FBI Taps Cell Phone Microphones in Mafia Case

cnet-declan writes "We already knew the FBI can secretly listen in to car conversations by activating microphones of systems like OnStar. A new Mafia court case suggests that the FBI can do the same thing to cell phones. The judge's opinion and some background information [pdf] are available for reading online. The most disturbing thing? According to the judge, the bug worked even if the phone appeared to be 'powered off.' Anyone up for an open-source handset already?" From the article: "This week, Judge Kaplan in the southern district of New York concluded that the 'roving bugs' were legally permitted to capture hundreds of hours of conversations because the FBI had obtained a court order and alternatives probably wouldn't work. The FBI's 'applications made a sufficient case for electronic surveillance,' Kaplan wrote. 'They indicated that alternative methods of investigation either had failed or were unlikely to produce results, in part because the subjects deliberately avoided government surveillance.'"

It's all conspiracy

[itz2000]

That's what I suggest.

Maff's conspiracy.

open-source

[Loconut1389]

well, we may not have open-source handsets, but is open-mic good enough?

In Soviet Russia

[anagama]

In Soviet Russia, phone listens to you.

oh wait ....

Re:In Soviet Russia

[GnuDiff]

In fact, it did.

As far as I remember, just after the collapse of the USSR, there were published some information about how KGB was able to activate the mics of "normal" old phones by activating the line from substation; so that the phone didn't ring, but the mic was getting enough current flowing through it to work.

Re:In Soviet Russia

[DrSkwid]

That also happened to some people I knew in the UK, the police monitored their house via their POTS phone.

They then played the tapes back during interrogation, the bits where the housemates talked about each other behind their backs etc. to try and get them to tesify against each other.

Re:In Soviet Russia

[Gordonjcp]

That also happened to some people I knew in the UK, the police monitored their house via their POTS phone.

I don't really see how that's possible.

Re:In Soviet Russia

[Gordonjcp]

That also happened to some people I knew in the UK, the police monitored their house via their POTS phone.

Bah, bloody thing posted when I hit Enter.

I don't really see how that's possible. When the handset is on-hook, the microphone is disconnected. This is a requirement for BABT compliance.

Re:In Soviet Russia

[CBob]

Both sides have had that ability for quite some time now. Google "infinity transmitter", they used to be avail in kit form in the old Popular Electronics or Radio Electronics circa 1980-ish

Re:In Soviet Russia

[Dun+Malg]

That also happened to some people I knew in the UK, the police monitored their house via their POTS phone. .

I don't really see how that's possible. When the handset is on-hook, the microphone is disconnected. This is a requirement for BABT compliance. You are correct. The analog POTS system fully disconnects the microphone and speaker when on hook, as per design standards going back to the 1870's. It's not possible to listen in on-hook without modifying the phone. OP is either engaging in "urban legendry", or the incident took place before 1982, when BT still owned the entire phone system (including the sets themselves) and could believably send a technician 'round to "fix the phone".

Re:In Soviet Russia

I think it worked by sending an RF carrier down the line that would be capacitively coupled accross the open switch contacts and modulated by the microphone.

Re:In Soviet Russia

[Sigg3.net]

This is what happens when you don't put the phone down properly. Or your free hands.

Re:In Soviet Russia

[timeOday]

Maybe it was just a bug that happened to be planted in the handset?

Re:In Soviet Russia

[Incadenza]

You are incorrect. You can make the phone connect when it is on hook, at least you could in the Netherlands (and I do not believe our phones are that different from the ones abroad). This was al over the news (xx years ago). It was Rob Gonggrijp that brought it into the media (including live demonstrations), the same guy that now is making all the fuzz about the Dutch voting machines.

And, on another note, he is also involved in the only really secure AND really open source mobile handset, the CryptoPhone.

Re:In Soviet Russia

[pipingguy]

when BT still owned the entire phone system (including the sets themselves) and could believably send a technician 'round to "fix the phone".

Did they include free cleaning?

Re:In Soviet Russia

The analog POTS system fully disconnects the microphone and speaker when on hook, as per design standards going back to the 1870's

I think it is very clear that very intelligent people knew that allowing phones to be used in the way described in this article is an unacceptable abridgment of privacy. I do no think it is any coincidence that the judge who ruled in this case in favor of the surreptitious "roving" (i.e., non-specific) surveillance is none other than Judge Lewis Kaplan of anti-DeCSS fame. It sucks when a Federal judge neither believes in Free Speech nor in basic privacy.

Re:In Soviet Russia

[ei4anb]

"The analog POTS system fully disconnects the microphone and speaker when on hook" at frequencies that the POTS system was designed to use, DC to 3000Hz. However if you use a HF signal, say > 2MHz, then the hook switch is an air gap capacitor and it is possible to monitor audio from the room. The HF signal must be injected directly onto the subscriber loop as close to the house as possible.

Re:In Soviet Russia

[pestie]

Close, but from what I understand it was capacitively coupled across a capacitor that was part of the circuit that drove the bell (it blocked DC, so the bell only rang when the 20 Hz, 90v AC signal was applied), which is obviously connected all the time. I even saw schematics for such a device years ago. Of course, the technique would be utterly useless with modern phones.

Re:In Soviet Russia

[Gordonjcp]

Nope, that *still* doesn't work. The high frequency signal is shunted to ground by the sidetone choke - if you look there's a funny little transformer with three windings to make sure that you can hear yourself in the earpiece, but not too loud. Furthermore, even with the diodes on the regulator board (which *might* rectify the 2MHz AC), you still don't get much of a voltage across the microphone, and certainly not enough to prod it into life. Most BT "round dial" phones used carbon microphones, although latterly these started to be replaced by electronic ones with an electret mike and a small preamp. These actually needed around 6v to work properly, rather more than the carbon mikes!

Re:In Soviet Russia

[GnuDiff]

> This is a requirement for BABT compliance.

And since when had the USSR cared about "British Approvals Board of Telecommunications"?

Re:In Soviet Russia

[Gordonjcp]

And since when had the USSR cared about "British Approvals Board of Telecommunications"?

They don't have to. The manufacturer of the phone does, though, and the user of the phone *definitely* does.

Re:In Soviet Russia

[GnuDiff]

Yes, sorry, I missed the part earlier that started talking about possibility of same things in Britain.

However, the phones manufactured in SU followed the Soviet GOSTs ("gosudarstvennij standart" - state standard), which, even though I am not sure, I would be willing to bet didn't have anything to do with BABT, because they didn't care.

Interoperability? Well, the fact that in the SU, if you wanted to call overseas (and in fact even other republics in the USSR), you had to subscribe for a long-distance call and go to a Post Office to make it, where they had special booths (and possibly routinely recorded everything), could tell something.

Hell, my apartment phone back then was double-linked with my neighbours. I don't know the technical term for that - I think in Latvian it was "blokators" - but when they were making phone calls, we couldn't use phone, and vice versa -- and I remember every now and then my hooked-up phone emitting chirping noises when my neighbours' phone was ringing. And also sometimes if you took your phone off-hook, you could actually hear their conversation, and sometimes even participate, even tho this wasn't something that was supposed to happen even according to that "double-linked phones" description.

Re:In Soviet Russia

[Gordonjcp]

Yup. In rural areas you got a similar thing in the UK - in fact I've actually seen the newer version of that, where two lines are multiplexed onto a single pair - DACS - actually in use fairly recently. Crap if you want dialup.

Up to about the mid-1980s you needed to get the GPO, or BT as it became (when they had bright yellow vans with the blue T in a circle with three dots) to come and install your phone, so possible a "modified" phone could have been fitted then. I suspect that it would do something odd if it had been fiddled to pick up sound even with the handset down, and stuffing the 70V ringing voltage across the carbon mike would do it no good at all!

What's so alarming here?

[ZDRuX]

The fact that they are using a cellphone case as a carrier for the secondary microphone or that they somehow got a hold of the Mafia's cellphone without them knowing?!

And an open-source cellphone will do you no good when the seperate mic runs straight off the battery inside the phone regardless if your phone is on or not. This is not much different then having the FBI tap your watch, cd-rom drive, or shaver... but I guess that would be pointless since you don't talk to any of those about your secrets right? ...do you?

The real puzzle here is how they managed to swap the real phone with the one that was wired by the FBI, there must have been a mole. And since they got a court order to "monitor" the suspects, is it really that *alarming* that it worked even when the phone was off? Are there limitations as to when you can and cannot monitor dangerous suspects? For example when they sleep, or go to the bathroom, or between the hours of 9-5? Anybody know?

Re:What's so alarming here?

[iamdrscience]

The alarming thing is the possibility that the bug could have been something that was not a physical modification to the phone's hardware, but a software modification. The article suggests that this may have been the case. So while it's probably not the case that the FBI could remotely turn any phone into a bug, the possibility of that being the case is alarming.

Re:What's so alarming here?

[Yokaze]

The poster of the story seems to be under the false impression that the FBI activated the mobile phone's integrated microphone. This would have been quite alarming. However, if he (or the original author) had read the affidavit correctly (as you probably did), he'd notice that they just bugged him. (Point 3: "[...] through a listening device placed in the cellular phone [...]").

Re:What's so alarming here?

Um, actually, i think thats exactly what they did. TFA says "a cellular telephone can be turned into a microphone and transmitter for the purpose of listening to conversations in the vicinity of the phone."..."remotely install a piece of software on to any handset, without the owner's knowledge, which will activate the microphone even when its owner is not making a call."

they don't steal the phone and put in a microphone and the software to run it. They send the phone software over the cell net that activates the built-in microphone discretely.

Maybe there should be a cellphone version of Little Snitch to guard against this kind of thing.

Re:What's so alarming here?

[Anne+Honime]

The alarming thing is the possibility that the bug could have been something that was not a physical modification to the phone's hardware, but a software modification. The article suggests that this may have been the case. So while it's probably not the case that the FBI could remotely turn any phone into a bug, the possibility of that being the case is alarming.

The probability that the judge and the reporter both misunderstood the technical parts of the case is certainly much higher than the probability you can remotely control the microphone of the cellular phone.

Re:What's so alarming here?

placing a listening device in the cell phone could be equally easily interpreted as installing a microphone OR installing software to activate the microphone and transmitter that are already there.

Re:What's so alarming here?

The alarming part is that "the subjects deliberately avoided government surveillance". It's entirely understandable that the judge would see this as justification for spying on them. Next people will be refusing to have spy cameras in their homes and of course that will mean that the government is justified in placing spy cameras in their homes. It's good to see the Courts still protect us from such fiends who seek to preserve their right to privacy.

Re:What's so alarming here?

[iamdrscience]

I agree completely. Ultimately, the only thing truly "alarming" about this story is the idea that it could happen, but the fact that it's still exceedingly unlikely makes the story rather unremarkable.

Re:What's so alarming here?

[GnuDiff]

Doesn't sound improbable to me at all.

After all, most of the phones already have some kind of voice recording software that controls the mic, too.

I bet any comparatively modern cellphone would be susceptible to this. You might need to get access to the phone for a minute or two with some device (eg laptop with USB-phone cable), to modify the software, sure, if you can't do it remotely. But that's about it.

Re:What's so alarming here?

[aussie_a]

Good to see your comprehension of English doesn't outweigh your knee jerk abilities. Otherwise you would have seen that was only one fact that was considered, along with at least 1 other fact accompanying it (more likely many more facts).

Re:What's so alarming here?

[The+Master+Control+P]

All aboard the clue train, last stop is A.C.:

FBI: "Judge, these guys are mafia and they're not falling for the typical eavesdropping routines."
Judge: "Ok, try planting bugs in their cell phones." /signs warrant

Not everyone trying to preserve their privacy is doing so for good reasons. The purpose of a warrant is to isolate the shitbags who are hiding something illegal before invading their personal lives. It's the 4th amendment: Reasonable suspicion that you're covering something up voids your right to privacy.

Re:What's so alarming here?

[nchip]

It is probably feasible with Qualcomm BREW based handsets in cdma networks. CDMA operator has power to "push" content, including applications to you device. BREW apps can access your microphone and don't necessary need to be visible.

GSM networks don't have such delivery systems, and use java for applications. Most phones don't support starting Java midlets automatically to backround, or access microphone. Even when in background, running applications are visible somewhere in the menus.

Basically the java applets are sandboxed, while BREW apps are signed by the operator to be "trustable".

Re:What's so alarming here?

[jackalope]

The FBI probably would not need physical access to the phone. They could just use the over-the-radio firmware upgrade feature many phone have to send the target phone some new firmware with the bug software integrated into it.

Yes, the software has bugs, it is supposed to have bugs.

Re:What's so alarming here?

The test for issuance of a warrant is actually probable cause, not reasonable suspicion. Probable cause is a stricter test and makes your point a bit stronger.

From the Bill of Rights (emphasis mine): The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

From Wikipedia: PROBABLE CAUSE - In the context of warrants, the Oxford Companion to American Law defines probable cause as "information sufficient to warrant a prudent person's belief that the wanted individual had committed a crime (for an arrest warrant) or that evidence of a crime or contraband would be found in a search (for a search warrant)." "Probable cause" is a stronger standard of evidence than a reasonable suspicion, but weaker than what is required to secure a criminal conviction. Even hearsay can supply probable cause if it is from a reliable source or is supported by other evidence. REASONABLE SUSPICION - Reasonable suspicion is evaluated using the "reasonable person" or "reasonable officer" standard, in which said person in the same circumstances could reasonably believe a person has been, is, or is about to be, engaged in criminal activity; such suspicion is not a mere hunch. Police may also, based solely on reasonable suspicion of a threat to safety, frisk a suspect for weapons, but not for contraband like drugs. A combination of particular facts, even if individually innocuous, can form the basis of reasonable suspicion.

For example, if you see a genuinely "suspicious person" standing on a corner with a bulge in his front pocket, you may have reasonable suspicion that it may be something illegal. You don't have probable cause to believe so until you see him do something that corroborates your suspicion, such as make a "hand-off".

Re:What's so alarming here?

[deviceb]

ya, any mic can be made a bug. thats old news.. I have a mic and & cam staring me in the face atm, and no way to physically unplug it from my laptop /shrug
and then there is always the tracking device hidden inside your tooth..

Re:What's so alarming here?

[ronanbear]

The Irish networks are GSM and it's reasonably well known that the networks can turn on and control phones with the signature of a sufficiently senior police officer.

I'm actually surprised more people here hadn't heard about it.

Re:What's so alarming here?

As far as I know the 3G cell phone standard *explicitly* requires that phones can be remotely activated, even when the user turned it "off". Unfortunately I never got hold of a copy of the standards (they are rather expensive and I'm not close enough to that business to have it floating around in the vicinity. Plus, I'd probably just get lost in the thousands of pages).
Did noone ever wonder why battery life decreases even when his cell phone is "off"? A right, Slashdot readers don't ever turn their phones off.

I was told: if you have an important meeting and want to be safe from espionage, have all participants drop their cell phones in a box before they enter the room. That, or take out the batteries - but that's far less practical.

Posted as AC, on purpose.

Re:What's so alarming here?

What is a "dangerous suspect[]"?

Re:What's so alarming here?

[Anne+Honime]

I'm sorry that I was misunderstood myself ; I was by no way implying that it's absolutely impossible to remotely bug a cell phone. But I don't think it's reasonably practical to do it, for a number of reasons, and I think anyway it makes a better headline to imply the contrary. Hence, my belief it's easier to bug conventionaly a phone (rewiring the mic or something like this) rather than fussing with the firmware, and I find it more probable the reporter exagerated the story.

Think about it for a minute : how long does a battery last while the phone is idle ? About a week generaly. How long does it last while phoning ? 2, maybe 5 hours ? And nobody would notice the depletion with the bug turned on ? Come on.

Re:What's so alarming here?

