Opinions wanted: can you remotely activate phone microphones and record?

Be like Nutella

Just curious about something I read and Im sure one of you lads will know loads about it. I'm aware of articles on the net relevant to a mafia court case in which a judge granted permission to use 'roving bugs' but I have yet to read a clear explanation as to if these 'roving bugs' referred to a physical bugging of a suspects mobile phone or the remote access to these phones through a network provider 'side-channel' to upload spyware which would leverage the use of the microphone surreptitiously to eavesdrop on local conversation.

If it's easily possible to turn every mobile in the US (for instance) into a roving bug on the sly then I give up forget 1984. The potential abuse of this tech is mind boggling. Somebody tell me that they know that it is not technologically possible or my heads gona spun round n pop off!

33

Be like Nutella wrote: »

Just curious about something I read and Im sure one of you lads will know loads about it. I'm aware of articles on the net relevant to a mafia court case in which a judge granted permission to use 'roving bugs' but I have yet to read a clear explanation as to if these 'roving bugs' referred to a physical bugging of a suspects mobile phone or the remote access to these phones through a network provider 'side-channel' to upload spyware which would leverage the use of the microphone surreptitiously to eavesdrop on local conversation.

If it's easily possible to turn every mobile in the US (for instance) into a roving bug on the sly then I give up forget 1984. The potential abuse of this tech is mind boggling. Somebody tell me that they know that it is not technologically possible or my heads gona spun round n pop off!

I havent looked into it yet!, but by all accounts nothing you are talking about is not possible, actually I would take a wild guess and say it is VERY possible now with smart phones, and has been to a lesser extent for quite a while, even back to the days when you had to decide whether to take the rucksack or the phone.

I see it working in a number of ways, just recording all calls remotely (at the exchange it must pass through), or a small hidden file somewhere in the operating system that would allow the mic to be turned on or off remotely, even from the other side of the planet, if your phone has a signal it is sending and recieving data constantly, and even without a sim it could be imei specific, or sim specific, so a little program in your phone to switch on and off the mic would be fairly easy, all the hardware is there, hope your head doesn't spin off because of this post, but yes just accept it would be very easy to impliment if it hasn't already, my guess it has.

edit, I did a quick google and found this
http://en.wikipedia.org/wiki/Covert_listening_device#Remotely_activated_mobile_phone_microphones

Confirmed,
http://www.zdnet.com/news/fbi-taps-cell-phone-mic-as-eavesdropping-tool/150467

But this doesn't surprise me in the slightest, what your phone can do, your computer can do better, webcam, mic can also be turned on and off remotely on your "personal" computer.

These new phones with camera front and rear could also be used as a mobile video capture.

Also, its not beyond the realms of reality to imagine all calls are stored, then someday laws will change and past crimes under these new laws could mean something you said in the past could potentially be used against you.



The surveillance technique came to light in an opinion published this week by U.S. District Judge Lewis Kaplan. He ruled that the "roving bug" was legal because federal wiretapping law is broad enough to permit eavesdropping even of conversations that take place near a suspect's cell phone.

Kaplan's opinion said that the eavesdropping technique "functioned whether the phone was powered on or off." Some handsets can't be fully powered down without removing the battery; for instance, some Nokia models will wake up when turned off if an alarm is set.



Read more: http://news.cnet.com/2100-1029_3-6140191.html#ixzz1Kb6CCiAM

Hookah

Yes, you can.

Going back at least fifteen years.

You either have to remove the microphone, or the battery (assuming there is no back up battery) to prevent this happening.

You can buy a program here to do it yourself.

Be like Nutella

Thanks that's just great lads... I read one feckin article... ask a question here... and now Im Mel Feckin Gibson out of Conspuracy Theory!

That's incredible. But again I read the judges opinion and the old guy doesn't specifically say that he granted s subpoena to the investigators to upload spyware to a handset remotely taking control of the microphone in order to eavesdrop on nearby conversation and, more technologically challenging, to record and secretly send this data to the investigators without trace.

