in her hands at the sentence. (more)
Law-Enforcement Requests to Monitor Cellphones Are Routinely Sealed—And Stay That Way
In eight years as a federal magistrate judge in Texas, Brian Owsley approved scores of government requests for electronic surveillance in connection with criminal investigations—then sealed them at the government's request. The secrecy nagged at him.
So before he left the bench last year, the judge decided to unseal more than 100 of his own orders, along with the government's legal justification for the surveillance. The investigations, he says, involved ordinary crimes such as bank robbery and drug trafficking, not "state secrets." Most had long since ended.
A senior judge halted the effort with a one-paragraph order that offered no explanation for the decision and that itself was sealed. Mr. Owsley's orders remain buried in folders in a federal courthouse overlooking Corpus Christi Bay. "It's like something out of Kafka," says Mr. Owsley, recently a visiting law professor at Texas Tech University. (more)
Indonesian President Susilo Bambang Yudhoyono allowed journalists to listen in to a conversation with Australia's leader Tony Abbott, the BBC reported.
Australia's ABC quoted top-level Indonesian sources as saying the eavesdropping was a "mistake."
Reporters were apparently in the same room as Mr Yudhoyono during the call and one of them recorded the exchange.
The two leaders are due to meet this week, with tension still high over claims of Australian spying. (more)
The Bahamas - A top hotel executive doesn’t believe the Bahamas’ tourism industry will be affected by revelations that the US’ National Security Agency (NSA) may be recording all cell phone calls in the country.
Baha Mar’s Senior Vice President Robert Sands said yesterday that the allegations of cell phone spying probably happens to many other countries around the world.
We all live in different communities from different parts of the world where the government makes the best decision that’s in the best interest of the sovereignty of its nation,” Mr Sands said, when asked to comment on the allegations and the repercussions they may have on the millions of visitors who visit the country each year.
“It will have no impact on our tourism industry.” (more)
Don't you just love the optimism and élan of Bahamians. No stress. No worries. "It's better in The Bahamas!" (sing-a-long)
Japanese police were Thursday probing the death of a man believed to be a Chinese academic who told his wife he was in danger shortly before he disappeared.
Chi Rui, a lecturer at China's Northeast Normal University, has been missing since May 16, a few days after arriving in Japan.
The 37-year-old telephoned his wife to say he believed someone was eavesdropping on him and following him, and that he was in danger, an official with Kansai International Airport police told AFP.
The academic asked his wife to contact the Chinese embassy in Japan, the official said.
On Wednesday the body of a man was found by a construction worker in the sea near a pier at the airport in western Japan...
"We are investigating to determine whether this death is the result of an accident or a crime," the official added.
In March, a Japan-based Chinese academic went missing on a visit to China. That came after the release by Chinese authorities of another academic who disappeared while visiting his home country in July last year amid espionage claims. (more)
Software used by law enforcement organizations to intercept the communications of suspected criminals contains a litany of critical weaknesses, including an undocumented backdoor secured with a hardcoded password, security researchers said today.
In a scathing advisory published Wednesday, the researchers recommended people stop using the Nice Recording eXpress voice-recording package. It is one of several software offerings provided by Ra’anana, Israel-based Nice Systems, a company that markets itself as providing "mission-critical lawful interception solutions to support the fight against organized crime, drug trafficking and terrorist activities." The advisory warned that critical weaknesses in the software expose users to attacks that compromise investigations and the security of the agency networks.
"Attackers are able to completely compromise the voice recording/surveillance solution as they can gain access to the system and database level and listen to recorded calls without prior authentication," the researchers from security consultancy SEC Consult wrote. "Furthermore, attackers would be able to use the voice recording server as a jumphost for further attacks of the internal voice VLAN [virtual local area network], depending on the network setup." (more)
Early Tuesday, a number of Australian iPhone and iPad owners awoke to find their devices locked, with an alert asking for $50 to $100 to give access back. The lesson: It's easier than you think for someone to get into your Apple products -- even if a thief doesn't have the actual iPhone in his or her hands.
One way to make yourself that much safer? Start using two-step verification for your Apple ID.
When you enable two-step verification, Apple will make you prove you're actually you whenever you buy anything on iTunes, the App Store or the iBooks Store. It works like this: Apple will text you a code anytime you try to sign into your Apple account to make a purchase. You will then have to input that number to verify your identity. That way, nobody else can access your account unless they have both your password and your device, making it far more difficult to steal your identity and credit card information.
Here's how you do it... (more)
On Monday The Intercept reported, based on documents leaked by Edward Snowden, that the NSA is able “to vacuum up and store the actual content of every conversation” in the Bahamas and an unnamed country.
Editor Glenn Greenwald said The Intercept didn’t reveal the country because they were “very convinced” that doing so would lead to “deaths.”
After a heated discussion between WikiLeaks, Greenwald, Intercept Editor-In-Chief John Cook, and American WikiLeaks hacker-turned-Der Spiegal contributor Jacob Appelbaum, WikiLeaks tweeted that it will reveal the name of the second country being spied on by the NSA. (more)
Former U.S. Defense Secretary Robert Gates said on Wednesday that China is far from the only country that uses its intelligence services to steal trade secrets and technologies from U.S. businesses.
“What we have accused the Chinese of doing, stealing American companies’ secrets and technology is not new, nor is it done only by the Chinese. There are probably a dozen or 15 countries that steal our technology” in this manner, Gates said during a moderated conversation with Fareed Zakaria on Wednesday hosted by the Council of Foreign Relations in New York City.
In fact, according to Gates—who has also served as the director of the CIA—the U.S. is nearly “alone in the world in not using our intelligence services for competitive advantage of our businesses.” (more)
We've been wrestling with this moral dilemma for too long. Even Henry L. Stimson got off his high horse eventually.
The smartphone encryption startup Silent Circle announced
a boost in funding Wednesday, grabbing $30 million in investment capital ahead of the June shipping of its signature Blackphone, which the company says can deflect cybersnooping.
The announcement came a day before the House of Representatives on Thursday approved a bill that would end mass spying by the National Security Agency (NSA)...
Silent Circle’s founder, however, warned that Blackphone still wouldn’t deter the most determined efforts of the National Security Agency to monitor mobile phones. (more)
P.S.