[Dr.+Zowie]

Cell phones are so heavily engineered for size, it's hard to imagine that the listening device was anything other than software -- most phones simply don't have room to hide a separate mic.

Re:What's so alarming here?

[JPribe]

Uh, if they can reprogram my phone by clicking a few buttons in a service center, what makes you think they can't enable the mic while the system is "off" because, quite honestly, a phone isn't off unless power, the battery, is removed. Many phones have an internal battery, though I don't see them lasting long while transmitting on cell freqs. Of course, with as much memory as cellular phones have now, who says it has to transmit live? It would be transparent if it recorded while "off" and uploaded the sound files when the memory space became full. This is completely possible.

Re:What's so alarming here?

The standard of the Fourth Amendment is probable cause. The purpose of a warrant is to allow a government actor to invade a person's life without being invited. Probable cause must exist first implicating the person in an actual crime. To revise what you said: "The purpose of probable cause is to help isolate the [people] who are [more likely than not involved in] something illegal before invading their personal lives.

By its very nature, we don't need (nor should we require) a "good" reason to preserve privacy. Under the Constitution, privacy preservation is the status quo and remains so until the government proves it has a "good" reason to invade it. This proof is done in a warrant application with the support of sworn statements to a court of competent jurisdiction. If the local judge agrees the government has met its burden of proof (that is, has shown probable cause), a warrant shall issue.

The Fourth Amendment reads:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Re:What's so alarming here?

[jamar0303]

So am I safe by having a 3G phone that only connects to 2G networks? (If you want to know what I mean, I have a Japanese 3G phone- the 3G that the rest of the world uses is apparently different from what the US uses).

Re:What's so alarming here?

[bendodge]

They got a court order to do it, so I don't really care what they did.

A cell phone is a black box, and I bet the provider can do just about anything to it. I can call and have the software upgraded over the phone, and it makes a small changing icon when powered OFF if I plug it in, so it must still be functioning. Why could the phone be modified even when it is off?

They did it legal and straight, so why all the balking?

Re:What's so alarming here?

[squiggleslash]

Replying to the AC:

As far as I know the 3G cell phone standard *explicitly* requires that phones can be remotely activated, even when the user turned it "off". Unfortunately I never got hold of a copy of the standards (they are rather expensive and I'm not close enough to that business to have it floating around in the vicinity. Plus, I'd probably just get lost in the thousands of pages).

What a lock of crock.

First, which 3G standard? UMTS? CDMA2000? DECT? I mean, seriously, unless you're suggesting ITU-2000 has this, which is improbable given it deals with air interfaces, then why are you resorting to generic marketing terms rather than specifics?

Secondly, mobile phones of all standards and generations drain their batteries when turned off. It takes a while, but most phones at least need some power to power the "On" button. The functionality you're talking about would result in mobile phones draining power at close to the rate they do normally, when idle.

Third, any attempt to "tap" a cellphone microphone in the way you describe would be immediately noticable to the person whose phone is being tapped. Battery usage would be the same as if the phone was engaged in a phone call. No, "store now and forward later" doesn't result in any significant battery life savings, as all you're doing is breaking the same amount of effort (compression and transmission) into two steps.

Finally, the standards are not expensive, they're a free download. Go to the 3GPP or 3GPP2 sites to download the various UMTS and CDMA2000 standards respectively. If you knew what you were talking about, you'd know that.

Re:What's so alarming here?

[aussersterne]

It's this weird American tendency (or maybe it just represents the true success of Big Brother that it is powerful enough to do these things without being detected) to believe that there's no possible way corporations or the government could be monitoring you (because that would be un-American). The more they're monitoring you, the more adamant most Americans become that this is clearly impossible in America. The more evidence for surveillance and civil rights violations, the more most Americans will bemoan the proliferation of "conspiracy theories" (instead of bemoaning the surveillance and civil rights violations).

Sure, bad things happens "in Communist China" or "in Soviet Russia" or "in Socialist Europe" but never, ever, squeaky-clean-cross-my-heart, ever "in Freedom and Democracy Capitalism." It's our own inverted version of the "Oliver Twist" mythology of the other that once existed behind the Eastern Bloc.

Re:What's so alarming here?

[Catbeller]

"And an open-source cellphone will do you no good when the seperate mic runs straight off the battery inside the phone regardless if your phone is on or not. This is not much different then having the FBI tap your watch, cd-rom drive, or shaver... but I guess that would be pointless since you don't talk to any of those about your secrets right? ...do you?"

This is why I've been stumping for a year for a handset that has a separate power citcuit for the e911 function. When I don't want it on, I don't want some personal enemy with police or Homeland Security contacts turning it on by not-so-secret handset codes transmitted by the carrier to override my wishes.

I knew about remove monitoring of the mic as well, but never thought about physically depowering it as well. Add it to the list.

We need handsets that are completely open source. No hidden compiled binaries with override code routes. I want a phone that I. Can. Shut. Off.

And keep in mind that the e911/GPS tracking data is available to anyone who pays a fee. THAT'S open. Anyone who wishes to can follow your movements in real time if the e911 function is on. And of course, there's a non-disclosed back door e911 activate code as well, bet your life on it, literally.

Why worry? Circumstantial evidence can get you executed. Just being near a crime, even without your knowledge, can get you convicted by a jury. Prosecutors make stuff up. They can spin quite a yarn, and juries tend to believe the serious guy in the suit as opposed to your scruffy face. Remember the family man in California who was convicted of arson and murder because his Safeway shopping card showed he had bought lighter fluid and matches (more or less) prior to the setting of the fire that killed his family? He was convicted and sentenced to death. If the real arsonist hadn't confessed, he's still be cursing God on Death Row. This is SERIOUS, people.

Re:What's so alarming here?

[Catbeller]

And one BIG addition: I'm being way too pre-Bush here. They don't need juries anymore. Secret prosecutors with secret agendas can use e911 information to quietly, extralegally, make you disappear if they deem you a "terrorist". The standard of evidence is "I feel like it." Don't give the secret police an excuse to make you disappear. Don't give them more tracking information than they already have. Thousands have been kidnapped and shipped out of this country. It's not a theory, it's a brutal reality that we can't shut off because they aren't answering to us anymore.

Re:What's so alarming here?

[Catbeller]

A lot of innocent people have been robbed, imprisoned, tortured, and killed legally. Legal is not the same thing as right.

History, real history, is deemed so radical that Americans don't read it anymore. This I understand is why they seem to think law=good. Law is a set of rules laid down by powerful people. Read about Ethan Allen and the Green Mountain Boys; landowners, quite legally, stole farmers' own, purchased land and had them executed and imprisoned when they tried to resist the theft. The lawyers, judges, and magistrates were partners to the land theft, so the "Law" was writted to aid the thieves. A lot of people died.

Manzanar. Slavery. The Red Scare. The Haymarket Seven kangaroo trial. The Alien and Sedition Acts. The persecution under the law of gays by J. Edgar Hoover, himself a closet queen. Gitmo. Torture gulags we are currently operating around the world. The examples of "law" torturing and manipulating innocent people are endless.

Re:What's so alarming here?

[Catbeller]

Nice catch, there. Americans have a self-worship mythology that is fully congruent with the Soviet's own. Ever read Hedrick Smith's "The Russians"? Seems you have, and a lot more besides: "Oliver Twist" is a good name for their attitude. What do we call the American's mirror concept? I've heard it called "exceptionalism", but something more pithy would be good. Any ideas?

Re:What's so alarming here?

The more they're monitoring you, the more adamant most Americans become that this is clearly impossible

No, I think most people, given the evidence, believe they're being monitored. We're just not going to say so over the air.

Re:What's so alarming here?

[dthree]

I have an LG from a few years ago that had a menu option for turning off the GPS/e911 but I don't know for sure if it actually did. I guess the only way to test it would be make a 911 call with it off and i never had an occasion to call 911 with it.

Re:What's so alarming here?

[Catbeller]

Oh. yes, there are a couple of options. One is to turn it off completely. That is a software function, and as I said, don't believe it. They can turn it back on without you knowing about it. The second option is to opt-out of third parties monitoring your gps movements. Ditto.

That's why I am stumping for a physical switch on the circuit powering the gps module itself. Nuke it from orbit; it's the only way to be sure. Same for the mic.

Re:What's so alarming here?

[Keith+McClary]

Can I set up my own cell tower and take over people's phones?

Re:What's so alarming here?

[Incadenza]

Yes, it is a software thing. A similicar case popped up in a Dutch case involving a corrupt high-ranking police officer a couple of months ago. During the proces it became quite clear that he had been monitored using his own phone. But how exactly the software on his phone was modified wasn't told.

The technique that was used (by best guess), is a a variant of setting the phone to 'silent answer' and 'pickup automatically'. This has already been used with phones that were just dropped on an appropriate location. Of course, if you drop the phones they can be found and disabled.
The more advanced technique (that was probably used in the police officer case) just lets the phone 'silent answer' and 'pickup automatically' to one pre-defined number. So the phone will be functioning normally for all incoming and outgoing calls, but will eavesdrop when special agent X calls.

The question remains of course, if physical access to the phone is needed to plant the software. For if your enemies have physical acces to your phone, eavesdropping is not the only possibility, as "the Engineer" can not testify.

Re:What's so alarming here?

[strikethree]

A lot of innocent people have been robbed, imprisoned, tortured, and killed legally. Legal is not the same thing as right.

You have a valid point but I think your argument is misplaced. The point the parent was trying to make is that a reviewed and independantly authorized surveillance action is just fine in his world. I would have to agree. I am against government surveillance of all citizens but I am just fine with surveillance that is targetted at criminals when such surveillance is reveiwed and authorized by an external (judicial) entity.

strike

Re:What's so alarming here?

I have seen a demonstration where a $250k piece of kit from BAE could be used to turn on the microphone of any CDMA or GSM phone. The owner would not be aware that the microphone was on but the phone did have to be on (so that it could recieve the "off hook" command). I was assured that no hackery was involved so the phones must have been designed with this feature. I have no idea why phones would have this feature.

Re:What's so alarming here?

[really?]

A couple years ago I spent some time in Romania. It was common among some of my acquaintances to remove the batteries from their GSM phones when discussing "sensitive" issues. It was well known that eavesdropping was possible. Now it's news? Shrug.

Re:What's so alarming here?

This is in the Qualcomm hardware. Always has been.
Not kidding here.

Re:What's so alarming here?

[DMoylan]

that was my first thought till i remembered that back in '96 the israeli's killed 'Yehiya Ayyash' known as 'the engineer'. i believe the bomb was a modified battery which would be very easy to drop in as a replacement if a targets phone model was known.

it might even be possible to do it so that it wouldn't even need to be turned off in case the reset would give it away that something had been done to the phone. of course if the target were using a windows mobile 'smart phone' that wouldn't be an issue as those things restart all the time. :-)

Re:What's so alarming here?

[kimvette]

Except: the Bush administration (which I originally had high hopes for but am now extremely disappointed in and thanks to Bush I now am libertarian) considers anyone with a pulse to be suspicious.

Re:What's so alarming here?

Are there limitations as to when you can and cannot monitor dangerous suspects? For example when they sleep, or go to the bathroom, or between the hours of 9-5? Anybody know?

Limits? On government intrusion into our lives??? Quit living in the past, child.

Re:What's so alarming here?

I am just fine with surveillance that is targetted at criminals when such surveillance is reveiwed and authorized by an external (judicial) entity.

I say again -- quit living in the past, child.

The gov wants to spy on people. This was found out. So they established the FISA court to "oversee" the process. Historically, out of the thousands of requests they processed, they rejected eight. Four of those were allowed after further "evidence" was produced. That's a rubberstamp job, not oversight.

The gov would have you believe the high success rate was due to the extreme care with which the gov's lawyers prepared the cases.

BS -- if they had lawyers so good they could lose only four cases out of many thousands, they'd put them to work on other cases. The gov would never lose a supreme court case if it had lawyers who were so thoroughly prepared.

If the gov can say any (non-owned) dictator's election by 99% of the vote is a farce, they should think about how their success with the FISA court looks to intelligent people.

To top it all off, the lying hypocrites then decided the FISA process was too burdensome to allow our privacy-invaders to be "agile". So they blew off the law, with no notice, and started the warrantless surveillance program. When this was discovered, they dissed the congress and instead concentrated on going after "the leakers".

Naturally the bought and paid for criminals in congress say, "If only you'd told us it was too troublesome, we'd have been willing to negotiate easier terms." It's well known that the congressional definition of "negotiation" with this administration is to drop shorts, bend over, spread 'em and meekly inquire, "Your lube or mine, sir?"

As his final insult to the American people, the Bushtard claims the Constitution gives him the power to completely bypass the Constitution "if necessary to protect the American people."

As someone has already said, "If we want the Iraqis to have a constitution, we should give them ours -- we're certainly not using it."

Re:What's so alarming here?

Well, you could set up a picocell. As for whether you'd be able to take over their phones, that'd take a little more work.

Re:What's so alarming here?

He's mostly right you know. Anyone with a pulse can indeed be a terrorist, or be planning an attack.

Now, do you allow NO eavesdropping at all? Or do you allow some? How do you set that threshold.

The current plan seems to be heading towards "the government can watch almost everyone, almost all the time." Now, 99.999% of people are only being watched by computers, getting sorted in databases and eventually culled as old uninteresting data. The other tiny fraction are being actively watched. What is new is that the government can now easily switch among targets, adding new 'watch' people every day. And with data storage capabilities increasing (100s of PetaBytes isn't hard any more) they can keep their logs for longer and longer periods. So when they decide they want to look at you, they can pull up everything they have on you for the last 2-3 years right away.

Now, do we trust those with this power to use it wisely? I don't. But I also don't think that we as a people can expect to see this capability decreasing in any way in the future.

Logically then we must use our ability to control OUR government to make the situation livable in the future. The government MUST publish every little way that it gathers information about you, transparent policies must be put in place to allow for wide publication on the statistics of the program, and most importantly strong and ACCOUNTABLE people must be put in a position of oversight. These people must be freely elected

Short Version: Yes they monitor us, yes they are going to monitor us more in the future, no we can't stop this, yes we need elected oversight on the use of these capabilities.

Re:What's so alarming here?

[40ohms]

I have not programmed a cell phone, so I could be way off, however it doesn't sound terribly difficult to do that to many of the phones. If the configuration / software can be pushed out to the phone same as an update to the software, what is to keep you from disabling the on/off button. All the on/off button would have to do is to kill the display and ringer, maybe even autodial a number with a recorder on the other end. I doubt anyone would notice that the phone was still on if there is no display. If the battery dies how would someone notice? It certainly sounds as if this worked well for this one instance. Finding the location of a cell phone is also rather easy. Why would this be a surprise?

Re:What's so alarming here?

[inKubus]

That's why we all need to buy an OpenMoko, and then someone needs to write a public key encrypted network layer.

Re:What's so alarming here?

[Orange+Crush]

So long as the phone allows over-the-air firmware updates, anything is possible. It wouldn't need to use a java midlet but could run on the phone's native OS. The article also mentions nonstop transmitting as a potential giveaway. Why not have the phone record to local memory (most phones have at least a few megs free, plenty for 15-30mins of phone-quality audio)? It can then store-and-forward on a fixed timeframe to appear less suspecious. (idle GSM phones 'ping' the base station periodically anyway.)

Re:What's so alarming here?

[bendodge]

If the law is wrong, change it. If you don't like our government system, change it or move out of the country.

For some reason, our country is currently under marshal law. It shouldn't be, but it is. That is why Bush thought he could spy warrantlessly.

FBI?

[Aceticon]

I bet that the NSA uses "feature" a lot more than the FBI, and when they do it they certainly don't tell anybody about it.