Now if somebody can 'proof of concept' this then it only takes a couple of classic Conspuracy theory jumps of my Mel Gibson imagination (a joke) to ask...
Would it then be technologically possible to record large amounts of nearby sound from many millions of mobiles to a central storage system and process this sound for flag words a la Echelon? but one step at a time... is is tech possible first? Those articles assume the 'Roving Bug' is 'A' but there are some conflicting opinions which say it's 'B'.
I saw something about 3000 leaked pages of techncapability data from the FBI which although heavily redacted was being processed by some site in an effort to assess the current eavesdropping tech capability of the F...B....I

Oracle

Then there's also the cloned device technique as well, where you replace the targets mobile with an identical phone and SIM, with modified hardware or software. More tricky because it would mean copying the original contacts, messages and settings on the target phone, but with the dummy phone pre-prepared and the right equipment, it could be done in minutes.

Be like Nutella

What's good enough for Will Smith... : )

Priori

God... 'Protect your children??'... What an admirable marketing twist.

Be like Nutella

Does the Flexispy product simply require you to download the ap? Well if they can implant a hidden auto-answer function into a phone number if your choice remotely then that proves it is easily possible and I would assume now that the 'Roving Bug' subpoena in 2006 was for exactly this capability! Is that what Flexispy is?I'm Lookin for hard evidence that it is completely feasible given the right resources to record peoples lives through their phone mic secretly and effectively by remote activation without any need for hardware??

They were discussing iPhone tracking by Apple on Phantom FM today ... I mailed this issue in and they brought it up but the studio guest from PC World was very bias about any of this kinda tech saying it is purely there to benefit user experience and you shouldn't worry less you have something to hide !!!

Priori

Be like Nutella wrote:

...it is purely there to benefit user experience and you shouldn't worry less you have something to hide !!!

I think the worry is that those who really do have something to hide will be the most eager to use it for their own ends...

Sure 'everything is just fine' if you have nothing to hide... Kinda depends on the society methinks. I mightn't have anything to hide by Irish society's standards, but if I lived in North Korea it'd be a different story.

Hookah

Be like Nutella wrote: »

Does the Flexispy product simply require you to download the ap? Well if they can implant a hidden auto-answer function into a phone number if your choice remotely then that proves it is easily possible and I would assume now that the 'Roving Bug' subpoena in 2006 was for exactly this capability! Is that what Flexispy is?I'm Lookin for hard evidence that it is completely feasible given the right resources to record peoples lives through their phone mic secretly and effectively by remote activation without any need for hardware??

I'm not sure. It looks to be.

I'm fairly sure people have been convicted in Holland using intelligence gathered on their own phones.

It's a standard security forces technique. I read about it in a book at least ten years ago.

Be like Nutella

you're making a good case to support my fear. Ill try and find instances where it appears in books etc ... Clancy included many secretive but real weapons etc in his books and usually went into some detail.

Let's assume that it is technically possible for now (although I don't have absolute proof yet) then with enough computer power and space you really could apply the same concept as Echelon to all this audio... flag words etc... profiling and so on... and that's without considering that if it's possible to remotely control mobile phone microphones and draw down that audio data packet at will surreptitiously then why not control the video camera? Apart from data size issues it's the same dealio!

I genuinely find it hard to believe it yet because my rational brain says that there would be 120 journalists all over this and an uproar in Washington which would result in an investigative committee etc etc Time Magazine Headline etc

Hookah

Be like Nutella wrote: »

Let's assume that it is technically possible for now (although I don't have absolute proof yet) then with enough computer power and space you really could apply the same concept as Echelon to all this audio... flag words etc... profiling and so on... and that's without considering that if it's possible to remotely control mobile phone microphones and draw down that audio data packet at will surreptitiously then why not control the video camera? Apart from data size issues it's the same dealio!

Not forgetting voice recognition.


It's fairly simple to remotely switch on the camera on your computer, so I don't see why not on a phone.

Be like Nutella

Voice Recognition ... haha yeah like that's possible .... oh right ... So you can track a zillion people phyically as Apple do routinely, you can remotely activate all their phone microphones and listen to what people say when you want, and know who you're listening to by voice recognition... madness... seriously though it's kinda all technically possible.

Run_to_da_hills

Phone dead has been on the market for a number of years. Use to be $700 and now just $300. I would imagine that there is an audio visual version that can avail of foreward facing cams.

http://www.trusters.com/p_phone_dead.htm

Naikon

If you lack the source code to verify, anything goes I am afraid. Sure the NSA could have a backdoor on your iphone and you would not know. It's possible.

