Latest Snowden Leak Reveals NSA's Ability To Tap Your Mobile Phone

from the no-matter-what-phone-it-is dept

The latest article coming out of Ed Snowden's documents is reported in the German publication Spiegel and details how the NSA is able to access data from basically every popular mobile phone/operating system:
The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. Top secret NSA documents that SPIEGEL has seen explicitly note that the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google's Android mobile operating system.

The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been.

The documents also indicate that the NSA has set up specific working groups to deal with each operating system, with the goal of gaining secret access to the data held on the phones.
The "location" tidbit is particularly interesting, in part because that's one point that Senator Ron Wyden has asked the NSA to discuss repeatedly: whether or not it's tracking people's location info based on their mobile phones, and the NSA has denied that they do (or, rather, indicated that they're not doing that currently).

As for the Blackberry, that's often been pitched because it was supposedly much more secure than other phones -- but the NSA figured out how to get around that. And here's an interesting tidbit: for a little while, they lost access because RIM changed how it encrypted its data:
The documents suggest the intelligence specialists have also had similar success in hacking into BlackBerrys. A 2009 NSA document states that it can "see and read SMS traffic." It also notes there was a period in 2009 when the NSA was temporarily unable to access BlackBerry devices. After the Canadian company acquired another firm, it changed the way in compresses its data. But in March 2010, the department responsible declared it had regained access to BlackBerry data and celebrated with the word, "champagne!"

The documents also state that the NSA has succeeded in accessing the BlackBerry mail system, which is known to be very secure. This could mark a huge setback for the company, which has always claimed that its mail system is uncrackable.
The 2010 cracking of Blackberry data is interesting, because we've noted previously that the NSA had claimed a "major" breakthrough in breaking encryption in 2010. This was first reported by James Bamford a few years ago, and discussed in more detail just last week with the revelation about their encryption hacking efforts. These may have been different breakthroughs, but interesting to see the timing.

Either way, it's yet more confirmation of the capabilities of the NSA to tap into almost anything if it really wants to.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    RyanNerd (profile), Sep 9th, 2013 @ 5:45am

    Big Brother celebrates with champagne

    Apparently they are now drunk with power.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    quawonk, Sep 9th, 2013 @ 5:50am

    Next up: PC operating systems. Windows, Mac, even Linux. You heard it here first.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      art guerrilla (profile), Sep 9th, 2013 @ 6:54am

      Re:

      i'm betting that was done first, they are fat targets; the cellyphones had at least *some* efforts at a secure environment...
      PC's, not so much...

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        Arthur Moore (profile), Sep 9th, 2013 @ 11:17am

        Re: Re:

        The sad thing is the reason why cell phones make the effort.

        It's not about good will. First, it was because carriers liked the lock in. Remember those old java phones where the only way to get new ringtones was to buy a 30 second clip for $5? The other reason was Steve Jobs and his control freak tendencies.

        If you look at cell phone security, most of it is stupidly weak. The only thing it's good for is keeping non technical users from breaking anything too badly.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 7:32am

      Re:

      That's been the case for at least 15 years, to be fair.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Aqua Regia, Sep 9th, 2013 @ 6:06am

    Communications tapping

    So far Snowden has not any information that was not in the public sphere, or inferable from the information that was. That NSA has had a backdoor into Windows has been known for more than a decade when the source code demonstrated this fact, although it was dismissed at the time by all of this in the "know."

    That cell phones can be turned on remotely, while giving the appearance of being off, has also been known for a long time. Such phones can be used as bugs, not merely for tapping.

    It is well published and documented that the NSA, CIA and possibly others are building enormous data centers in Utah which can hold all the phone communications that any will ever have. With cell tower ping records, the locations of phones at a given time can be established.

    I have no understanding why there is so much foofarah over Snowden's "leaks" to date. It has all been there for anyone who cared to see.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 6:15am

      Re: Communications tapping

      Suspected =\= Proven

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 6:23am

      Re: Communications tapping

      The great thing about the Snowden leaks is that you can't simply brush them off as a "mistake" or something that just happened once but will (allegedly) never happen again.

