Hide Techdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

NSA, GCHQ Spying On Angry Birds And Lots Of Phone Apps: Time For Mobile Security To Up Its Game

from the game-over dept

Having already “infiltrated” online games like Second Life and World of Warcraft, it appears that the NSA and GCHQ are also busy playing Angry Birds, Candy Crush and pretty much any other popular mobile app as well, as they’ve learned that such mobile apps are incredibly “leaky” when it comes to revealing information about who you are, what you do and where you are. In a new report based on Snowden documents, ProPublica, the NY Times and the Guardian all have stories about how deeply the US and UK intelligence agencies can dig into your mobile phone to collect just about anything they want on you. And, as usual, they appear somewhat gleeful about the whole thing, as one slide in a presentation talks about “the golden nugget!” in discussing how they can pull so much information:

Another set of slides, talking about how much information can be obtained from various mobile platforms, suggests that GCHQ and NSA can basically get just about anything from anyone. Take, for example, this slide about what they can get from an Android phone:
Yeah: “If its on the phone, we think we can get it.” (Grammar nazis will note the misused “its” there, but everyone else will be concerned about the implications here). Similarly things like “NOSEY SMURF” suggest the ability to turn on the phone’s microphone to automatically tap anyone with a phone from anywhere.

Of course, a big part of the issue here is the lack of concern or focus on encrypting and securing mobile apps and data. While there’s been increasing talk about encrypting everything on the web, the main focus has been on the desktop. And while there are things like VPNs and security for mobile phones, it’s been much less of a priority for many. That needs to change.

In talking about the NSA issue with a variety of startups lately, it’s been somewhat depressing to hear more than a few suggest that they were unwilling to speak up, because they were afraid it would shine more of a light on how weak their own privacy and data protection efforts have been. I’ve told multiple companies that the proper response to this is not to stay quiet but to fix your own data management in order to protect your users. Because sooner or later, people were going to find out about leaky data like this one way or the other.

At this point, it’s clear that the NSA, GCHQ and others will seek out and collect any data they can. That makes it imperative for pretty much everyone creating any app that collects any data — even for something as simple as a game like Angry Birds — to learn how to properly protect that data and to protect their users. This goes for both small companies and large ones. For example, the reports show the NSA and GCHQ salivating over all of the information that Google Maps provides. Google has been taking a stand that says they’re serious about protecting their users’ data. If the company is serious about that it should take the lead in making phones much more secure from simple and easy tracking, as is detailed in these documents.



Filed Under: , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “NSA, GCHQ Spying On Angry Birds And Lots Of Phone Apps: Time For Mobile Security To Up Its Game”

Subscribe: RSS Leave a comment
31 Comments
Anonymous Coward says:

What does NSA stand for again?

I think we better start calling them the NIA, because they could care less about national security – it seems they’re pretty much infatuated with the insecurity of Americans. They seem intent on not only hoarding details of the insecure nature of American infrastructure, devices, and privacy – but also using it to make huge databases of our daily lives to (eventually) blackmail us with.

Anonymous Coward says:

I will take them at their word

The NSA is just hear to help. Don’t you feel safer knowing they have the capability to gather all information from everyones phone? This is why we are so good at fighting terrorism and the reason why there has not been another 9/11, for god’s sake. It’s just like this rock I paid $7,999 for to keep tigers away from my house. Sure it’s expensive and will seem silly to people that “just don’t get it” but I have not had a single tiger atttack, so there!

Lori says:

Google worse than NSA

The average person shouldn’t care at all about this. After all, most people use Google and Facebook on a regular basis. They represent a much greater threat to our privacy than the NSA. At least the NSA isn’t going to feature my photo in an ad, or show me ads. Put another way, the NSA and Google both violate our privacy – Google goes a step further and exploits our personal information. If this stuff really does bother you, then perhaps you should start using privacy-based sites like DuckDuckGo, Ravetree, HushMail, etc.

Michael (profile) says:

Re: Google worse than NSA

Just to point it out again…

You can opt out of using Facebook and Google. You have to choose them to provide your service. There is no opt-out for NSA surveillance.

In addition, while Google and Facebook will use the information you have willingly provided them in exchange for using the services they provide for little to no monetary cost, the government can PUT YOU IN JAIL with information they gather.

@b says:

Re: Google worse than NSA

You just made the ‘RSA Cryptography Gambit’.

We use G apps + fb ‘presuming’ the data isnt 100% private. Even if we skipped passed the T&C we agreed to be legally bound by.

The complaint here is the NSA is spying secretly, illegally, unconstitionally, and explicitly (by design, since now all the world’s phone+internet usage falls within the purview of espionage & terror) without voters’ knowledge, let alone consent.

If voters knew what comms the NSA spied on, then criminal-voters with any brains would go deeper underground. Beyond free public online popular well-known for-profit snoopy cloud services like Google android, gmail, G+, youtube etc.

Anonymous Coward says:

so far the emphasis has been on the NSA and what it has been doing. that has to change now and bring GCHQ into the frame! it may take a bit of work to get the UK citizens aware of what is going on and the impact it is having on everyone but once they are aroused they will take things on and keep shaking, just like a terrier until the right answer is given. so far Cameron and May haven’t served too well and as for Rifkin, who chaired one of the ‘investigations’ into what was going on, he may just as well have investigated the Beano Annual!

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...