Be like Nutella

http://www.trusters.com/index.php?page=faq#15

---

See 15 and 17

These infer a) you can't remotely (as in from anywhere) upliad the spyware and b) can't do it when it's off

So although this product demonstrates the backdoor is open to upload the hidden spyware it doesn't infer the ability to do it from a desk a thousand miles away which would be necessary for my mad 'they could technically listen to the local conversation around a million phones at once even if they're off' hypothesis

But I'm not giving up yet

Treora

Of course they can do all that and have been for quite a while. What do you think Menwith Hill is. The big ear probably outsources most of its crunching to commerical clouds. The only thing they need is inside resources in the mobile providers, a certainty. The phone being on or off is of little matter. The way Lucius tracked the joker in the Dark Knight has been around for some time.

Mel would wrap his phone in tinfoil, most of the tweenies can hijack android (linux makes this easy enough) and capture the hardware. On a more simple basis video nasties and other propaganda is bluetoothed around communities these days.

Only some of the technology is legal and those that have the technology don't want other agencies to have it too. So much for homeland improving communications. Lawful snooping creep will continue, the societal threshold on this is way down the line.

The only things that can change this are when China tanks the dollar and the COMSEC budget vanishes (some techs will go private and sell their code to the highest bidder - the Chinese) and traditional hacker or open source personal privacy coding projects like BetterPrivacy

Be like Nutella

right Imagine youre in the pentagon, Langley, maryland wherever.... and echelon and other resources are reporting massive increase in chatter concerning an impending attack - so you just switch on all the phone mics and let your system process it real time just like echelon has for decades...
just a mental experiment but....
Echelon came into existence because of 4 reasons:
1) Cold War
2) which mandated allies ie NZ, UK, Can to, well, help
3) Enabling technologies - Satelite Dishes (bluntly put) and voice recognition software and powerful CPU's, data centres etc
4)politically achievable in Cold War climate ie malleable congress etc

That Echelon exists is unarguable... Google EU Echelon Report and if you have any patience to scan through it you'll be left with your jaw on the floor ... you may have seen it in The Bourne Trilogy but it's in black n White in the EU Report (Patricia McKenna was very involved)

It cost billions and it stayed under the press radar literally for decades even though thousands of people were involved and still are.

My point is, to get all Mel Gibson Conspiracy Theory on this sh1t about the technological feasability of remote activation of mobile phones microphones as 'Roving Bugs' en masse is actually not that irrational. To have debated the Echelon concept in 1970 would have seemed extremely far fetched and that was during a state of severe international tension during the Cold War.

Now we're in the war on terror or whatever and here comes along the age of the gps phone and now smart phones with condensor microphones and cameras and video capability etc etc
If, this tech was around in 1970...then obviously they would have rolled out Echelon with a whole diff set of capabilities.... just extrapolate it out: the handsets (all of them) would have been engineered with bachelors built in which wouldve allowed Echelon to hear calls, take pics, activate video and listen through the mic!! Simple as that... the rationale would have been the same just with more advanced tech!

So, is it conspiracy nutjob crap to consider whether it is in fact possible to upload software to phones completely remotely which can activate the microphone and record ambient sound at will whether the phone is on or off And send this data out AND if so, is it too much to conceptualize a central storage and processing system set up to take this sound data and attach it to other appropriate members of it's data family tree ie the gps data recording your movements ( reportedly recorded by Apple whether you like it or not) and apply the voice Rec capability to this audio etc etc to find Osama chattin to a dude in a bar in Mogadishu picked up on someones phone 6 feet away that's powered off? If you rationalise it given the parameters that gave birth to Echelon and just factor in the cutting edge tech available now then you can get there pretty easily (of course maybe they didn't think of it til now...the irony:)

Be like Nutella

Now I still need textual proof from somebody in the industry or from a feckin spy himself or the FBI or whatever that this thing is possible .... It might seem stubborn but most Conspiracy fookers just p1ss me off the way they assume so much... I actually want to know if it's possible as much as I believe some of the informed opinions I've read here, and that's not a joke!