      The content is so damning, so thorough and shows so many consistent violations of the most basic rights that it is impossible to ignore.

      Look, we both know (or at least suspect) that proprietary software (and sometimes even open-source software...temporarily at least) can be and often is compromised. We also know how to mitigate the damage.

      Now go tell a room of computer illiterates that their operating system is compromised and that they have to switch to Linux right now to protect their rights. The end result will probably be that people will basically tell you to fuck off...I should know: I've done that.

      These leaks at least made people aware of the issues in a way that is impossible to ignore. So much that it even has political representatives asking questions and pressuring the NSA.

      People can still choose to pretend that the problem does not exist, of course. But that's like trying to pretend that the Sun doesn't exist at this point.

      Snowden has done the world a great service.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 7:16am

      Re: Communications tapping

      People claiming those things years ago would be called tinfoil hats and ignored. The leaks are legitimizing a larger diversity of political views in this particular area.

      If nothing else, the dirt and rust getting revealed in these parts of the government machine is encouraging more politicians to look into further transparency and changes to the regulation. Even Obama has caught the inevitability of having to do something about the issues after the leaks.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 7:19am

      Re: Communications tapping

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 7:23am

      Re: Communications tapping

      Because, just like so many other scandals, the original deviance is not what leads to the downfall.

      It's the reaction to revelation of deviance.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      CommonSense (profile), Sep 9th, 2013 @ 8:16am

      Re: Communications tapping


      I have no understanding why there is so much foofarah over Snowden's "leaks" to date. It has all been there for anyone who cared to see.


      Because now it's out there for all those who DIDN'T care to see it...right there in their faces.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      btrussell (profile), Sep 9th, 2013 @ 3:30pm

      Re: Communications tapping

      "...and possibly others are building enormous data centers..."

      Next up, enormously gigantic prisons.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      beltorak (profile), Sep 9th, 2013 @ 11:01pm

      Re: Communications tapping

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 6:14am

    even more important is the fact that yet again, the privacy of people is not only non-existent because of what these 'security agencies' feel it is their right and their need to do, but is regarded as something that they are not entitled to! this attitude is disgraceful! these invasions are disgraceful! there are no excuses for this behaviour at all!! carrying out any of the procedures that all of the security agencies have been doing on ordinary members of the public can not be condoned under any circumstances! even as more is being released on what they have been doing and still are doing, they have not yet stopped! the first order of Congress surely should be to get the surveillance stopped, as of now, with a view to having it permanently terminated in the very near future under a new law if needed! those who have been issuing the orders need to be tried and imprisoned, just as quickly and as surely as they would have tried and imprisoned anyone else for doing the same thing. end of discussion!!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Tigger, Sep 9th, 2013 @ 6:17am

    "the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google's Android mobile operating system. "

    And this is why they killed Symbian!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 6:21am

    One word

    CarrierIQ

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 6:49am

    There's a very serious secondary problem

    It's impossible to weaken security in such a fashion that it can be only exploited by one agency/person/company/entity.

    So the NSA, by subverting standards, weakening crypto, implanting backdoors, has undercut security for everyone.

    In other words, they've made life much easier for pedophiles and spammers, drug gangs and stalkers, rapists and identity thieves, phishers and terrorists -- everyone out there who wants to use technical measures to gather intelligence on their victims or to attack them.

    All those vermin don't have to do the hard work: the NSA did it for them. For free. (Well, not quite: they spent American taxpayer dollars to do it.) All they have to do is piggyback on the NSA's work and reap the rewards. That may still not be easy per se, but it's waaaaay easier than it would be without the NSA's contributions.

    The NSA has done a thousand times the damage that all terrorists combined could do to the US even if they were working double shifts.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Headbhang, Sep 9th, 2013 @ 12:03pm

      Re: There's a very serious secondary problem

      I /almost/ hope for someone to exploit one of those backdoors and cause some mighty mischief just to rub that on the metaphorical face of the NSA.

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        That One Guy (profile), Sep 9th, 2013 @ 2:02pm

        Re: Re: There's a very serious secondary problem

        They'll just claim it's because they don't have enough information/data, and that the attacks just prove that they were right all along.

