Latest Snowden Leak Reveals NSA's Ability To Tap Your Mobile Phone

from the no-matter-what-phone-it-is dept

The latest article coming out of Ed Snowden’s documents is reported in the German publication Spiegel and details how the NSA is able to access data from basically every popular mobile phone/operating system:

The United States’ National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. Top secret NSA documents that SPIEGEL has seen explicitly note that the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google’s Android mobile operating system.

The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been.

The documents also indicate that the NSA has set up specific working groups to deal with each operating system, with the goal of gaining secret access to the data held on the phones.

The “location” tidbit is particularly interesting, in part because that’s one point that Senator Ron Wyden has asked the NSA to discuss repeatedly: whether or not it’s tracking people’s location info based on their mobile phones, and the NSA has denied that they do (or, rather, indicated that they’re not doing that currently).

As for the Blackberry, that’s often been pitched because it was supposedly much more secure than other phones — but the NSA figured out how to get around that. And here’s an interesting tidbit: for a little while, they lost access because RIM changed how it encrypted its data:

The documents suggest the intelligence specialists have also had similar success in hacking into BlackBerrys. A 2009 NSA document states that it can “see and read SMS traffic.” It also notes there was a period in 2009 when the NSA was temporarily unable to access BlackBerry devices. After the Canadian company acquired another firm, it changed the way in compresses its data. But in March 2010, the department responsible declared it had regained access to BlackBerry data and celebrated with the word, “champagne!”

The documents also state that the NSA has succeeded in accessing the BlackBerry mail system, which is known to be very secure. This could mark a huge setback for the company, which has always claimed that its mail system is uncrackable.

The 2010 cracking of Blackberry data is interesting, because we’ve noted previously that the NSA had claimed a “major” breakthrough in breaking encryption in 2010. This was first reported by James Bamford a few years ago, and discussed in more detail just last week with the revelation about their encryption hacking efforts. These may have been different breakthroughs, but interesting to see the timing.

Either way, it’s yet more confirmation of the capabilities of the NSA to tap into almost anything if it really wants to.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Latest Snowden Leak Reveals NSA's Ability To Tap Your Mobile Phone”

Subscribe: RSS Leave a comment
Arthur Moore (profile) says:

Re: Re: Re:

The sad thing is the reason why cell phones make the effort.

It’s not about good will. First, it was because carriers liked the lock in. Remember those old java phones where the only way to get new ringtones was to buy a 30 second clip for $5? The other reason was Steve Jobs and his control freak tendencies.

If you look at cell phone security, most of it is stupidly weak. The only thing it’s good for is keeping non technical users from breaking anything too badly.

Aqua Regia says:

Communications tapping

So far Snowden has not any information that was not in the public sphere, or inferable from the information that was. That NSA has had a backdoor into Windows has been known for more than a decade when the source code demonstrated this fact, although it was dismissed at the time by all of this in the “know.”

That cell phones can be turned on remotely, while giving the appearance of being off, has also been known for a long time. Such phones can be used as bugs, not merely for tapping.

It is well published and documented that the NSA, CIA and possibly others are building enormous data centers in Utah which can hold all the phone communications that any will ever have. With cell tower ping records, the locations of phones at a given time can be established.

I have no understanding why there is so much foofarah over Snowden’s “leaks” to date. It has all been there for anyone who cared to see.

Anonymous Coward says:

Re: Communications tapping

The great thing about the Snowden leaks is that you can’t simply brush them off as a “mistake” or something that just happened once but will (allegedly) never happen again.

The content is so damning, so thorough and shows so many consistent violations of the most basic rights that it is impossible to ignore.

Look, we both know (or at least suspect) that proprietary software (and sometimes even open-source software…temporarily at least) can be and often is compromised. We also know how to mitigate the damage.

Now go tell a room of computer illiterates that their operating system is compromised and that they have to switch to Linux right now to protect their rights. The end result will probably be that people will basically tell you to fuck off…I should know: I’ve done that.