The big difference is that the NSA will use this for counter-terrorism and also for industrial espionage, while the FBI probably only really uses it for crime investigation.

Re:FBI?

Industrial Espionage? Get over Euroself. AirBus got caught bribing officials.

Re:FBI?

[Captain+Jack+Taylor]

Mmm, quite probably, and it's too bad. It's quite a useful technique when it's used for legitimate surveillance.

The Solution

[FrostedWheat]

Remove the battery.

Or better yet, don't have one!

Re:The Solution

[rjdegraaf]

... or stick on one of those funny led-light-devices which lights up when the phone transmits data.

Re:The Solution

[houghi]

I did that once and it must be broke. The thing lighted up all da time. Fohgedaboutit.

Re:The Solution

[jamar0303]

Not necessarily- I usually carry around a "phone" only as a cheap camera/MP3 player, and it doesn't work outside the country it's sold in because it runs on 1500MHz. I'm not sure even the government can suddenly create a cell network just to spy on one person.

Thankfully, it's easy to mod your phone

Due to the design of cell phones, it's actually very easy to modify a phone so that it gives a clear visual indication of whether it is transmitting or not.

If, for whatever reason, your phone starts transmitting (be it on a call, or because the FBI have remotely activated it), then some LEDs can be configured to light or flash - providing clear visual feedback. This could be a bit more convenient than removing the battery except when needed.

In fact, you can get the modification kits ready for use, for less than $5 - and installation, can take less than 30 seconds.

These kits are more usually sold as novelties for 'ricing' phones, but they can also be used for serious purposes:
Example kit

Re:Thankfully, it's easy to mod your phone

[Ziwcam]

When I was in Germany, a local Chinese restaurant would hand out cutsie little bangles that you could attach to the top of your cellphone that would blink when your phone was transmitting and receiving. They would also go off if someone within a few feet of you was also on their phone...

I find it amusing that those frilly foo-foo things could be used to combat legal (or illegal) eavesdropping.

Re:Thankfully, it's easy to mod your phone

[quantum+bit]

Or just set the thing down next to a speaker and listen for the characteristic click-click-buzz when it's transmitting. Some phones are even powerful enough that my car stereo picks it up, or leaks into the signal of a nearby land-line (the PBX phones are work are real sensitive to it).

On occasion I've put my phone down next to an LED flashlight, and when the phone rings the flashlight turns on!

Re:Thankfully, it's easy to mod your phone

if I put my cell near my CRT monitor, I get a similar effect (flickers when the phone transmits).

For transmissions related to an incoming call, it occurs a good second or so before the phone actually rings.

Re:Thankfully, it's easy to mod your phone

This happens to me constantly, that annoying interference. When my phone is anywhere near an active stereo or speaker it picks up that interference. Also, I have a logitech mouse (not wireless), it's an MX310, and if I put my cellphone next to it or near to it, the mouse freaks out, like the left click is constantly active in rapid fire fashion so where-ever the pointer is located it registers a constant stream of clicks until I get the phone away from the mouse. I always thought that was pretty weird for a mouse that has a cord attached.

Re:Thankfully, it's easy to mod your phone

[dthree]

I have only noticed the audio thing on my Nokia GSM phone. The motorola GSM phones my family uses don't do that and none of the CDMA phones I've had in the past (5 or 6, i think) did that. Sometimes does drive me nuts.

My Opinion

[iamdrscience]

As someone who has on several occasions had to listen to my brother's phone pick up in his pocket without him realizing, I don't think this is much of a problem. If the FBI wants to listen to my pocket lint, more power to them.

Re:My Opinion

[BoberFett]

Of course, because you have nothing to hide. For now.

Re:My Opinion

[kimvette]

You have nothing to worry about. After all, the Feds only consider liberals and muslims to be terrorists, and possibly gays. You're okay, so don't worry about it. Now that the Democrats control both houses and SCOTUS, and will likely be in the Presidential seats in a couple of years, Jews and Christians will be next, but that's okay because you are either athiest or "Christian" in name only. No need to worry, because it doesn't affect you. But when it swings in the other direction, and the following administration considers YOU to be desirable, who will be left to speak up for you?

Obviously I adopted the above from a famous quote, a quote to keep in mind when you consider politics and government interference in private lives:

Lutheran minister and German war veteran Martin Niemoller mirrored middle-class German society of that time: "First they came for the Communists, and I didn't speak up, because I wasn't a Communist. Then they came for the Jews, and I didn't speak up, because I wasn't a Jew. Then they came for the Catholics, and I didn't speak up, because I was a Protestant. Then they came for me, and by then there was no one left to speak up for me."

One should always, always, ALWAYS limit government in any/every way possible and/or necessary. NOW is the time while we have the power to vote, and that should be exercised lest we lose that right. I'm ashamed to say I didn't vote in this past election because I KNEW that the candidates I wanted to vote for did not have even a prayer of winning. If I thought there was ANY chance that someone might push Kennedy out of his seat, and that Patrick would not win the gubernatorial race, I'd have voted. In the other office I cared about (local) most seats were uncontested/single candidate. :(

where's the news?

At least here, in Estonia, this technique has been in use for many years. I'm sure same goes for all other EU countries. Btw, if you remove the phone's battery, you still can't be sure it's powered down... sometimes the police install a second, hidden battery in the phone.

I guess this also has been going on in the US for years. But I guess the US gov is so f*cked up in every possible way that nothing really matters when it comes to "protecting the world from terrorists". Even if it's illegal. So for-god(f*ck that too)-knows-what now they need to make this spying legal. Big news.

Re:where's the news?

[AlHunt]

> sometimes the police install a second, hidden battery in the phone

You guys must have some awfully big c-phones there in Estonia.

Re:where's the news?

[Simon+Garlick]

Given the state of the mobile-phone industry in the USA--i.e., five years behind the rest of the world--my money would be on Estonia having the better hardware.

Re:where's the news?

[kimvette]

Btw, if you remove the phone's battery, you still can't be sure it's powered down... sometimes the police install a second, hidden battery in the phone.

Disassemble your cellphone and let us know if you have room in it for a button cell, or even a decent-sized electrolytic capacitor. I can pretty much guarantee you do not, unless it's an actual (analog) cellphone, in which case eveb a CR2032 3V lithium cell could not even power up the unit for a second.

Re:where's the news?

[FMprime]

Instead of removing the battery, or installing a privacy switch on the microphone, why don't you just put your cell phone in a metal container to block all electronic signals. Here's an example that is used for passports: http://www.mobilecloak.com/mobilecloak/

As long as there's a court order...

[plnrtrvlr]

...then I don't care whose phone is getting bugged or how. Technology is constantly changing, so our abilities to moniter the public changes as well. It is the job of the courts to assure the public that this does not occur without probable cause. As long as there was a court order to bug the mob guys' phone, I don't care how they do it. I just want constant assurances that our government is allowing judicial oversight. This is all just a rehash of the same old story from back in the days when they were first tapping phone lines across the street from Ma Bell's switchboard.

Re:As long as there's a court order...

[idlake]

It is the job of the courts to assure the public that this does not occur without probable cause.

Well, as the Bush administration has shown, it's not the job of the courts to do this. And if spying becomes as simple as pushing a bunch of buttons, you can be certain that people will do it without a court order.

This is all just a rehash of the same old story from back in the days when they were first tapping phone lines across the street from Ma Bell's switchboard.

Well, no, it isn't. That required physical access and had significant costs associated with it. Now, the costs are considerably lower, and surveillance follows the person around. That changes things considerably.

Overall, it's a question of balance, not black-or-white-it's-all-the-same style arguments, like you're making.

Re:As long as there's a court order...

[mikelieman]

"It is the job of the courts to assure the public that this does not occur without probable cause."

We have a 2nd Amendment to make sure the WE can enforce the 1st.

RELYING on a court to provide for your Freedom and Liberty, when you have NO RIGHT to a Writ of Habeas Corpus is just plain dumb.

You might NEVER SEE A COURT.

Re:As long as there's a court order...

[plnrtrvlr]

Actually, the argument you are making is totally different..... I've said "as long as there's a court order" and you've said "but the Bush Admin has shown......" Well, this is the crux, isn't it? As long as the law is followed and a court order is issued before such surveilance occurs, no big deal. "The Bush administration has shown they ignore the law" is a different argument. If the law is followed, it's only the tech that has changed. And according to the article, this new tech still requires physical access first...........

Re:As long as there's a court order...

[idlake]

"The Bush administration has shown they ignore the law" is a different argument. If the law is followed, it's only the tech that has changed.

It's not a different argument at all; my point is that if you make it easy to do these things, the government will invariably abuse the technology sooner or later. Nixon showed that there was the desire (but not the ability), Bush showed that there was the ability (but perhaps not the desire), and sooner or later, both ability and desire will meet in the same administration.

And according to the article, this new tech still requires physical access first...........

You misread the article; in fact, the article was pretty clear that (1) this can be done without physical access, and (2) the government is probably doing it without physical access but just doesn't want to admit it.

Re:As long as there's a court order...

[muellerr1]

Just because the Bush administration ignored the Constitution and broke the law does not change the fact that it IS the job of the courts to issue warrants for wiretaps. Just because wiretapping is so easy that the President authorizes it without a warrant does not make that authorization legal.

Your argument that physical access and high cost made tapping phone lines legal is just weird. Just because the costs are lower and there's new technology shouldn't change the principle behind the wiretapping laws. With probable cause the FBI can get a warrant to take your computer, too. They can get a warrant to bug your office, and even hide a bug on you as in this cell phone case. Keeping the process transparent to the courts is critical to avoiding abuses, which is why Bush kept his illegal wiretapping secret. You're right about one thing: people will abuse power if they can get away with it. But again, just because they get away with it does not make it less illegal.

I appreciate that some laws may be interpreted and are not always black and white, but in this case it's just the technology that has changed, and not the law. But good laws SHOULD be black and white because what good are legal grey areas? That's why the courts interpret the laws, to make them less grey.

Re:As long as there's a court order...

[Chris+Burke]

We're talking about the potential and likelyhood of abuse.

Just because wiretapping is so easy that the President authorizes it without a warrant does not make that authorization legal.

And yet it occured anyway, and the President has not been censured in any way as a result. The precident is there, and more importantly there is no reason to think this abuse is not ongoing. We know that warrantless wiretaps have been performed, and we know that the President feels he is perfectly within his rights to order more. He doesn't think it's illegal, and yeah that doesn't make it legal, but does that matter when nobody is stopping him from doing it?

Your argument that physical access and high cost made tapping phone lines legal is just weird.

No, the poster was arguing that the physical access and high cost made illegal abuse of phone line tapping unlikely, or at least less common.

but in this case it's just the technology that has changed

Yes, so it's just the difference between agents having to go out to someones home and physically set up a listening device for every home they wish to spy on, and an agent sitting at his desk clicking a button to spy on whichever house he wants. Which is easier to get away with? Which leaves more evidence, a physical device or a log on an FBI computer? Which is more convenient for performing wiretaps on a massive scale? Which method is more friendly not only to systematic abuse like the President's program, but also to rogue agents wishing to abuse their power individually?

That's really why this is alarming. The fundamental process of requiring a Judge to issue a warrant on probable cause of a crime before law enforcement is allowed to wire tap is sound. The problem is that new technology has made it easier than ever to surreptitiously circumvent that process. Whether that motivates any changes to the law, I don't know, but it certainly motivates my concern!

Re:As long as there's a court order...

[BillyBlaze]

So you really wouldn't be bothered by a camera in your bedroom that doesn't tell you whether it's transmitting, as long as our infallible media told you it would only be used with judicial oversight?

I think the issue is that the technology to monitor cell phones remotely while off, if it exists, does not just make it easier to bug cell phones. It actually constitutes bugging them. Bugging someone's home doesn't mean turning on a mic you put there earlier, it means putting the mic there in the first place. If cell phones can really do this, it would mean your phone has already been bugged, and unless there's probable cause to suspect every cell phone user, illegally so.

Re:As long as there's a court order...

[fingusernames]

Just because the Bush administration ignored the Constitution and broke the law does not change the fact that it IS the job of the courts to issue warrants for wiretaps. Just because wiretapping is so easy that the President authorizes it without a warrant does not make that authorization legal.

Yet, just because you believe it is illegal does not make it so.

The 4th amendment:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

No where does it mention a court. It does mention the concept of reasonableness. And courts, in review (note: review), have been known to decide that particular searches are reasonable even without a warrant.

Our federal system is, famously, flexible and grey. That is what has permitted it to grow into what it is today with very little substantive change to the Constitution. Rather than demand a black and white legal framework, we have accepted, essentially, a mixture of a statutory and common law constitution. We have accepted that there is a constant give and take between the branches, and that the powers of those branches ebb and wane and change over time. See Marbury v. Madison. One cannot have one's cake and eat it too. One cannot have a federal constitution that permits a federal minimum wage based upon the Commerce Clause, something clearly not supported by a purely textual or intent-examining interpretation, that sanctions a government with tremendously broader powers than ever envisioned by its authors, yet also demand that the clauses pertaining to, say, searches be unyielding to flexibility. In particular since the text of the 4th amendment is clearly open to interpretation in terms of what constitutes reasonableness.

You will surely argue that the president has violated some statute. Perhaps he has. Yet whether that was illegal per se is open to question in our legal system. The powers of the president are not solely derived from congressional act. Bush is a believer in a Hamiltonian strong executive, and that is the doctrine he pursues as he attempts to reshape the office. There is nothing wrong with that doctrine, other than being contrary to the politics of critics, so long as he abides by legal decisions restraining his actions, which he has. Whether he can reasonably claim that his actions in this wiretapping program are authorized from his constitutional powers, unrestrained by statute, is a valid question, and is being decided via judicial review. That is the way it works, and it is working. You may have an opinion on whether his actions were legal, constitutional, or not. Whether or not that is actually the case however has yet to be decided.

Larry

Re:As long as there's a court order...

Technology is constantly changing, so our abilities to moniter the public changes as well. It is the job of the courts to assure the public that this does not occur without probable cause.

If you had continued to pay your newspaper bill and they hadn't therefore had to stop delivering it three years ago, you'd understand how silly your statement is.

Re:As long as there's a court order...

[elgaard]

Maybe we should not blame the courts for letting the police doing this, given probably cause.

But sneaking bugging devices into the pockets of millions of unsuspecting citizens is just wrong.

We do not know who is responsible for this invasion of privacy. But if people could choose between a phone that would let you be bugged and one that would not, most would probably choose that latter. In a free marked you would expect phones to be sold as bug-free, with big yellow stickers saying "this phone will not let you be bugged".

So why are we not seeing those stickers?

Hmmmm

[Sv-Manowar]

I have no doubt the ability to record from the microphone when the phone is off is available to certain people, most phones nowdays have alarms where you can set it for a time - turn the phone off and it will turn itself back on at the specific time and sound your alarm. Now if you think about what does this, then surely there are other abilities built into using the phone when you believe it is "off". Hell, the whole "geographic communications cell that the call was made in is stored with the details of the call" giving away your location, and then being able to pinpoint it via triangulation from other cells is worrying enough.

It seems as if with the advent of mobiles taking over from landlines in the vast majority of calls, network operators are being made to (or doing it for their own reasons) to provide vast amounts of information and features so that calls and conversations can be tracked like this. It's all very well catching criminals (although the Orwellian feelings are building within me already), but what happens when it's misused. This situation reminds me very much of ISPs and net service providers with the email tracking/reading and browsing history situations.

Re:Hmmmm

Many cell phones have "internal batteries" that enables the phone "to run" even if you remove its main battery

If you own nokia and have its main battery almost empty try the following *3370#
and it should get charged-up from internal battery

I must then ask

[the_REAL_sam]

Which phone manufacturers did NOT sell all of its customers out to the government? Perhaps there are specific model numbers that are not compromised? Or perhaps before a certain year?