        Remember, you're dealing with a group of people who firmly believe that 'unintended consequences' are things other people have to deal with, and that those pesky things called 'rules' and 'laws' are more 'guidelines' than things that they need to obey.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    That Anonymous Coward (profile), Sep 9th, 2013 @ 7:07am

    So they created the situation where the 'digital Pearl Harbor' became more possible, causing more money to be spent to protect us... while spending more money to make sure those efforts wouldn't be enough to secure anything.

    Corporations are people now, can we start executing them for treason?
    Money comes in 1 door to make things more secure, and in another door to make sure its not actually secure.
    Maybe it is time to wonder why our leaders listen to these people who are leaving the country far less safe despite being paid to make it safer.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Sep 9th, 2013 @ 7:49am

      Re:

      Not gonna exactly disagree, but nuance a bit. I see the Bullrun project as a complete failure and hopefully it is relatively unique in scope.

      Purposefully weakening security is a luddites work and it should be obvious that it is incredibly damaging to technological development, the companies whose products are getting abused and to the trust in the government for those in the know.

      While procuring vulnerabilities and backdoors is insanity, most of the other programs run on collecting information. While there is a census on this site, that the protection of privacy against government is extremely important, the information they are able to gather that way, would be possible for others to gather anyway, even though it is a much harder task.

      Crude, inefficient and potentially open to abuse, as it is, it is still at least meant to be non-disruptive to the private market (the economics of gathering is always questionable).

      Phone tapping like described in the OP is just another surveillance tool and more "tolerable" to corporations and private citizens than Bullrun.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 7:45am

    Vote for better politicians next time.

    Oh, and do sign a petition.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 7:57am

    huh?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 8:28am

    'tapped' BS

    far to much BS disinformation in these comments. cell phones are not 'tapped' they are fundamentally compromised. nothing to do with carrier IQ. the cell modem has unrestricted/uncountable access to the ram memory, meaning the software can be remotely changed on the fly. tapping, indeed would be tolerable IMHO, but that's not at all how it works. the idea phones are any more secure then PC's is laughable- not that pc's are necessarily secure.

    effectively, you don't own your phone hardware, even if you bought it outright, and took reasonable steps to insure it was solely in your control.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 8:38am

    yowza!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 9:07am

    I wonder exactly how they're tapping into that stuff with Android? If it's code secretly added to the OS before it's deployed, then CyanogenMod users are safe.
    Of course, if it's some subtle flaw in Android's code, like that Windows encryption problem that a couple of Microsoft devs stumbled across, it might have been ported over to CyanogenMod...

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Sep 9th, 2013 @ 9:16am

      Re:

      Or it's a hardware-level backdoor.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Andrew D. Todd, Sep 9th, 2013 @ 10:08am

        How to Squeeze Out Hardware Back-Doors, to John Fenderson, #25

        Well, as to that, one thing one can do to blunt hardware back-doors is to use more FPGA's. A FPGA may not be as efficient as an ASIC, but it is more regular in structure, and it is more of a commodity. One can take a batch of standard FPGA's, pick a sample at random, use acid to dissolve the top covering layers, and make micro-photographs. One can satisfy oneself that the structure is, in fact, regular, that it consist of rows of logic cells, separated by buses of data lines. The manufacturer cannot know what a particular FPGA is going to be used for, and does not know what kind of back door to design in.

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Lord Binky, Sep 9th, 2013 @ 9:25am

    I wonder how many security flaws revealed at black-hat conferences are actually just the backdoors that the NSA had implimented. It would explain alot of the corporate reaction to those flaws being revealed, since it messess with their NSA relations.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Hambone, Sep 9th, 2013 @ 10:02am

    The news keeps on coming, and now I fear that the general populace has developed a callus so thick that the fact that we're all being spied on "Big Brother" style is no longer shocking.

    Is congress, or any other legally-empowered, governmental entity going to DO anything here?

    Internet protests unfortunately carry little to no weight in the real world. The most important thing is to get mainstream media back into looking at this. I want to do help, but have no idea how to start.

    It's not like all this foreign spying was able to prevent the release of Sarin in Syria.