These leaks at least made people aware of the issues in a way that is impossible to ignore. So much that it even has political representatives asking questions and pressuring the NSA.

People can still choose to pretend that the problem does not exist, of course. But that’s like trying to pretend that the Sun doesn’t exist at this point.

Snowden has done the world a great service.

Anonymous Coward says:

Re: Communications tapping

People claiming those things years ago would be called tinfoil hats and ignored. The leaks are legitimizing a larger diversity of political views in this particular area.

If nothing else, the dirt and rust getting revealed in these parts of the government machine is encouraging more politicians to look into further transparency and changes to the regulation. Even Obama has caught the inevitability of having to do something about the issues after the leaks.

Anonymous Coward says:

even more important is the fact that yet again, the privacy of people is not only non-existent because of what these ‘security agencies’ feel it is their right and their need to do, but is regarded as something that they are not entitled to! this attitude is disgraceful! these invasions are disgraceful! there are no excuses for this behaviour at all!! carrying out any of the procedures that all of the security agencies have been doing on ordinary members of the public can not be condoned under any circumstances! even as more is being released on what they have been doing and still are doing, they have not yet stopped! the first order of Congress surely should be to get the surveillance stopped, as of now, with a view to having it permanently terminated in the very near future under a new law if needed! those who have been issuing the orders need to be tried and imprisoned, just as quickly and as surely as they would have tried and imprisoned anyone else for doing the same thing. end of discussion!!

Anonymous Coward says:

There's a very serious secondary problem

It’s impossible to weaken security in such a fashion that it can be only exploited by one agency/person/company/entity.

So the NSA, by subverting standards, weakening crypto, implanting backdoors, has undercut security for everyone.

In other words, they’ve made life much easier for pedophiles and spammers, drug gangs and stalkers, rapists and identity thieves, phishers and terrorists — everyone out there who wants to use technical measures to gather intelligence on their victims or to attack them.

All those vermin don’t have to do the hard work: the NSA did it for them. For free. (Well, not quite: they spent American taxpayer dollars to do it.) All they have to do is piggyback on the NSA’s work and reap the rewards. That may still not be easy per se, but it’s waaaaay easier than it would be without the NSA’s contributions.

The NSA has done a thousand times the damage that all terrorists combined could do to the US even if they were working double shifts.

That One Guy (profile) says:

Re: Re: There's a very serious secondary problem

They’ll just claim it’s because they don’t have enough information/data, and that the attacks just prove that they were right all along.

Remember, you’re dealing with a group of people who firmly believe that ‘unintended consequences’ are things other people have to deal with, and that those pesky things called ‘rules’ and ‘laws’ are more ‘guidelines’ than things that they need to obey.

That Anonymous Coward (profile) says:

So they created the situation where the ‘digital Pearl Harbor’ became more possible, causing more money to be spent to protect us… while spending more money to make sure those efforts wouldn’t be enough to secure anything.

Corporations are people now, can we start executing them for treason?
Money comes in 1 door to make things more secure, and in another door to make sure its not actually secure.
Maybe it is time to wonder why our leaders listen to these people who are leaving the country far less safe despite being paid to make it safer.

Anonymous Coward says:

Re: Re:

Not gonna exactly disagree, but nuance a bit. I see the Bullrun project as a complete failure and hopefully it is relatively unique in scope.

Purposefully weakening security is a luddites work and it should be obvious that it is incredibly damaging to technological development, the companies whose products are getting abused and to the trust in the government for those in the know.

While procuring vulnerabilities and backdoors is insanity, most of the other programs run on collecting information. While there is a census on this site, that the protection of privacy against government is extremely important, the information they are able to gather that way, would be possible for others to gather anyway, even though it is a much harder task.

Crude, inefficient and potentially open to abuse, as it is, it is still at least meant to be non-disruptive to the private market (the economics of gathering is always questionable).

Phone tapping like described in the OP is just another surveillance tool and more “tolerable” to corporations and private citizens than Bullrun.