Anyhow...if I unplug the phone battery it's off for sure...right?

Re:I must then ask

[Joebert]

Which phone manufacturers did NOT sell all of its customers out to the government?

The ones with low profits & high taxes over the last decade.

Re:I must then ask

[mikael]

According to this 3G tutorial, (page 118) wireless LAN's are the biggest threats to 3G dominance:

Biggest Threat to Today's 3G -- Wireless LANs

  Faster than 3G - 11 or 56 Mbps vs. 2 Mbps for 3G when stationary

  Data experience matches the Internet with the added convenience of mobile
  Same user interface (doesn't rely on small screens)
  Same programs, files, applications, Websites.
  Low cost, low barriers to entry

  Organizations can build own networks - Like the Internet, (Wireless) will grow virally
  Opportunity for entrepreneurs!
  Opportunity for wireless operators?

Re:I must then ask

[Technician]

Anyhow...if I unplug the phone battery it's off for sure...right?

Store it in a metal paint can with the lid on. A 100% farady cage works for me. Be sure to test it for integrity by calling the phone. It should be un-reacbable.

Re:I must then ask

Store it in a metal paint can with the lid on. A 100% farady cage works for me. Be sure to test it for integrity by calling the phone. It should be un-reacbable.

Just like my Samsung (Sprint) phone is, anywhere in my house.

Technically feasible

[ruppel]

The activation of cell phones microphones by the underlying network is actually possible with a lot of mobile phones (maybe all of them). The finnish government has had a guideline for classified meetings in place since the early nineties that strictly mandates all cell phones to have their batteries removed during the meeting because of exactly this possibility.

Re:Technically feasible

There were warnings issued by the NZ Intelligence folks on this back in '99. Given the NZ Intelligence services are NSA shills it's likely the information came from there. This is a real issue and risk.

secrets of cell phones

there are actuially a few secret goodies available to the feds in many modern cell phones.

First... Sat based GPS is NOT required in most cells phones to silently get perecise location, as per FCC device regulations and as per millions of dollars in levied and honored fines to lagging noncompliant cell providers.

also part of underwraps subsections of ETSI LI spec framework for LI (Lawful Interception) hint at leveraging the E911 feature that makes a cell not be able to disconenct if a 911 operator toggles a cell phone into "stay online no matter what" mode. Heck, ive played with that mode once... had to rip out the battery! (no way to hang up). Technology was added to prevent poor signal drops during a 911 call, but then used to keep line open while victim is delirious or expiring. For docs, Just look for havesting all spec docs starting with S3LI03 prefix on the net. Or hang around Cryptome or usual places.

Regarding the gocv tracking your movements in real time (if battery not removed from your non-GPS cell : 1996 the FCC defined a fancier "E911 Phase 2" for more precise ALI information to PSAPs using latitude and longitude information, and to identify a mobile caller's location within 125 meters (410 feet) 67% of the time to the PSAP. A PSAP is one of over 6,000 Public Safety Answering
Points (PSAP), some route , some deal directly with initial public calls. FCC 97-402 CC Docket No. 94-102 rules (i.e., by October 1, 1996). besides the 34-bit Mobile Identification Number (MIN), being sent in Phase I of E911, the 34 bit MIN accepted a "call back' even without a valid phone number, as the 1996 regulation also stipulates that CELL PHONES WITH NO CONTRACT OR DORMANT DEVICES MUST HAVE FREE ACCESS TO 911 service, no matter what. The tracking protocol is indepentdant of billing accept/reject.

To allow the cell to be detected within 410 feet WITHOUT GPS, cell phone towers use triangulation methods automated with cellular geolocation systems involving time difference of arrival (TDOA) and angle of arrival (AOA)

As for REMOB mode of cell phone (remote observation) the details seem to be partially vender unique, but it is supected that the table is trivially assined via Mobile Identification Number (MIN) table lookup in REMOB snitch mode.

PLEASE NOTE that the court documents allowing the voice tapping of the MAFIA suspect stated "OR OTHER MEANS". the "OR OTHER MEANS" is the non modified NON_ALTERRED original cell phone being merely set in a VOX mode for packet burst with simple threshold to sleep unless steady VOX activation, controlled partly by other terminal point. Otherwise battery of a modern cell will last only a few hours.

I cannot believe all the fools in this thread that actually believe the FBI has ability to add devices INSIDE a modified cell phone. Yeah... like theres lots of empty space!!! The judges papers said OR OTHER MEANS and this other means is the REMOB mode. Similar to onstar silent snithc mode in cadillacs.

If you really want to panic... the FBI buys the RFID scans of all the points on NY turnpike taht record car tire RFID that the TREAD act mandates to allow gov to uniquely track movements of all cars by untamperable chips in the tires... even at 90 miles and hour adn 12 feet away (though instaed of overpasses for RFID car tires as in parts of I-75, reading coils UNDER the pavement are used, as with the RFID tire impressions collected at canadian border customs booths.

sorry for all the lazy typos. I am very tired. an i know that factual anon posts stay +0 until the FBI shills squelch them to -1 rapidly with there grooming accounts they use here to stifle agitatant insider posts like this one.

Re:secrets of cell phones

[Watson+Ladd]

They don't track cars via the tires. They detect cars by detecting the body of the car or the pressure exerted on a hose in the asphalt. They can also use EZ-pass to track. But this isn't much of a concern as they could just have toll operators write the license plate down of everything that goes through.

c/net says it was the internal microphone

[femto]

According to c/net it was the internal microphone. They give some consideration to the possibility of a separate bug but conclude the weight of evidence points to the internal microphone being activated without the owner's knowledge.

While I'm at it I'll repeat a comment I posted on Technocrat:

Given that all mobile/cell phones are required to be locatable (its for your own safety remember?) and need to be accurately synchronised with a base station, what are the chances of forming a phased array using all microphones within a certain radius of a point? That way one could eavesdrop on a conversation well away from the nearest mobile phone.

I would guess that there is no need for a super accurate location or time. Measure the two as close as possible then record all streams from mobiles in the area. Next feed the whole lot into a super computer and do a big cross correlation with sliding windows centred about the best guess at relative phase (based on the measured location and time).

It is worth noting that the wavelength of the radio signals a mobile phone uses is comparable to the wavelength of the audio frequencies of the human voice. Thus in theory it is possible for a mobile phone base station to locate a mobile phone to within a fraction of an audio wavelength, exactly what is needed for a phased array.

Re:c/net says it was the internal microphone

[jacksonj04]

Umm, cell phones aren't required to be locatable. It's a byproduct of the technology used (as with any radio device) which means they are locatable whether there's a requirement or not.

As for the phased array, does it take into account things like pockets? Not to mention you'd need very detailed weather patterns to cope with the wind carrying sound, Doppler etc.

Re:c/net says it was the internal microphone

Given that all mobile/cell phones are required to be locatable (its for your own safety remember?) and need to be accurately synchronised with a base station, what are the chances of forming a phased array using all microphones within a certain radius of a point?

I work with sonar systems, not cell phones, so I don't know how accurately you can timestamp the data stream from a cell, or how accurate the position location information is. However, given the speed of sound in air (333 m/s) and band of interest (200-4000 Hz), I can say you would need position accuracy within a few centimeters and timing accuracy better than tens of microseconds.

That said, if you had a hell of a lot of processing power, you could tap all the cell phones in an area and use a process called bicorrelation (or maybe even tricorrelation) to try to dig out individual voices, without having to know exactly where the phones are, or having them synchronized. It's just an O((n log n)^2) = O(n^3) algorithm or so.

All that said, I've been told that if you have the cell phone's serial number, you can remotely command it to switch on the microphone, and record the audio stream coming back from it, if you control the local cell network. The phone may indicate that it is switched on, and you can probably turn it off, but you have to notice it. The phone won't ring or vibrate if you turn the microphone on remotely.

Re:c/net says it was the internal microphone

[jcknox]

Actually, all new cell phones in the US are required to have internal GPS receivers so they can be located when dialing 911. All of the cell phones I've seen recently have a menu option for making this data available to services other than 911 so that location data can be pushed to mapping services, etc.

Many of the phones will show you your position (Lat/Lon) if you know how to get to the engineering/test menus -- unless you are stuck with Verizon (like I am) -- they handicap all of their phones in the false hope of being able to sell me the included features as an add-on later.

Re:c/net says it was the internal microphone

[khayman80]

This is a fascinating idea, but I wonder if the cell phones could actually be located accurately enough. My understanding of cell phones is that each phone is "located" in the sense that the tower that it's communicating with is reported to 911 operators. Perhaps different cell phone towers could compare the time delay of the phone signals and perform triangulation? If so, this would seem to require nanosecond timing accuracy (1 foot at lightspeed takes 1 ns) and I'm not sure that's feasible across the country. Someone mentioned GPS receivers, but those are only accurate to within 10s of meters unless they're very expensive fixed geological stations as far as I know.

Re:c/net says it was the internal microphone

[Dun+Malg]

Actually, all new cell phones in the US are required to have internal GPS receivers so they can be located when dialing 911. A nice idea in theory, but in practice it's largely useless. The nature of GPS is such that the receiver needs to have a fairly unobstructed view of a large sector of sky for a goodly amount of time in order to calculate position. It works passably well when someone's outdoors, not under any cover (including trees), and holding the phone up to their head. When the phone in your pocket, on your belt in a case, indoors, or in the car, GPS is not going to work.

Re:c/net says it was the internal microphone

[Lehk228]

that is not true, they must have GPS OR enhanced triangulation from cell towers.

Re:c/net says it was the internal microphone

However, given the speed of sound in air (333 m/s) and band of interest (200-4000 Hz), I can say you would need position accuracy within a few centimeters and timing accuracy better than tens of microseconds. You would also need the original signal. Please remember, that if the standard radio module is used, it means that audio will be compressed. Any modern compressed audio signal has just one thing common with the original signal: it resembles the original closely enough, when heard by human ear. No other resemblance is required, nor usually even desired. This compressed signal does not carry the phase information anymore and hence is nearly unprocessable by the proposed method.

Re:c/net says it was the internal microphone

[Catbeller]

By federal law, all cell phomes sold in the US after 2004 have GPS tracking installed. You cannot even activate an older phone wihtout GPS if you, say, buy it on eBay. You are being tracked, and you've no choice in the matter. There is a deactivate option on your phone menu, but if you believe that you can believe that the police only convict guilty people.

It's pissing me off. I'm using an older phone, and eventually it will fail. I will not purchase a tracking device, so I guess I'll be untethered to a cell phone.

I want that GPS circuit separately powered, with a physical disconnect switch, or no go.

Re:c/net says it was the internal microphone

[Junta]

That's why it isn't by and large traditional old GPS, it's aGPS. That's why they also can quickly get location lock instead of taking some time. And yes, I believe for E911 operation phones are required to implement some sort of way to give precise location, such as aGPS.

Re:c/net says it was the internal microphone

[dthree]

First, its incorrect that a federal law that phones have to have GPS. The law states (look upthread for link) just that it has to be locatable to route 911 calls correctly. This is done on non-gps phones by cell tower triangulation. This means that it wouldn't matter even if you could figure out a way to shut off the GPS, the phone's radio signal will still give away it's location. However, the (partially) good news is that the accuracy of location technology doesn't have to be in feet or even tens of feet. It just has to be good enough to know what township you are in in order to route 911 calls. So the feds won't know when you are actually in your mistress's house, just when you are in her town.

Re:c/net says it was the internal microphone

[Catbeller]

Exactly right. But to this I add that not only does e911 service enable them to do all sorts of nifty tricks to great precision (given the uncertainty of the signal), they can provide the data to third parties who pay a nice fee for the tracking data. The user can opt-out, but no doubt theat can be quietly countermanded on the phone company's part.

What the new precision coupled with cheap data storage and mic monitoring means is that pretty much anyone can pay a fee or use influence to track every move you make or listen to what you do while you are holding that phone on your person. No police state in history has had such a dream become reality.

I saw the GPS tracking service actually used as plot point on Veronica Mars this season (3). VM sneakily switched on her boyfriend's third=party tracking menu option. Then she used her dad's *subscription* to GPS cell phone tracking data (Google it, there are a few!) to watch his movements in real time.

Leo LaPorte of ScreenSavers/TWIT fame uses a cell-phone tracking service subscription to monitor his kids.

And let's not forget what private investigators, political opponents, corporations, powerful cults (moonies and scientologists), reporters, your parents, the creepy guy across the street, insurance companies, prosecutors, sales departments, and people who plain don't like YOU can do with the data. Worry about terrorists? This IS terror! And I'm sure it'd be pretty useful for those o-so-feared killers as well. No trained guerilla fighter would ever use a cell phone, but they sure as hell will use that "anti-terrorist" tracking data to find selected victims in the future. Why use tinted windows and parked cars to track your target when you can just use a laptop?

Re:c/net says it was the internal microphone

[UncleTogie]

From the FCC's website:

Phase II E911 Rules

The FCC's Phase II E911 rules:

Require wireless carriers, within six months of a valid request by a PSAP, to begin providing more precise location information to PSAPs, specifically, the latitude and longitude of the caller.

This information must meet FCC accuracy standards - generally, it must be accurate to within 50-300 meters (depending on the type of technology used)."

Link to the full text at http://www.fcc.gov/cgb/consumerfacts/wireless911sr vc.html

Re:c/net says it was the internal microphone

[UncleTogie]

Sorry to reply to my reply, but I almost forgot....

Another great example... Just give this phone to the person you want to track and off you go:

http://www.popsci.com/popsci/how20/f88b973910a9a01 0vgnvcm1000004eecbccdrcrd.html

Re:c/net says it was the internal microphone

[matfud]

You can use independent component analysis to pull out up to N independent signal sources if you have N mics. Note that first you would have to account for time delays although these are not likely to be significant for a group of people talking to each other.

GSM mobile phones have a very accurate internal time signal. They need this to be able to broadcast in their allocated slots (not sure about CDMA). Timestamping recorded data should give you sufficient accuracy to remove any delays if they are not insignificant in the first place.

matfud

Re:c/net says it was the internal microphone

[femto]

Cell phones are synced to at least microsecond (us) accuracy due to the signaling protocols used. It is worth noting that civilian GPS provides 1us timing accuracy, so in practice phone base stations are probably synced to better then 1us. At 1.9GHz wavelength is 16cm, so with stable oscillators and multiple base stations location to centimetre resolution could be done.

Compare with carrier phase tracking GPS. GPS (L1) is 1575.42 MHz while cell phones are typically 1900MHz. Being a similar frequency cell phones have the potential to be as accurate as carrier phase tracking GPS.

Carrier phase tracking GPS can provide relative accuracy of the order of millimetres.

Re:c/net says it was the internal microphone

[__aajfby9338]

One point that I don't think the Wikipedia description made clear enough is that Assisted GPS allows significantly higher acquisition sensitivity than conventional GPS. An Assisted GPS receiver with proper aiding information from the cell network can acquire a fix at signal levels much weaker than what a normal GPS receiver would need for tracking, let alone acquisition (a GPS receiver can continue tracking satellites at lower signal levels than it needs for acquisition). This allows A-GPS equipped phones to get a fix indoors in conditions where conventional GPS receivers can't see any satellites. The position error may be a lot higher than it would be in clear sky (due to lower signal levels, multipath distortion, poor visible satellite geometry, etc.), but it can still be good enough to narrow the phone's location down to a single building. I've even seen an A-GPS receiver acquire a fix inside an elevator.