In the meantime before I actually drop into the NSA to ask them, eh this Batman sonar mapping people finding phone malarky in Dark Knight?? Now I'm no feckin way just accepting that that exists straight off... as extreme as I am but, then again ... what would it require, conceptually?
Ya know if you actually went to DARPA and said do that - you've got 5 years, a billion squid and 50 PhD's then they'd probably get close!!
There's a sonar ap which uses the mic and tells ya how far away the wall is to bout 6 inches accuracy... so firstoff the mic would have to be capable of receiving click reflections in all dimensions at a High speed somehow outside of human hearing and send that detailed sonar mapping data packet out on the sly along with the usual sneaky mic ambient sound and a camera angle too if youre lucky... but would that really achieve the perfect LADAR style wireframe mapping you'd be after? I can't bridge that in my head.

Think I'll stick to the mic bug proof of concept!!

Run_to_da_hills

Dell have been carrying out remote access to customers PC's and laptops for over a decade. They have the ability to access anything on your machines from their service centers in India. Your average smart phone today is more powerful and more easily accessible than any laptop or PC ten years ago so it would not surprise me at all if any of the functions on your phone can be accessed without your knowledge including its microphone and foreward facing camera.

For those that want a bit of privacy over a conversation or transaction I would highly recommend one of these

http://cgi.ebay.co.uk/Mobile-Phone-Blocking-Signal-Bag-iPhone-Nokia-etc-/290518475652?pt=UK_MobilePhones_MobilePhonesCasesPouches&hash=item43a4402384

Be like Nutella

Right... nothing 100% .... but I'd say going on what's Been said that it's highly probable that the technical ability exists to remotely access any smart phone upload spyware and activate the phone mic ... record ambient audio at will even if the phone is powered off and download that audio data secretly!
But then again most people here would have assumed that... maybe in 20 years there'll be another EU report telling us that Echelon evolved passed it's satellite listening roots and moved into tapping fibre optic cables and listening to phone mics and reading texts through the practise of mobile phone backdoor spyware!

I would prefer some proof though.

brendanL

Currently doing a VOIP application similiar to skype atm for my college year project.

Interms of smartphones there is three ways that I can think of at this time.

If you can get your hands on targets phone.. download an app that you've created onto it.. and bobs your uncle all nice and done.

I played with an app a while back that allowed you to send an app to someone near you over bluetooth if they had the sending app turned on too, and had you added as a bluetooth contact. Now if you connected to their phone using a method I heard of before that involves buisness cards trickery then you could in theory load a malicious app onto their phone from close proximity.

The easiest I can think of atm... and I haven't read anything about anyone managing or even attempting this... but if you access a Android phone through it's telnet... which in theory should be possible aslong as your on the same LAN as it.. you could access it and load a malicious app on. Unfortunately my best area is android so can't say much for the others.

Hookah

brendanL wrote: »

Currently doing a VOIP application similiar to skype atm for my college year project.

Interms of smartphones there is three ways that I can think of at this time.

If you can get your hands on targets phone.. download an app that you've created onto it.. and bobs your uncle all nice and done.

I played with an app a while back that allowed you to send an app to someone near you over bluetooth if they had the sending app turned on too, and had you added as a bluetooth contact. Now if you connected to their phone using a method I heard of before that involves buisness cards trickery then you could in theory load a malicious app onto their phone from close proximity.

The easiest I can think of atm... and I haven't read anything about anyone managing or even attempting this... but if you access a Android phone through it's telnet... which in theory should be possible aslong as your on the same LAN as it.. you could access it and load a malicious app on. Unfortunately my best area is android so can't say much for the others.

Do you know has Skype been broken?

Can the authorites now listen in on Skype conversations?

brianhere

Now I still need textual proof from somebody in the industry or from a feckin spy himself or the FBI or whatever that this thing is possible

Did you try the Orwellian Ireland book here: http://oireland.tripod.com ?

Be like Nutella

Thanks for the link.. I guess you're the author?