    [dons tinfoil hat]
    Or was the release of Sarin in Syria a ploy to distract from the domestic spying?

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Lord Binky, Sep 9th, 2013 @ 12:53pm

      Re:

      Constant outrage and anger at an outside entity is one of the requirements for the Big Brother structure to work. That's ok though, we all love big brother right? Crap, or is it we hate big brother so we are allowed to live longer. I don't remember now!

       

      reply to this | link to this | view in chronology ]

      •  
        icon
        beltorak (profile), Sep 9th, 2013 @ 11:12pm

        Re: Re:

        You seem confused, citizen. You have been automatically registered for a short, relaxing stay at the nearest reeducation facility. Government officials will be with you shortly to assist you and see to any traveling issues you might have. Try to stay calm.

        Remember, we are from the government, and we are here to help.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    MIAmobi (profile), Sep 9th, 2013 @ 12:26pm

    Privacy

    It's more then the NSA. There are solutions but until we get proper legislation making app developers have you op in instead of opting out, you will never know what you have downloaded to your mobile device. There will be a backlash as people learn how their privacy has been compromised

    Using a SilentPocket™ allows you to take control of your own privacy when it comes to Smartphone tracking. MIAmobi™ addresses this issue and many more problems associated with mobile devices.
    With over 1,500,000 mobile app developed for smartphones, many of which are stealth and are eavesdropping on your every move. Some are capable of turning on functions on your phone like your mic, camera, GPS, address book and more, even when it has been turned off. There is only one way to stop this if you really want to know for sure that you have control of your mobile device is to block all forms of wifi coming in or going out. Get informed MIA-mobi.com

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 12:56pm

    So now you see Snowden wasn't paranoid at all asking the reporters to remove batteries from their cellphones and put them into a refrigerator.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Sep 9th, 2013 @ 2:25pm

    I will be the 1st to by a smartphone that comes with free and open source drivers for hardware components. Components such as cellular modem, GPS receiver and graphics chip.

    Such a phone will probably be declared illegal though. The spies will state it doesn't 'fully' comply with 'Enhanced 9-1-1' because the GPS chip could be turned off by the user.

    Ahhh, good 'ol Enhanced 9-1-1. Policy laundering at it's finest! Require GPS tracking for every smartphone in the world, under the guise of 'safety'.

    They're always doing it for your own good! ;)

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Arun, Sep 10th, 2013 @ 9:04am

    Snowden

    There is a website to remeber Snowden www.sweetsnowden.com

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    wilson booter, Sep 14th, 2013 @ 10:50pm

    Appreciation

    we are very thankful to you for sharing your views with us.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    tom selig, Sep 23rd, 2013 @ 4:19pm

    your smartphone is dangerous

    Yes, the smartphone is your biggest enemy when it comes to privacy. What to do about it ? Become smart yourself. You can either use an old fashion not so smart phone and only switch it on when you need it, the rest of the time you can set it to "flight mode" which will prevent the phone to send any signals to the next cell tower. Furthermore you can start snooping yourself .... providing you do have a smart phone: www.mspy.com will give you most of the NSA Powers. It may be illegal in most countries but who cares when it comes to snooping ?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    techmortal, Nov 10th, 2013 @ 11:30pm

    News

    Hi Friend !
    Increase Your Knowledge with Latest Technology News Website :
    Website URL is : http://www.techmortal.com
    If you feel that this website is very informative then share with your good friends.
    Thanks.

    Visit: techmortal.com

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    calmemobiles, Jan 2nd, 2014 @ 10:21am

    Hi Friend

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jan 5th, 2014 @ 11:13pm

    Anyone using conftxt.com? advice please!

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    kaif, Feb 10th, 2014 @ 8:42pm

    Nice

    I am not indicating you’ll want to certainly be a fitness center rat to have beautiful pores and skin, but having a very good brisk midday walk or bicycle trip twice a week and making sure you set a healthier rest routine will do miracles for the pore…

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Kylee, Feb 14th, 2014 @ 10:11pm

    Mobile phone taps

    Is it possible to tap a mobile & have a 3rd person talk during conversations with incoming & outgoing calls?
    Conferencing is not enabled.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This