An A-GPS receiver starts out knowing roughly where it's located (based on cell site information), what satellites are visible, where they are and what their Doppler offsets are, precisely what time it is, and (at least in CDMA phones) it has a very accurate and stable frequency reference derived from the cell network, before it even starts listening for satellites. A conventional GPS receiver starts off with much less information, i.e. a much less accurate time value from a battery-backed clock, its last location (which may or may not be close to its current location), satellite information from the last time it operated (which may be out of date), and a local frequency reference which has most likely drifted since the last time it was used and doesn't benefit from being phase-locked to much more accurate frequency references present in the cell network. All of this stuff affects both acquisition sensitivity and time-to-first-fix.

Disclaimer: I'm not a GPS expert, but I am an engineer in the GPS industry and I design and build GPS hardware for a living.

The Article Points Out

[cybercrime]

Several ways which suggest that FBI and Nextel were able to actually activate the built-in cell phone microphone remotely, or least use the cellular network to obtain some remote surveillance.

The affidavit seeking the court order lists the target's phone number his 15-digit International Mobile Subscriber Identifier, and lists Nextel as the service provider. Why would they have to disclose this information to the court if they were just planting an ordinary bug which requires none of the above information? Maybe the affiant wanted to create a diversion for the thousands of slashdoters who would read it and wonder how they did it, or maybe there was a legitimate reason to put all of this information in the affidavit and actually use Nextel's network and the phone capabilities to listen on the target.

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

NOT TRUE! LIES!

Parent poster is lying and trying to coverup the shocking truth! (parent is a fed shill?)! Parent post did not cite section three PROPERLY of wiretap judge affidavit.p1.120106.pdf. Read it yourselves folks and spot the blatant parent post lie The FBI used the blanket method "OR OTHER MEANS" as clearly specified in the document. No modification to the cell phone was made AT ALL. No mods needed. (or feasable)

There are actually a few secret goodies available to the feds in many modern cell phones.

First... Sat based GPS is NOT required in most cells phones to silently get precise location, as per FCC device regulations and as per millions of dollars in levied and honored fines to lagging noncompliant cell providers.

also part of underwraps subsections of ETSI LI spec framework for LI (Lawful Interception) hint at leveraging the E911 feature that makes a cell not be able to disconnect if a 911 operator toggles a cell phone into "stay online no matter what" mode. Heck, ive played with that mode once... had to rip out the battery! (no way to hang up). Technology was added to prevent poor signal drops during a 911 call, but then used to keep line open while victim is delirious or expiring. For docs, Just look for harvesting all spec docs starting with S3LI03 prefix on the net. Or hang around Cryptome or usual places.

Regarding the gov tracking your movements in real time (if battery not removed from your non-GPS cell : 1996 the FCC defined a fancier "E911 Phase 2" for more precise ALI information to PSAPs using latitude and longitude information, and to identify a mobile caller's location within 125 meters (410 feet) 67% of the time to the PSAP. A PSAP is one of over 6,000 Public Safety Answering Points (PSAP), some route , some deal directly with initial public calls. FCC 97-402 CC Docket No. 94-102 rules (October 1, 1996). besides the 34-bit Mobile Identification Number (MIN), being sent in Phase I of E911, the 34 bit MIN accepted a "call back' even without a valid phone number, as the 1996 regulation also stipulates that CELL PHONES WITH NO CONTRACT OR DORMANT DEVICES MUST HAVE FREE ACCESS TO 911 service, no matter what. The tracking protocol is independant of billing accept/reject.

To allow the cell to be detected within 410 feet WITHOUT GPS, cell phone towers use triangulation methods automated with cellular geolocation systems involving time difference of arrival (TDOA) and angle of arrival (AOA)

As for REMOB mode of cell phone (remote observation) the details seem to be partially vender unique, but it is suspected that the table is trivially assigned via Mobile Identification Number (MIN) table lookup in REMOB snitch mode.

PLEASE NOTE that the court documents allowing the voice tapping of the MAFIA suspect stated "OR OTHER MEANS". the "OR OTHER MEANS" is the non modified NON_ALTERRED original cell phone being merely set in a VOX mode for packet burst with simple threshold to sleep unless steady VOX activation, controlled partly by other terminal point. Otherwise battery of a modern cell will last only a few hours.

I cannot believe all the fools in this thread that actually believe the FBI has ability to add devices INSIDE a modified cell phone. Yeah... like there's lots of empty space!!! The judges papers said OR OTHER MEANS and this other means is the REMOB mode. Similar to onstar silent snitch mode in Cadillacs.

If you really want to panic... the FBI buys the RFID scans of all the points on NY turnpike that record car tire RFID that the TREAD act mandates to allow gov to uniquely track movements of all cars by untamperable chips in the tires... even at 90 miles and hour adn 12 feet away (though instead of overpasses for RFID car tires as in parts of I-75, reading coils UNDER the pavement are used, as with the RFID tire impressions collected at canadian border customs booths.

sorry for all the lazy typos. I am very tired. an i know that factual anon posts stay +0 until the FBI shills squelch them to -1 rapidly with there grooming accounts they use here to stifle agitator insider posts like this one.

Not the issue... here is the issue.

[Antony-Kyre]

Assuming cell phones can be listened on in the way described, I have this to say. The issue is whether the government is forcing cell phone manufacturers to include backdoors.

Re:Not the issue... here is the issue.

[Cheeze]

and also if they are letting the government listen in without warrants, and violating the phone owner's right to privacy.

Re:Not the issue... here is the issue.

[Ron+Bennett]

The government already has before for other products, such as scanners and printers for various purposes. And it was kept secret for quite awhile - do a search on google, slashdot, etc for the articles.

Most scanners are designed to detect the special markings on currency and subsequently will not scan it accurately; most printers are designed likewise.

In addition, in both categories of products, many of them embed a unique identifier in their output. Only realistic way to determine if one's scanner and/or printer is doing this is to use several different units of the product with identical inputs and compare the outputs for differences; would most likely be indicative of tagging.

Ron

Re:Not the issue... here is the issue.

[Antony-Kyre]

I don't wish to focus on the issue of the lawfulness of warrartless wiretapping since it seems to be a direct violation of the 4th Amendment regardless of any federal legal statutes passed.

maybe they just bought a COTS phone

[SaberTaylor]

Maybe they just bought a commercial off the shelf (COTS) bugged phone, and surreptitiously replaced the phones after copying the user settings.

These phones went the rounds of the blogs a while ago so I think they're real:
http://www.spyphones.com/

Not to mention you can use a phone itself as a remote GPS tracker. See this link from cruel.com in August:
http://forums.accutracking.com/viewtopic.php?t=494 &postdays=0&postorder=asc&start=0

Open Src?

[guysmilee]

An open source cell phone wouldn't fix any of your problems ... there isn't secret software on your cell phone ... imagine a huge company trying to keep a secret like that ... the equipment has simple physical properties that make them easy to assist in snooping no software required. A basic vase in your apartment could be used to pick up sound remotely using some basic physics.

Not so new

[oki900]

In the cell phreak/hack community this has been suspected for quite some time. It's also suspect that the GPS can be activated regardless of whether you have it set for 911 only or not. If you need total anonymity with a cell around the best thing is to remove the battery completely and if you are still paranoid place a 1k ohm resistor across the positive and negative terminals of the phone (not the battery) to drain the capacitors that may still hold a charge. Further you can remove the antenna which will greatly reduce or eliminate the transmission range of the phone.

Re:Not so new

[Ron+Bennett]

Easier yet, simply turning off phone (if concerned about battery life, then remove it too) and then placing phone into a securely sealed EZ-Pass bag; supplied to EZ-Pass users for use when they don't intend to pay with it at a toll.

Ron

Re:Not so new

[(H)elix1]

Further you can remove the antenna which will greatly reduce or eliminate the transmission range of the phone.

I've found you can simulate this effect without modifying the hardware by using T-Mobile service. (argh)

Re:Not so new

Can't you just wrap the phone in aluminum foil? I did a test on my cell phone by calling a number, and then wrapping the phone in foil, and the connection dropped. It might not be perfect when cell phones start having enough memory to record hours of conversation and then send it home on connection, but it is a pretty easy temporary solution.

Re:Not so new

[oki900]

I think it was myth busters that did an experiment with this and found wrapping a room or even your head in foil will amplify signals.

Mod up!

[jcr]

Whether the parent post is correct or not, it certaily deserves an "interesting" mod.

-jcr

Anyone up for an open-source handset already?

[8127972]

You mean like the TuxPhone?
http://www.opencellphone.org/index.php?title=Main_ Page

Or the FIC Linux phone that SlashGear talked about last month?
http://www.slashgear.com/fic-linux-cellphone-can-i t-capture-the-imagination-of-the-open-source-commu nity-072392.php

Known feature of cellular handsets

[smithfarm]

This is a known feature of cellular handsets. At least here in Europe it is. There's no way to turn it off, although you can get around it by removing the battery or leaving the phone at home. Politicians and businessmen here routinely remove the batteries from their cell-phones during sensitive negotiations. Basically, carrying a cell-phone is like voluntarily carrying a remote-controlled mic with you everywhere.

There are relatively easy hard-wire mods (at least for some phones) to make the light on your cell-phone activate whenever the phone is transmitting. That way at least you know when you're being listened in on.

I heard about this in the local (European) news several years back...

Alarming? Disturbing?

[Cardiakke]

What is alarming or disturbing about the FBI obtaining a warrant to eavesdrop on criminals???

Re:Alarming? Disturbing?

that's SUSPECTED criminals, buttpipe!

Re:Alarming? Disturbing?

There's nothing disturbing about the FBI obtaining a warrant and pursuing eavesdropping under that authority.

What's disturbing is that either this "feature" is built into innocent people's phones before they even buy it, or the bug can be secretly "pushed" to the phone over the cell network by the carrier. This capability exists regardless of whether the user is subject to a search warrant.

Now, the FBI or other law enforcement may not be *using* that bug prior to the warrant. I happen to believe the folks at the FBI are mostly good people who will do the right thing most of the time.

But what's to stop an employee of a cellular carrier from abusing this feature to snoop on their acquaintances, spy on their spouse, etc.? What's to stop a criminal from using the same feature the FBI is using? What prevents a company like HP from using this as a technique in legally questionable investigations (witness their recent scandal)?

At least in the old days, you had to physically install a bug, which meant a potential eavesdropper needed greater intelligence about where the user would be at a given time, and often had to physically break into a facility to plant the bug. Thus the risks of detection or failure for a rogue person to implement this were significant. The bar is significantly lower now, which increases the chance that eavesdropping will be performed by folks other than law enforcement.

That's what's disturbing.

Re:Alarming? Disturbing?

[TheCarp]

That is NOT what is alarming at all.

What is alarming is that cell phones have become ubiquetous, and everyone is now carrying around their own personal bug.

Its not alarming when this is used on a criminal suspect with a warrent. Its alarming that the capability exists and could be used on almost anyone at almost any time and a warrent is hardly a technical requirement for doing it.

If the backdoor exists, it can be used for either good or evil.

This ability seems just full of potential for abuse.

-Steve

Re:secrets of cell phones - WRONG! RFID tires real

WRONG! The feds do in fact log all car tires that pass secret monitoring points on certain highways and have for many years since T.R.E.A.D. was enacted by law. License plates are transferrable and also not 100% discernable.

It is a US felony to commercially import or sell auto tires that do not have a sanctioned spy chip RFID radio transpnders in them, with a unique GUID for every tire.

A secret initiative exists to track all funnel-points on interstates and US borders for car tire ID transponders (RFID chips embedded in the tire).

Your tires have a passive coil with 64 to 128 bit serial number emitter in them! (AIAG B-11 ADC v3.0) . A particular frequency energizes it enough so that a receiver can read its little ROM. A ROM which in essence is your GUID for your TIRE. Multiple tires do not confuse the readers. Its almost identical to all "FastPass" "SpeedPass" technologies you see on gasoline keychain dongles and commuter windshield sticker-chips. The US gov has secretly started using these chips to track people as far back as 2002.

I am not making this up. Melt down a high end Firestone, or Bridgestone tire and go through the bits near the rim (sometimes at base of tread) and you will locate the transmitter (similar to 'grain of rice' pet ids and Mobile SpeedPass, but not as high tech as the tollbooth based units). Sokymat LOGI 160, and Sokymat LOGI 120 transponder buttons are just SOME of the transponders found in modern high end car tires. The AIAG B-11 Tire tracking standard is now implemented for all 3rd party transponder manufactures [covered below].

The US Customs service uses it in Canada to detect people who swap license plates on cars when doing a transport of contraband on a mule vehicle that normally has not logged enough hours across the border.

Photos of untamperable tracking chips before molded deep into tires! :
http://www.sokymat.com/index.php?id=94

the first subcontracter secretly hired for providing gear for bulk logging of tire RFID on highways in 2002 was :
http://web.archive.org/web/20021014102238/telemati cs-wireless.com/divisions.html

ALL USA cars can be radio tracked using the tires. Refer to tire standard AIAG B-11 ADC, (B-11 is coincidentally Post Sept 11 fastrack initiative by US Gov to speed up tire chip standardization to one read-back standard for highway usage).

The AIAG is "The Automotive Industry Action Group"

The non proprietary (non-sokymat controlled) standard is the AIAG B-11 standard is the "Tire Label and Radio Frequency Identification" standard

"ADC" stands for "Automatic Data Collection"

The "AIDCW" is the US gov manipulated "Automatic Identification Data Collection Work Group"

The standard was started and finished rapidly in less than a year as a direct consequence of the Sep 11 attacks by Saudi nationals.

All tire manufacturers were forced to comply AIAG B-11 3.0 Radio Tire tracking standard by the 2004 model year.

(B-11: Tire & Wheel Label & Radio Frequency ID(RFID) Standard)

http://mows.aiag.org/source/Orders/index.cfm?task= 3&CATEGORY=AUTOIDBC&PRODUCT_TYPE=SALES&SKU=B-11

(use google cache to glance at that link if you are a hacker, all access to that page is watched by the feds, as are orders.)

A huge (28 megabyte compressed zip) video of a tire being scanned remotely was at http://mows.aiag.org/ScriptContent/videos/ (the file is "video Aiagb-11.zip").
THAT LINK was still valid as recently as Feb 2004, long after my 2002 ignored warnings on slashdot. But in July 2004 died after feds saw my origianl warnings regarding T.R.E.A.D. act (RFID citizen tracking)

Key Words:

"FBI had obtained a court order"

Nothing to see here.

Re:Key Words:

[ickleberry]

When the "terrorists" are all gone this will be used for copyright enforcement "But the FBI agent recorded a conversation of you discussing new ways to get past WMV13 DRM"

Re:Key Words:

[Ron+Bennett]

Problem is that court orders are handed out like candy... and that's when the government, collectively speaking, even bothers getting one.

What is the penalty for the government, lets say at the Federal level, [b]not[/b] getting a court order?

Ron

Easy countermeasure

[uglyduckling]

There's an easy countermeasure to this. The method described is effectively causing the phone to make a call without the GUI showing that a call is being made. You can get very cheap toys that detect the microwave signal when the phone is making a call and light up - some are in the form of a novelty hand or other cradle that the phone sits in. I've found with mine that is will blink every so often as the phone syncs up with the nearest cell. If a call is being made it blinks all the time. So just carry one of these, and if you see it blinking constantly, somebody within 30cm or so is making a call. Take the battery out of your cellphone and see if it stops - if it does, you've been bugged.

Re:Easy countermeasure

[Squalish]

I venture that it's simply not a concern unless you're being tailed by FBI agents. There is no chance for any Echelon-flavored detection network operating from 'hibernating' cellphones. The market wouldn't allow it.

There are several ways to tell that your phone is activated and transmitting enough power to reach a tower a mile away: the phone physically heats up, battery life goes way down. Battery life on powerdown needs to be the same as battery life on powerup a day later. The phones that last six hours, turned on or off, are never going to be bought.