Anonymous Coward says:

'tapped' BS

far to much BS disinformation in these comments. cell phones are not ‘tapped’ they are fundamentally compromised. nothing to do with carrier IQ. the cell modem has unrestricted/uncountable access to the ram memory, meaning the software can be remotely changed on the fly. tapping, indeed would be tolerable IMHO, but that’s not at all how it works. the idea phones are any more secure then PC’s is laughable- not that pc’s are necessarily secure.

effectively, you don’t own your phone hardware, even if you bought it outright, and took reasonable steps to insure it was solely in your control.

Anonymous Coward says:

I wonder exactly how they’re tapping into that stuff with Android? If it’s code secretly added to the OS before it’s deployed, then CyanogenMod users are safe.
Of course, if it’s some subtle flaw in Android’s code, like that Windows encryption problem that a couple of Microsoft devs stumbled across, it might have been ported over to CyanogenMod…

Andrew D. Todd (user link) says:

Re: Re: How to Squeeze Out Hardware Back-Doors, to John Fenderson, #25

Well, as to that, one thing one can do to blunt hardware back-doors is to use more FPGA’s. A FPGA may not be as efficient as an ASIC, but it is more regular in structure, and it is more of a commodity. One can take a batch of standard FPGA’s, pick a sample at random, use acid to dissolve the top covering layers, and make micro-photographs. One can satisfy oneself that the structure is, in fact, regular, that it consist of rows of logic cells, separated by buses of data lines. The manufacturer cannot know what a particular FPGA is going to be used for, and does not know what kind of back door to design in.

Hambone says:

The news keeps on coming, and now I fear that the general populace has developed a callus so thick that the fact that we’re all being spied on “Big Brother” style is no longer shocking.

Is congress, or any other legally-empowered, governmental entity going to DO anything here?

Internet protests unfortunately carry little to no weight in the real world. The most important thing is to get mainstream media back into looking at this. I want to do help, but have no idea how to start.

It’s not like all this foreign spying was able to prevent the release of Sarin in Syria.

[dons tinfoil hat]
Or was the release of Sarin in Syria a ploy to distract from the domestic spying?

MIAmobi (profile) says:


It’s more then the NSA. There are solutions but until we get proper legislation making app developers have you op in instead of opting out, you will never know what you have downloaded to your mobile device. There will be a backlash as people learn how their privacy has been compromised

Using a SilentPocket? allows you to take control of your own privacy when it comes to Smartphone tracking. MIAmobi? addresses this issue and many more problems associated with mobile devices.
With over 1,500,000 mobile app developed for smartphones, many of which are stealth and are eavesdropping on your every move. Some are capable of turning on functions on your phone like your mic, camera, GPS, address book and more, even when it has been turned off. There is only one way to stop this if you really want to know for sure that you have control of your mobile device is to block all forms of wifi coming in or going out. Get informed

Anonymous Coward says:

I will be the 1st to by a smartphone that comes with free and open source drivers for hardware components. Components such as cellular modem, GPS receiver and graphics chip.

Such a phone will probably be declared illegal though. The spies will state it doesn’t ‘fully’ comply with ‘Enhanced 9-1-1’ because the GPS chip could be turned off by the user.

Ahhh, good ‘ol Enhanced 9-1-1. Policy laundering at it’s finest! Require GPS tracking for every smartphone in the world, under the guise of ‘safety’.

They’re always doing it for your own good! 😉

tom selig says:

your smartphone is dangerous

Yes, the smartphone is your biggest enemy when it comes to privacy. What to do about it ? Become smart yourself. You can either use an old fashion not so smart phone and only switch it on when you need it, the rest of the time you can set it to “flight mode” which will prevent the phone to send any signals to the next cell tower. Furthermore you can start snooping yourself …. providing you do have a smart phone: will give you most of the NSA Powers. It may be illegal in most countries but who cares when it comes to snooping ?

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...