You've probably read it all ... can you offer any opinion on whether you think it is either/both possible or likely that an agency within the US government has the ability to access any smart phone completely remotely, install spyware which allows them to activate the phone mic even if the phone is powered off and download that audio data at will? and if you think it's technically possible could offer any evidence in literature etc? And would you reckon that such an ability is exercised en masse as The Echelon system was/is used? I'm think im fairly up to date with the technical capabilities out there including robotic weapons, DARPA programmes in the pipeline etc and I have never seen it posited that this roving bug system is possible or in use or being researched... but this ambiguous case of the mafia investigation which I have to repeat.. does not directly admit to the specific ability I am questioning raised my eyebrow because as soon as I read it I thought of Echelon and the EU Echelon Report that Patricia McKenna was involved in and I thought to myself 'well if the cold war created Echelon which at it's peak could hear all calls on earth and process that audio for chosen flagged words ... then surely 'the war on terror' will take advantage of any backdoor available by chance or design into
smart phones allowing an echelon style approach to ambient sound picked up by remotely activated phone mics. But the closest I've gotten to believing in current technical ability is the spyware product Flexispy which requires Bluetooth upload of the software which is a far far cry from complete remote access to any phone you specify. I personally hate vague Conspiracy opinions and the stuff that many just accept as fact (such ad this potential ability) is crazy. I heard of and read an awful lot on Echelon but not until the Exellent work done by a group of eu mp's was it presented in black and White drawing on the absolute total 'available' data. Echelon was in full swing for decades before anyone asked any serious questions. Of course most people get bored with the technical side to these real/imaginary abilities.

brianhere

It isn't a question of installing anything on the phone. The international GSM standard, for example, allows anybody who wants to to access your phone remotely by intercepting GSM command messages that your phone transmits to the cell tower. That includes being able to turn it on remotely and turning on the sound etc. Anybody can do it who has access to these secret codes, you don't need to installl anything on the target device. Your only defence against it is to take the battery out, and notice you cannot do that in later Apple products.

As regards documented evidence, you have to be practical here. Obviously they have this stuff classified and hence the media and the employees of intelligence agencies cannot talk about things like this or face going to jail. You just have to piece some facts together and you can see quite a few such references in the above mentioned book.

33

Hookah wrote: »

Do you know has Skype been broken?

Can the authorites now listen in on Skype conversations?

Yes and always could, nothing is private in the world wide web.

33

brendanL wrote: »

Currently doing a VOIP application similiar to skype atm for my college year project.

Interms of smartphones there is three ways that I can think of at this time.

If you can get your hands on targets phone.. download an app that you've created onto it.. and bobs your uncle all nice and done.

I played with an app a while back that allowed you to send an app to someone near you over bluetooth if they had the sending app turned on too, and had you added as a bluetooth contact. Now if you connected to their phone using a method I heard of before that involves buisness cards trickery then you could in theory load a malicious app onto their phone from close proximity.

The easiest I can think of atm... and I haven't read anything about anyone managing or even attempting this... but if you access a Android phone through it's telnet... which in theory should be possible aslong as your on the same LAN as it.. you could access it and load a malicious app on. Unfortunately my best area is android so can't say much for the others.

Theres a backdoor in all operating systems, with the right equipment you can track any phone/sim on the planet by imei or sim, because the device is constantly communicating with a number of cell towers at once and only needs communication from phone to tower, unwanted and unknown applications can enter your phone and stay there, as said already iphones 3g and 3gs need to be stripped bare and the last remaining part is the battery, the iphone4 has easier access to the battery, but it may still hold a small charge for a while after the battery has been removed.
The war on terror and homeland security have had an input into communication devices, I heard it through the grapevine so have no links for you, but no company would jepordise the US market by not towing the line and giving US and other intelligence agencies complete access to any phone from anywhere, the service provider wouldn't necessarily need to be involved, a man in the middle type attack would do the trick quite easily.

http://www.toimii.com/gps/

the link isn't proof of anything I just said, it's only an example of some of the most basic stuff were allowed know about what is and isnt possible.

GarlicBread

When you buying a new mobile or simcard, just give em a wrong name and address. Problem solved. .

May not work if you use landline/bill phone.

Mahatma coat

I didnt have to give any name or address when I bought my new Sim, just walked into the Shop, said "gimme an 087 SIM" Shoved it in the phone and charged it up.

whats teh Story with givin them names and addresses??????

Yitzhak Rabin

Mahatma coat wrote: »

whats teh Story with givin them names and addresses??????

Far as I know you don't have to. They just offer you about 60 quid free credit if you register.