In this case, it's probable that the high-value suspect only had his cellphone activated when visual surveillance indicated that he was meeting with other high-value suspects. Visual surveillance is not cheap. At least, here in the states it's not.

Where is "not practical?"

[takeya]

No Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Sounds like the judge should be impeached, because my constitution doesnt make any exemptions.

Re:Where is "not practical?"

[ameline]

The place: 4m radius surrounding device serial #76f84e76a583 :-)

Re:Where is "not practical?"

[phliar]

No Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

In another comment in this thread, cybercrime points out that The affidavit seeking the court order lists the target's phone number his 15-digit International Mobile Subscriber Identifier, and lists Nextel as the service provider.

Seems to me that in the domain of wireless phones, having the warrant identify the particular handset to be bugged does particularly describe the place.

Re:Where is "not practical?"

[takeya]

But the cell phone isn't the object of the search, it is the tool being used to conduct the search.

Re:Where is "not practical?"

[Nethead]

"...my constitution doesnt make any exemptions."

But our President does.

I don't like this.

[Raven42rac]

Yeah, this won't get abused. Big brother is listening to your powered off cell phone just itching to send you to gitmo.

Judge Kaplan

This the same Judge from the DeCSS case?

no such thing as privacy now

[timmarhy]

"alternative methods of investigation either had failed or were unlikely to produce results, in part because the subjects deliberately avoided government surveillance." - amd what the fuck is wrong with not wanting assholes listening into your private conversation? i would deliberately avoid government surveillance as well, for no reason other then i don't like it. if that's all thats required to spy on your population, america is in BIG trouble

Re:secrets of cell phones - WRONG! RFID tires real

This would need the cooperation of every mechanics shop that sold tires, similar to the system set up for tracking gun purchases. And you could just buy the tires yourself with cash. I'm calling bullshit.

Things heard on Mafia cellphones...

Ohhh Jonnycakes...
Fuggedaboudit...
Tony, she was a who-er...
You talk to da guy about da ting?..
Anyone want some sanguiche?..
oh marone...

deliberately avoided surveillance

[l3v1]

the subjects deliberately avoided government surveillance

Ok, so what does that mean, and when exactly is that taken as on offensive/criminal activity ? If you see a cctv camera and go around it, or if you don't take your mobile phone with you on the road, or wear sunglasses and baseball cap, or just simply don't leave your house ? Or what ? Since the wording of the short quote sounds like that avoidance is a bad thing or illegal or something. Is this yet another case of if you didn't do anything you should have nothing to hide (we should make an automatic system like there was in the Demolition Man movie which should automatically fine everyone coming up with that sorry excuse) ?

Re:deliberately avoided surveillance

[tachyonflow]

the subjects deliberately avoided government surveillance

Ok, so what does that mean, and when exactly is that taken as on offensive/criminal activity ? If you see a cctv camera and go around it, or if you don't take your mobile phone with you on the road, or wear sunglasses and baseball cap, or just simply don't leave your house ? Or what ? Since the wording of the short quote sounds like that avoidance is a bad thing or illegal or something.

I didn't get that impression from the article. It sounded like they had real reasons for suspecting these people of criminal activity, but since the suspects happened to be good at avoiding surveillance, the FBI resorted to even more sophisticated means.

Easy countermeasure...

[Dr.+Zowie]

... place the phone next to any sort of audio equipment. My RAZR spews so much crap all over the spectrum that it's easy to tell when it is talking to the tower -- if it's next to my car stereo, my computer speakers, my clock radio, or a zillion other things I get treated to a characteristic pattern of buzzes as it negotiates with and/or broadcasts to the cell phone net.

To find out if your phone is being used for eavesdropping, just keep it near your stereo.

WHY are Slashdotters of all people surprised?!

[aussersterne]

I'm not surprised that someone is shocked by this, but what I don't get is how Slashdotters are shocked by this? I mean? This is a technical site, right?

Listen: you have an embedded device that in its normal state is always on-network on a packet network. It has a limited range of connectivity, but this limitation is mitigated by having a large number of serialized access points that are geographically situated so as to make connectivity seamless. The embedded devices are reasonably computationally powerful (much moreso than PCs of a few years ago) and have a digital or soft-user-interface (including the power circuitry, which is not a physical full-throw SPST that connects or disconnects power, but is rather an input that runs through the embedded software). The software itself is secured and controlled by the network administration, and software and content can be "push" downloaded to the devices by the network.

From this description, all of the following seem technically obvious:

1 - You have no control over the software in your phone; the vendors and networks do.

2 - Since said software controls the power interface and user interface, you have no control over (or reason to trust as being consistent with your expectations) these interfaces either.

3 - Your phone could thus be easily set by the network to be "always on" without having any such indications in the user interface. The user interface could continue to give the appearance that you are controlling such functions as power and connectivity when in fact the phone is doing everything opposite from what you believe it is doing. There is no technical reason why a phone can't show "no signal" when it has "full signal" or a blank screen when the rest of it is still live, or that it is not transmitting or engaged in a call when actually it is transmitting.

4 - While on-network (and as we've already established, you as a mere user have no way of knowing with real certainty whether it is on network or off network, you have only your trust in the consistency with your expectations of the embedded software) it is a simple matter to observe at any moment to which access point a given user is connected. In fact, you should know that this is recorded already, or how should they know when you are "roaming" and when you are not. The side effect of this information's recording is that (even if we assume they don't automate triangulation with tower handoffs/multiple towers, which is a silly assumption) it is always known to within a few hundred feet exactly where a given phone is, since the network can clearly see to which tower it is connected.

---
---

I mean... duh.

A cell phone is a bug. Period. Anyone who doesn't get this has clearly not been paying attention. There is absolutely no technical reason (and in some cases it's technically unavoidable) why your cell phone isn't right now:

- Reporting your position to the network, and thus, to anyone who has access to the network's database (e.g. government)

- Altered by software "pushes" from the network to seem off when it's still on, or to transmit whatever the mic pics up anytime you happen to be in a certain part of town between the hours of 7pm-10pm, or to transmit whatever the mic pics up for the 10 minutes after you call some specific number

- Sending your complete contacts list and recent and missed calls lists to the network provider (e.g. government)

I mean, come on, people. Technically this isn't even a question. Whether this actually happens or not is just a matter of policy ("Do we want to track location and bug people?") on the part of networks and the government, certainly not a matter of technology ("Can the equipment do it?")

Of course the equipment can do it.

---
---

Thought experiment for the dubious.

Imagine that you have been assigned by work to carry a laptop with you at all times. This "GovCorp" laptop has a solid-state hard drive so that you can't tell if it's

Re:WHY are Slashdotters of all people surprised?!

[jamar0303]

There is absolutely no technical reason (and in some cases it's technically unavoidable) why your cell phone isn't right now: - Reporting your position to the network, and thus, to anyone who has access to the network's database (e.g. government) - Altered by software "pushes" from the network to seem off when it's still on, or to transmit whatever the mic pics up anytime you happen to be in a certain part of town between the hours of 7pm-10pm, or to transmit whatever the mic pics up for the 10 minutes after you call some specific number - Sending your complete contacts list and recent and missed calls lists to the network provider (e.g. government)

How about "because it's got a 1500MHz radio in it so it doesn't transmit on any known US cellular frequency"?

Not news.

[design.sound]

This capability of cell phones has been known for a long time -- and is the primary reason why you're not allowed to carry a cell phone in an embassy, even if it's off.

Re:secrets of cell phones - WRONG! RFID tires real

[drrobin_]

Where can I learn more?

Fruit of the Poisoned Tree

The "penalty" for getting information without a warrant is that it will be excluded from use at trial: "Exclusionary rule". Also, "fruit of the poisoned tree".. The courts, when looking for remedies for illegal searches came up with this method of providing a disincentive. Collect data illegally, you don't get to use it in court. You don't convict the bad guy, your boss gets on your case, etc.

Mind you, there are all sorts of ways to try and work around it to get excluded evidence into the record, and there are always cries for "let the cops do their job and put those bad guys in jail". But, it IS a fairly effective sanction, when allowed to do it's thing.

This is sort of the problem with the "breaking the wall" between data collection for intelligence and collecting for prosecution.

Re:Fruit of the Poisoned Tree

[RhettLivingston]

When we're talking about using a new technology like this, I believe that penalty has less effect. For that to have an effect, it has to be relatively easy to get permission for the tap. When tapping in a new way, that permission is not as easy to get. Thus, the likelihood of being able to gather data usable in court by these means is very low. So, an investigator with access to this capability does not have the incentive to use it legally so that it can be used in trial. But, he still needs a way to solve his case. With no aboveboard means to gather the information, what's left is catching the criminal red-handed. To do that, you either need to have great instinct and insight, or instinct and insight aided by artificial means such as listening in on conversations. Noone ever needs to know that it wasn't sheer luck that the criminal was caught red-handed.

The scariest use of things like this though is the possibility of mass surveillance. Let's say for example that an agency pushed software to all the cell phones in contact with a particular tower with intent to find a suspected terrorist through voice or word recognition. Furthermore, in doing so, they by chance recorded a powerful individual having sex with someone other than their spouse, a famous couple involved in sexual acts including fantasy role playing, teenagers mouthing off about killing one another like half of them do several times a day, or drunk folks in bars talking of things they don't really mean and would likely never do. What is the chance that they would do something with this "accidentally" collected information?

I think it a guarantee that if such software is plausible, it has already been developed and is in use by the military and other organizations. Consider the fact that Iraq has seen a huge boom in cell phones as a faster means of restoring communications infrastructure after the war. Perhaps there was another reason why we so eagerly helped them to become heavy cell phone users.....

AHA!

So that explains why my standby time is so crap :-)

Re:AHA!

[homer_ca]

Yeah, you think someone might notice their standby time dropping from 3 days to 2 hours???? Just unplug the battery if you don't feel safe with the phone powered off.

Bomb in a phone

[Catmeat]

If it's possible to hide a lethal bomb in a phone, then a bug should be easy.

See: http://en.wikipedia.org/wiki/Yahya_Ayyash

Re:Bomb in a phone

MOD COMPLETELY OFFTOPIC

The old 'it is legal' argument.

[FatSean]

We're not falling for that one! I can't wait until a Democrat controlled gov't uses these privacy-invading laws to expose fundamental religious 'tards for mistreating the litters of children they keep shitting out! You can't hit your kid with a stick if he misbehaves, Mr. Savage, this is 2006.

(See, it goes both ways)

Re:The old 'it is legal' argument.

[idlake]

Hey, it's not my fault that the two biggest presidential sleazeballs in the last 100 years have been Republican. And you're absolutely right that the president that puts together both desire and ability in the abuse of power may be of either party. Nevertheless, it is this Congress and this President that will go down in history of having created the means for it.

Secure phone..

These guys should use Raseac Secure Phone. (Free download at http://www.raseac.com.br./

Tape recorder mode

[kabdib]

Many phones have *lots* of storage on them these days. You could imagine a mode that takes voice, compresses it to spare space in the flash file system, then squirts the data up at opportune times (e.g., trickle during a conversation, the tail end of a conversation, etc). This way you wouldn't have to have the radio on all the time (which is easily detectable with $5 dongles). In "VOX" mode I'll bet you could get several days of recording compressed into a few megabytes.

Either technique will have an effect on battery life, however. This is hard to hide, but most people would probably write it off to the general flakiness of batteries.

Anyone remember the flap in the 90s about the software controlled "off hook" LED on ISDN phones? (... didn't think so....)

Re:secrets of cell phones - WRONG! RFID tires real

[TheCarp]

maybe, maybe not.

Sure you can buy the tires in cash and put them on with no paper trail to tie them back to you. However, how hard would that be to correlate?

As soon as you go through a toll booth or a detector with a camera nearby, it would be trivial to tie your tire IDs to your cars License plate. In fact, they wouldn't even need to do it en mass. All they need to do is store the data.

Then when they have an ID to look for, they can go back and see when they saw it previously, or where it has been since.

Once you have detectors in place, it becomes a data mining issue. Put some of them at toll booths, where they already have cameras, and hell, with speed pass, they should be able to correlate your tires with your car the first time you use your speed pass.

-Steve

Re:secrets of cell phones - WRONG! RFID tires real

thanks, good post.

Old News, Don't use Nextel...

[thisNameNotTaken]

Nextel has alway had the "baby monitor" feature and cops have know this since Nextel stated in the business. Bad guys use this feature against the police. Think of your own details.

Wirecutters

[nurb432]

Just cut the damned mic and attach a privacy swtich. Or, how about take the battery out?

Then again, its MY DAMNED PHONE! Why are thy installing things without my permission/knowledge in the first place?

Re:Wirecutters

What are you using the phone for if you do not use any network? If you use a network, read the contract you have. Thanks.

Re:Wirecutters

[Catbeller]

And if the contract states you owe them the remainder of your life's earnings, that's okay?

Those contracts run for pages to discourage reading. And frankly, they reserve the right to anything they desire, or will desire in the future. If you don't like it, you are free to own no phones for the rest of your life. "Competition" amongst carriers is worthless if they all are free to write open-ended wish lists, which they do.

Re:Wirecutters

[Catbeller]

I've been stumping for circuit cutoff switches for a year now. But it may be useless: it would be trivial for them to add a clause to your contract stating that you void your service if you mod the mic or GPS. And not too un-trivial to have the Feds add a law to make it illegal.

They need do neither. Simplest thing would be to make the power circuit to the mic or GPS integral to the operation of the phone. Kill either, kill the phone.

Solution? Should have been to use wireless networking and encrypted packets along with homemade handsets to build our own damned networks. But with the advent of lovely municipal wifi and private commercial wifi, it probably would be illegal. If not, they'd make it criminal faster than you can type a response to this post.

Re:Wirecutters

[Nethead]

Reading most of the comments the one I didn't see was the solution to PUT THE BUG IN THE BATTERY. Even then if you take the battery out, the bug is still on.

Old news - now called the TIA

[sgt_doom]

Big deal - the infinity transmitter has been around for ages - at least dating back to the early '70s (I believe it was first invented at the CIA labs, but I could be mistaken on that point). A simple update to send a signal to any cell phone to go off-hook without sounding a ring tone, etc. Now OnStar is one of the 53 commercial firms having contracts to the Bush Administration which comprise part of Poindexter's Total Information Awareness (Big Brother Organization) - An excellent read on this matter is Robert O'Harrow's No Place To Hide . O'Harrow, a Washington Post investigative reporter, does an outstanding job of presenting the facts to the reader without coming to any obvious and leading conclusions - but upon finishing the book it should be obvious to all.

Along with those commercial intel firms and comm firms (everything from tollbooth tracking, the aforementioned OnStar, and Pay-Per-View data, to ChoicePoint, of course[former directors on ChoicePoint's board: Richard Armitage and Vin Weber - get the picture?]) there is also the intel streams coming from NSA and NGA - truly a formidable combination. That movie, Enemy of the State, is now a reality.....

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[no_such_user]

This has got to be the same person, talking about RFID in tires (which I never knew about -- as if I'm not paranoid enough) and more. Interesting, uh, stuff:

http://clintjcl.wordpress.com/tag/rants/

Voice Recorder, Re:The Solution

[twitter]

... or stick on one of those funny led-light-devices which lights up when the phone transmits data.

A phone that can act as a voice recorder does not have to transmit all the time. In fact, a phone that was always transmitting would arouse suspicion with or without a little red light. It would be warm and have really poor battery life. You just have to love these new convergence devices that can store hours of your favorite music!

RFID req. in tires? I doubt it. Re:What's so al...

Ok, so I just pulled up the text of the TREAD Act and I do not see any mention of RFID or any other on-the-move uniquely identifiable law-mandated technology. Perhaps I am missing something. Anyway... Heres a link to the act http://thomas.loc.gov/cgi-bin/query/D?c106:5:./tem p/~c106P3ZfKY:: .

Re:secrets of cell phones - WRONG! RFID tires real

[ericartman]

Yeah OK the whole thing sounded pretty crazy to me but I just went down to put tires on my car at the local Wheel Center. The dealer wanted my name address and phone number even though I was paying cash, " For the Warranty". "Leaving the state" I said so there was no need. So after placing all 4 tires in back of my car, I told him I was getting them mounted somewhere else as I have Mag wheels and could get them mounted free. Again out came the paperwork and the dealer asked me if I was sure that this was the car that the tires were going on, I said yes and the dealer proceeded to try and write down the VIN number of the car. I asked why and he said , since the Firestone fiasco it was the store policy to write down the number of the car and send it to corporate. I then asked him if there was anyway I could just buy tires and leave. Never came up before he said and then yes he let me leave without id but how do I know if he wrote down my license plate or not or got the vin? Paranoid? Yup but I used to sell tire and we never had any restrictions on sale. The guy today sure didn't seem happy not knowing where his tires were going. Then I came home and read this about tracing tires. Now all the dealers responses seemed reasonable but......?

When my phone transmits...

[jernejk]

When I'm in the office (or in the car), I know I'm beeing called (or that I'll receive SMS) abaout a second before I do. I can hear the handshake on my FM radio. I bet the bad guys can afford one of those to monitor when their phones transmit... Rgs Jernej

Re:When my phone transmits...

[wes33]

Comments here are very confusing. The court application states that the police put a bugging device "in the cell phone". This device worked even if the cell phone was off.

That is easy to understand.

What is not so easy to understand is all the comments about cell phones transmitting even when they are "off". I have trouble believing in such magic.

Now, some cell phones perhaps cannot be fully turned off (as noted in one of TFAs). I have no trouble believing that a cell phone that is turned ON can transmit.

Battery removal simply makes sure that the cell phone is really OFF.

So one question is: which model cell phones actually get turned off with the power button (is there is a list, are none of them capable of really turning off, or what).

I strongly suspect that my antique nokia 3310 is absolutely off when I turn if off (anyone know different?). Anyway, there is no way to remove its battery short of dissassembly.

You need to thinks some more. Non Free Sucks

[twitter]

As someone who has on several occasions had to listen to my brother's phone pick up in his pocket without him realizing, I don't think this is much of a problem.

Applying what you know to news is a good idea, but I don't think you have exhausted what you know. The root cause of the problem is one that non free software always has: the device does what it's owners want; you are not the owner and never fully trust or even enjoy the capabilities of the device.

First off, you should know that the technique works. It's about to be presented it a court and will be used to convince people who hear it to put others in jail. Sounds solid to me. There must be a difference between what you do and what they do.

Now let's think of how they might do it. As you noticed, the phone company does not give you much bandwith so conversations from your brother's pocket sound like shit. Imagine what they might give themselves. The list of materials includes:

• A network that can carry thousands of crappy single conversations at the same time.
• Devices that contain hundreds of megabytes of flash and CD quality AD/DA converters for music play.
• Sophisticated squelch control and noise cancellation.
• A computer in your target's pocket that can control all of the above

Given all of that, you can easily imagine recording excellent quality voice and transmitting it at your leasure. Given the dismal security record most telcos have, anyone with enough time and effort will be able to help themselves. Devices that can be abused are.

Validating Warrants

[camperdave]

How can a citizen check whether a warrant is valid or not? How do they, or anyone else for that matter, know that the warrant was signed by a proper judge, and not some FBI bureaucrat? How do you find out how much the FBI paid the judge to get him/her to sign the warrant? ...or how hard they had to lean on the judge to get the signing? There used to be (and probably still are) "hanging judges". Perhaps there are "signing judges" who will sign any warrant that comes across their desk. What is the warranting process anyways? If one judge denies the warrant, can the FBI/police go to a different judge with the same warrant?

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[jamar0303]

Honest question- when I buy my phone from a foreign country (Japan), does this mode exist too, or is it only implemented in phones sold in the US? Certainly I'd feel better knowing that my choice of exotic phone also kept me safe from unwarranted tapping. It has a built-in GPS, though, so I don't feel so safe if it could be accessed by the feds.

Keep dreaming.

[twitter]

As long as there's a court order, I don't care whose phone is getting bugged or how. Technology is constantly changing, so our abilities to moniter the public changes as well. It is the job of the courts to assure the public that this does not occur without probable cause.

How exactly is a court supposed to stop some clerk at the phone company from doing whatever they like? The phone company itself has proved again and again they can't keep a secret and can't control their own networks.

The only solution is to have a device that's secure an under your own control. Until there are free handsets, you can not trust your cell phone. If you are in business and don't want your competition to know what you are doing, you will have to take other measures to protect yourself. A sound proof box is a good idea for important meetings.

Oh yeah, the Patriot act got rid of the fed's need to go though the messy and time consuming warrent process. They had their own little secret court they can apply to in secret but even that was too much trouble. Big brother is mostly a concern when he colludes with or is used by your competitors to screw you. This has gotten easier to do, but it's all still secondary to the previously mentioned incompetence and stupidity.

Re:secrets of cell phones - WRONG! RFID tires real

[jamar0303]

And aren't car tires transferable too (in case of returns/exchanges)?

And the camera's..?

I haven't seen any mention of the camera's on many phones - why wouldn't they be usable by spies as well? To watch people when the cameras are just sitting around..?

I've noticed a peculiar noise in my stereo speakers as well when it's about to ring, or connecting.

Re:And the camera's..?

[Farmer+Tim]

I haven't seen any mention of the camera's on many phones - why wouldn't they be usable by spies as well?

Because no evidence is as damning as photos of pocket lint...

Cell Phones are easy to spy on

[Delecron]

I worked for a major cell carrier for 5 years, let me tell you, especially Motorola phones, it is simple to start screwing with the phone's inner workings through "Test Modes" and such. I one year, carriers will already be doing software upgrade "Pushes" to the phones, without letting you know it is happening. When you sign the contract it states this will happen, the contracts have said this for a few years now but I don't think anyone's really looking at them.

Re:secrets of cell phones - WRONG! RFID tires real

[rickb928]

Sorry, AC, but your post is mostly BS.

- The T.R.E.A.D. act focuses on tire safety, identifying problems as soon as possible, and making manufacturers specifically responsible for safety and manufacture. It also specifies some research and standards for child safety seats. Go figure.

- The T.R.E.A.D. act doesn't specify RFID tags. It does allow for rulemaking that might.

- RFID tags in tires were probably first implemented by Michelin, to simplify inventory. They may have devised the embedded antenna to solve the problem of embedded tags failing to activate at distances greater than 3 inches. The antenna increases the range to about 24 inches.

- Wal-mart may require RDIF tags on all merchandise, but I'm not sure the program is fully implemented yet.

- The most important reason a tire shop wants your vehicle VIN number is for warranty info and to curb warranty abuse. It's that -duh- simple.

I can't find any definitive info that AIAG B.11 is fully implemented. I can, however, find that B.11 is NOT fully implemented as late as 2004, where AIAG states that it is not fully adopted.

Sorry, but the conspiracy isn't there yet. Nice try.

ps- the post is pretty much verbatim from a 2000 blog. Sounds like more BS to me.

Re:It's all conspiracy

[slashnik]

Anyone going to pjone the Cell Number in the PDF
Has the Maff guy been locked up yet.

This is older news than you think

[rickb928]

Some TDMA and CDMA Nokia phones could be configured to answer a call automatically, mute the speaker, not ring, and just sit there, listening. Other makers too. One common complaint was that a parent could set a phone like this, call it while they were out having dinner, and listen in on the kids and babysitter. OKI phones could do this in the 90s. Kevin Mitnick was pretty good at this. But NAMP phones couldn't be configured OTA, so this required physical access to the phone. I bet lots of current phones could be configured to open the mic and send. I bet even *I* could figure out how. With the help of the carrier, sure the FBI could send some code to open things up, maybe even use the GSM data channel to send mic audio as something like SMS.\ Fairly easy. Bet they've done it before. -rick

Soapbox much?

How perfectly tangential of you to take a technical discussion about cellphones and use it to spout anti-American bullshit. It's the weekend. Relax. Take this time away from your daily axegrinding.

Re:Soapbox much?

> How perfectly tangential of you to take a technical discussion about cellphones and use it to spout anti-American bullshit.

I'd like to suggest that criticizing the U.S. government when it does bad things, is actually PRO-American, not anti-American.

VoIP Telephone Service...

[AtariDatacenter]

Think about it for a second. They're probably in that, too, you know. Actually being able to use it to listen into your house, like a bug, when your phones are hung up (depending on phone, of course). Possible?

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

I'm surprised the obvious has been missed. If this phone is transmitting all the time, or even just a lot, the battery will drain quickly. Do you not think the phone's owner will begin to wonder why his battery is only good for 2 or 3 hours?

They can't have had the phone transmitting all the time, they would have had to be selective about it or the phone would be discarded as broken, or sent off for inspection because it is suspicious.

There is enough space in many cellphones (I've opened mine) for a microphone/transmitter combo, if it is wired to the battery, but again, if the drain is too high, why bother? The space is not much, but it would do (you could fit one under the cover-up sticker in the gap where the GSM card would have gone in my CDMA phone).

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[Catbeller]

"They can't have had the phone transmitting all the time"

They don't transmit all the time, but they do transmit "here I am" signals at regular, close intervals. And it would be trivial to use a little memory in the phone to store a stack of GPS coordinates, for use during the periodic "here I am" transmissions.

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

Thanks for the info. I am not at all surprised by this.

And what's sad is that the average person totally buys into the marketing. They completely suspend their own judgment when it comes to closed source stuff. "Oh, the web page says 'completely secure' and '1024 bit encryption'. And look, it's got a picture of a lock and key! You should use it too."

Most people don't have the slightest clue that the only way you can guarantee whether you can trust a piece of software is if you review the code yourself. Second is if someone who you believe is competent and loyal reviews it, and third is if it is open source and some hypothetically cryptographical/security expert can review it at their leisure. Closed source should be viewed as insecure by default.

Reminds me of this article...
http://yro.slashdot.org/article.pl?sid=06/01/16/21 42208&from=rss
A closed source anonymity focused livecd... yeah, right. "But dude, it's by someone called "Dr Kaos! Wow, he sounds like a l33t h@x0r, it must be the shiznit dude."

I mean, if cut-out newspaper font doesn't spell security, I don't know what does.

Re:secrets of cell phones - WRONG! RFID tires real

[DeadChobi]

Oh yeah? Do you have links to any of the "facts" you cited? At least the AC is collecting links demonstrating some form of research.

Watched?

[StreetStealth]

(use google cache to glance at that link if you are a hacker, all access to that page is watched by the feds, as are orders.)

Somehow, I think logfile impressions there tend to be a lot less suspicious with /. as the referrer.

Re:secrets of cell phones - WRONG! RFID tires real

Mod parent up.

Can we use non-USA cell phones instead?

[KWTm]

Would it work if non-USA cell phones were used? I guess not British cell phones since the Brits seem to be vying for the title of Orwellian Big Brother, but suppose we went to Sweden or Japan or Venezuela and bought a cell phone there? I'm sure there would be GSM-type phones that would work within US borders when used with a US sim card.

Even if the vendor tries to lock the cell phone to a given service provider, there should be places that unlock cell phones. My brother-in-law travels to Hong Kong from time to time, and there's a street where these street vendors put up their stands. He brings them half a dozen cell phones and gives them money, and it takes about two minutes each to unlock each one.

This Big Brother stuff is getting scary. Quis custodiet ipsos custodes?

Re:Can we use non-USA cell phones instead?

[elgaard]

Well, here in Denmark you could buy a GSM phone that you could use in the US.
Ask for a tri-band. You will just have to pay extra for it not be locked to an operator.

But danish phones might be bugged too. If their software can be updated remotely, it can probably do the same tricks.
If you buy a phone that is not locket to an operator, you would think that only the manufacturer could change its software (with the help of the current network). Most if not all manufacturers operate on the US marked so they might coorperate.

Maybe you should try a PDA running Linux with a GSM card.

I use a WiFi SIP phone. For all I know it could be bugged in the same way, but SIP is an open standard,
so it would be possible to build a bug-free phone.

Cellular phones as surveillance tools

Having modded GSM Motorola's for a few years, it's not so hard to believe that some rogue bitshifter from Motorola or one of it's part vendors decided to create a custom firmware which service providers, at LE request, can push to any specific mobile equipment.

If that functionality isn't built in by default (spooky.)

Anyways, there's also the CORElet (think iTunes) which runs in the background all the time.

On a side note, all Motorola phones have the Moto-specific Talk Secure capability, even though the hardware AES module is only available for one phone AFAIK.

Hmm

[nexcomlink]

I have tried Sprint-Nextel's mobile locator on a Nextel phone. Basically the phone must have GPS set to unrestricted, but assuming it's the feds they can still locate the phone. The triangulation method is actually quite precise by a mere 30-50ft. With GPS it's really just dead on and with an accuracy of 0-3ft. Information is given on a map and the phone itself allows for even the speed you are traveling at. The only way that this can be solved is by removing the battery yet in the network they will know where was the last location that phone was seen.

Only Holliwood has to 'plant' bugs...

[flyingfsck]

The government simply turns all your phones on whenever they want to. Anybody working in telephone R&D can tell you that *all* phone sets can be turned on remotely. The only way to be private is to unplug all phones and remove the battery from your cell phone.

Do you pay for the minutes on this?

[Animats]

Who pays for the airtime?

Back when Rudy Giuliani was a US attorney and the FBI was taking down the New York Mafia, the FBI had wiretaps put in by New York Telephone. These were all billed to the FBI as leased lines, and the FBI had a leased line bill of over a million dollars a year. This was a real budget problem for them; they weren't budgeted for that kind of thing.

One month, the FBI didn't pay one of their leased line bills. New York Telephone's billing software dealt with the problem by billing the other end of the leased line. By sending a bill to the party being wiretapped.

That episode was what got the FBI into lobbying for CALEA.

Re:secrets of cell phones - WRONG! RFID tires real

[Danny+Rathjens]

Sensible people usually don't put as much time and effort into not believing conspiracy theorists as the conspiracy nuts do when inventing their conspiracies. :) This guy has been cutting and pasting the same rant about tire rfid for 5 years, apparently.(and if you even look at the comments to this one article you'll see he has cut and pasted the same stuff multiple times today.)

PLEASE LOOK AT THAT LINK : Its the same shocking tire material I have been trying to tell people about since the spring of 2001 on slashdot. -- from one of his /. posts 6 months ago reposted here: http://clintjcl.wordpress.com/tag/rants/

...err, how?

[bagofbeans]

When the phone is genuinely off, it is not listening to base station and so cannot be turned on by it. However, the phone could be designed so that the base station can tell it not to turn off, but pretend to be off. This is practical engineering wise because if every phone was turning itself on and checking in for command to go into surveillance mode, the phone-off life would drop noticeably. However all phone designers would know this, and the info would have leaked by now.

Do you have any evidence (articles etc) about your assertion re Irish network?

Re:...err, how?

My older motorolas (microtac elite and startac) had a security feature where if the pin was entered incorrectly more than 3 times the phone would "pretend" to turn off. When in fact it would be making an outgoing call to a predefined telephone number and send an "alarm tone" to whoever answered.

Kind of funny when my 2 year old son got ahold of my cell phone and obviously got the pin wrong. It took me awhile to figure out all the phone calls I was getting with this "wha-wha" sound was my cell phone trying to alert me it was stolen...

Re:...err, how?

[bagofbeans]

Interesting... presumably the owner is told about this feature, so even if the owner doesn't like it and can't turn it off, there's full disclosure. However if one buys a phone full price, and it phones home secretly - in the absence of legislation forcing the behaviour, it's lawsuit time.

For credibility, please post with GPG signature

[KWTm]

Please quit trying to coverup the shocking truth with lies denying these truths. When I claimed the feds have databases of car movement on certain highway chokepoints (I-75 for example) that use soley tire RFID, I am not making it up.

But now expect me to end up with an inexplicable poisoning death/suicide for taking the time to point out these facts.

I was also the one to point out the forensic yellow dots in us printer firmware 5 years before the press learned about it.

I also exposed gasoline taggants first. (The gas taggants, NOT CAR TIRE TREADS, were used to back trace the purchase of the fuel used in the many georgia arsons a year back to catch the prankster-arsonists) The fbi falsely claimed tire tread and good hard work caught the arsonists... it was the chemical taggant forsed into all gasoline batches by secret federal laws. (a binary number based on trace non-volatile chemicals, semi unique per gas station delivery).

I don't know if what you claim is true or not. It sounds credible.
For these and other statements posted as AC, it would be useful to establish a GPG-verifiable identity. I think this should go for all "whistleblower" type AC posts. That way someone else can't log in as AC and muddle the claim with some post like "Just kidding! I was messing with your mind!" or something.

The posting would need to be in plain text, with pre-defined line breaks (or else the GPG-signature wouldn't verify). It's a bit of a hassle --I tried to post with a GPG signature, but I couldn't let Slashdot wrap my lines for me. Hmm --oh, well.

uhm, dude, replace your cellphone !

[freaker_TuC]

if that happens frequently and you change your batteries that long, replace your cellphone,
I don't want to know how your household is doing but I do remember a scene of an entire Ikea house destroyed by an explosion (Fight Club) ...

Re:secrets of cell phones - WRONG! RFID tires real

[DeadChobi]

Hmm... good point, and I think I remember him posting the exact same thing from the slashdot story linked by this story, now that I think about it.

Re:secrets of cell phones - UNBELIEVABLE! why?!

Are you an insane LIAR!? All my facts are 100% true in all my anon posts here.

You call me a nut? I posted FACTS. There is nothing nutty with any of my facts in any post ever. If you want cell phone links galore, I could take the time for you but amusingly the scraps I fed you are truthfully and honestly all you need as a starting point, but the crowd here is not worthy of my time. Slashdot died for me about 4 years ago or so.

You say "CONSPIRACY"!? Is 'electricity', or 'oxygen', or 'algebra' a conspiracy? You are an idiot Danny Rathjens (8471).

In layman's terms a conspiracy is seeing non-provable sinister gov plots, assumedly false, based on flimsy evidence. I posted COPIOUS links in my RFID posts from 2001 onward. In fact, many many more pages than what I distill-pasted here today.

I do see a real trend though... federal gov shills all UNANIMOUSLY attacked me in 2001, as you are now, using hostile words such as kook, nutball, wacko, conspiracy nut, etc... in a pathetic attempt to discredit the poster of the secret facts, me. Attacking the messenger instead of the merits of the message itself.

How can you not believe in tangible truisms such as electricity, or oxygen, or algebra? You must be retarded, or a government shill.

COUNTLESS people modded my posts to -1 in the past, typically after 4 hours with no chance of posting a second post to survive over -1 rating on Slashdot. And unmercifully, the dreaded "redundant" neg mod was used on them for spite against me. -1 for some astounding posts. -1 because modding on Slashdot is broken by lazy modders that surf at +2.

THE ONLY SOLUTION is to post relevant duplicate responses if one is ignored and stifled in a thread. You call it "redundant" I call it logical tactic fighting the fbi shills (like you) that mod my many DIFFERENT ground breaking anon posts to -1 whrn they attack the us government and divulge too much sensitive info.

so now you bitch that i posted TWICE in this thread? Danny Rathjens (8471) you are a clueless asswipe for not realizing that until an hour ago, THIS POST rated +5 above you languished with a reating of about +1 to 0 here.

Yup. ignored.

Now that FINALLY it is +5 anon, you whine and prattle on taht its duplicate. I did not copy paste. "multiple times"?!?!?! try TWICE. as in "two". claiming "two" is multiple is not considered an honest characterization. Similarly the words "a few" are not applied to values of 2 or less in English speech except by manipulative speakers with disinformation on their agenda. Why are you trying to naysay me?

PROOF that I did not copy paste is no less than 12 different spelling error corrections. You are wrong Danny Rathjens (8471). It was not copy past. It has 12 typos changes throughout that make you a liar.

If you are in a snit that my BOTH posts are +5, fear not, the RFID car tire article I penned is usually ALWAYS modded to -1 permanently after peaking at +5 by deliberate forces trying to ensure that the article is not searchable or archived in slashdot lookups in the future.

That is why you do not know how few times i actually have posted certain posts on many DIVERSE confidential technologies here, not just the two you see today.

And I post rarely. VERY rarely (10 times per year, total, and only repeat topic is the bi-annual car RFID). But when I do craft a bombshell expose post or insider whistleblowing post, it either goes -1 or +5, there is no in-between. -1 or +5 for my posts.

One reason I avoid Slashdot posting is ungrateful assholes like you. Every time a person like you tries to discredit me without citing a link (URL) trying to dispute a valid fact I claim, but uses childish phrases like "conspiracy nuts" as you just threw at me... I consider ALL of the people at slashdot not worthy of my time. All of us suffer because of the few like you that chase me off.

I save my +5 anon topics posts in a trophy archive on my hard drive, encrypted. I have exposed and revealed about 20 amazing things first here

Detection and countermeasures....

[gweihir]

Detection ois relatively simple, if you don't use your phione much: The battery goes down way too fast. Countermeasure is to remove the battery when the phone is not in use.

The counter-countermeasure is simply to make ''deliberately evading government surveillance'' a crime with a life sentence...

Two reasons it's possible

[crucini]

I don't really see how that's possible. When the handset is on-hook, the microphone is disconnected. This is a requirement for BABT compliance.

1. Unless you disassemble and inspect the phone every time you enter the space, you have no idea what's inside. (And even then, if your adversary has sufficient resources). There are lots of ways to modify a phone for remote monitoring - search for "hook switch bypass". In this scenario, if the officers executed a search warrant earlier, they could have modified or substituted the phone.
   
2. Since at least the 70s, intelligence agencies have been eavesdropping via light bulbs, flourescent light ballasts, phones, and other electrical equipment. The eavesdropper sends a high-powered RF carrier down the wire, and the equipment modulates the carrier in response to voice pressure. I haven't heard of this technology being used by law enforcement.

Re:Two reasons it's possible

[Hork_Monkey]

Not trying to be an ass here, but can you provide a link to some info on this?

This is interesting tech and want to learn more...

Re:Two reasons it's possible

[crucini]

I got my info from a book by a KGB defector - can't remember his name. He worked on COMSEC for Russia. Didn't provide any technical details (voltages, frequencies, etc.). But the book has lots of interesting stories.
An eastern-block agency was spying on a Russian agency with this method. They parked a car underneath the building's overhead power line, and extended a thin wooden pole that nearly touched the power line.
Also, when the US opened a new embassy in Moscow, the joke was that the flowers would always wilt immediately (due to massive RF power levels).
Soviet cipher clerks in embassies around the world frequently got leukemia, because they spent hours in a small metal box with an RF jammer as powerful as a TV station.

Searching for 'rf flooding' or 'frequency flooding' gets some related hits, but nothing good.

Sorry I don't have anything more concrete.

Re:Two reasons it's possible

[Hork_Monkey]

Thanks for the info... Now I'll be even more paranoid.

How hard to hack computer mic?

I'm not a programmer, but how difficult would it be to write a REAL spyware app- one that could activate a computer's microphone & camera, and either log the data, or allow somebody to listen in, over the network?

Re:secrets of cell phones - IDIOT

you too, are also a government shill idiot.

kindly read all of this post :

http://yro.slashdot.org/comments.pl?sid=209450&cid =17082606

"good point"?!??!!?

WHAT GOOD POINT are you refering too, sycophant lackey?

Bluetooth phones

[ndogg]

A separate mic wouldn't be necessary for a Bluetooth phone. A Bluetooth phone could even be hacked to surreptitiously spy on close-by conversations.

Re:Bluetooth phones

[ndogg]

Sorry, I really should have just linked to this.

welcome

[amigabill]

I for one welcome our new Thought Police overlords.

Re:For credibility, please post with GPG - cool!

KWTm (808824),

Thank you (this is the orig anon). I may start doing that. As a person
that origianlly found the actual suspicious gaping backdoor in the 1st
and second generation of blowfish crypto used in hundreds of shipping
products for years, I am surprised I did not think of your helpful
idea before.

Regretfully, I have whistleblowed on numerous sensitive topics,
typically technological, but sometimes mil tech, nasa tech, or DOJ
tech related, and even if I use a different GPG for all, from now on,
even with the style and typing personas I try to infuse into my
writing, and various web browsers and proxies I use... I fear getting
"outted" by colleagues whom might correlate the posts of diverse
topics and interests by the EXISTENCE of a GPG alone.

Furthermore, each of my many landmark shocking +5 anon posts were
crafted with different writing styles and quirks on purpose and are
meant to not be associated back to one single author.

What I MIGHT do is post a copy WITH GPG sig, then furthermore wrapped
INSIDE an encrypted message to a usenet text group. Then, afterward,
at my sole discretion, I can provide usenet archive link and reference
and decrypt key to message and to signature. then I can reuse the
signature for further confirmation for that point on, for
"credibility". But this works only if I post a HASH, out of band, in
the slashdot original post, perhaps 24 bits worth, then spoofers
planting false side archives could not hijack my persona by doing the
same with a diff signature and diff post to usenet at the same time.

If google usenet archive stored JPEGS and not text i could use
steganography and then use a visible hash larger than 24 bits for the
back-pairing proof to the highlighted archived usenet post. The
steganography would have to be in the form of a textblock of hex that
would be renamed with .jpg suffix before submission to a freeware
steganography tool for jpegs, because google will not archive binary
attachments or no-prose large articles.

If I did THAT, then the usenet message could contain a much larger
hash 128 bits, and likewise I could suffix 128 bits to my anon posts,
for far future resumption of single-topic discussion of highly
sensitive topics (if not outright illegal classified topics and not
merely just sensitive). I think I may start today (a hash of the
message tight-concatenated with a GPG key immediately touching last
'----' line, before hash creation, then redacted for anon posting:
----
D38A 10C2 38F1 C150 BB46 E2F8 7319 2D34

Re:secrets of cell phones - WRONG! RFID tires real

[rickb928]

I got skeptical when the post claimed the US forced tire makers to put these chips in, and especially after 9/11/2001.

So here, https://mows.aiag.org/scriptcontent/event_presenta tions/files/E6IDSHOWSP/AIAGSTAND_final.pdf I found out that the AIAG was working on this in 2000, and was making major choices for the standard in February 2001. Read slide 40.

From then on, I find out that tags in tires were a response to warranty fraud, the T.R.E.A.D. act mandating earlier identification of defects, and inventory management. No government conspiracy needed.

Then, common sense began to intrude. For the US governemnt to track my movements from the tags in my tires, two important things have to happen:

1. The government needs sales records that include the tag GUID and my name, and something else. Credit card might do. Address helps also.

2. The government needs to put up readers and some form of near-real-time communication.

Consider the challenges here. At 40MPH, my car is going about 211,200 fph, 58fps... Sound fast doesn't it?

Now if the practical range is 48 inches (TWICE the published range), my vehicle is in range for about 0.8 seconds. Assuming I'm withing 24 inches of the reader, going through the Transpass gate. 40MPH I do through those without trouble.

Read in less than a second? Don't ask me. Ask someone in the business. I bet not.

Also consider that the T.R.E.A.D. act was enacted in 2000. Not in response to the Firestone/Ford problems, which were serious before that. And the T.R.E.A.D. act doesn't even include the word 'VIN'. And the act doesn't per se involve domestic vehicles, but foreign vehicles and components, intending to force carmakers to disclose problems with foreign models that may be related to similar problems with similar domestic production. Good idea. But only the rule-making could twist this into the device the poster claims, and he doesn't post any of the rulemaking that indicates that. Perhaps he should be asked to provide evidence. I suspect the answer will be 'it's secret'.

Sorry, I took a look. His posts don't add up, IMHO. The story about someone getting returning a defective tire to Nordstrom's was more credible than this post. Sorry, DeadChobi, but I need more.

Now, RFID readers on the New York throughways make sense. Most containers have tags now, and many fleet vehicles do also. Might be useful to read tags, spot one registered to a tanker dedicated to hazardous waste, and realize it's headed down the freeway where hazmat is prohibited.

That I expect.

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[ClioCJS]

Actually, that person is me, and I just heard about this first from here.

And the RFID-in-tires was posted anonymously here, and I chose to repost it.

Nice try, though. BUT thanks. My blog broke its previous daily visitor record of 414 and there are still 2 or 3 hrs left before midnite GMT :)

Re:RFID req. in tires? I doubt it. Re:What's so al

[DamnStupidElf]

This appears to be confirmation that at least Michelin has put RFID chips in tires.

Phone could have been altered with bug

While the phone was likely not altered there is enough space to implate a bug. Head down to any spy museum and see some of the incredibly tiny bugs that the Soviets designed 40 years ago. Now add 40 years of inovation. Most bugs were not much more then a microphone, antenna, battery, with a minuscule transmitter. A cell phone has 3 of those parts already. The trick is that you don't need a great transmitter to listen in on someone. A transmitter can be made with not much more then a single transistor.

Cell phone

If you want a secure - impossible to tap - buy those disposable cell phone.
Buy it with cash and the minute time card, and then dispose the phone after use.

Re:secrets of cell phones - WRONG! RFID tires real

1st, thanks for this info and pointing all this out with links. Awareness of a potential problem is at least a good first step.

Now according to your info, it looks like it's already happened and is going to continue. The first thing I thought to ask after reading your posts, was:

Is there an effective passive counter-measure?

Is it possible to disable these chips/tags inside the tires (without destroying the tires)? and if there's no known way to disable the embedded chips, is there some info out there to construct an active jamming device even if it is in violation of FCC or other regulations (I promise strictly for academic/research curiosity) :) Thanks!

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[TommydCat]

So-called diagnostic clients are available now for most platforms that do this today (Symbian, PalmOS, WM5, etc) and, for GSM at least, on the SIM card itself if the phone is not capable (USIM, SIM Java Applet, SIM WIBlet, etc).

These are currently proprietary solutions which only the wireless operator can access through a number of different vendors, but there are now OMA DM draft standards that work in both CDMA and GSM that will be hitting the market within months - leaving a single method for "another" agency other than the wireless operator to be able to hit any new phone with the same software themselves rather than relying on the operator to provide it. This is all IP based (WAP or data connection) after a single SM notication is sent (SMS) - you won't "see" any activity when this is turned on if the DM client honors the UI flag that comes in the first notification, then afterwards you might notice data in/out once in a long while but no indication of what it is. Many phones already have other services (e.g. Blackberry BES connection) so 99.99% of the users will never notice.

Put that in your foil "hat" and smoke it :) And check out the Open Mobile Alliance (OMA) web site if you want to dig through the standards drafts and RFCs.

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[kimvette]

Want to know if your phone is doing this while shut off? Turn off your CD player, switch to radio (FM or AM, it doesn't matter, although AM will make it more apparnt), then place your cellphone as close to the head unit as possible. Periodically while powered up you will hear little chirps/blips. If you power the cellphone off, these will stop. If they continue periodically, then your phone is a model which pings the towers while "off" so if you want to make high speed runs on highways without big brother tracking you, yank the battery. Not that I'm one to make high speed runs in rural areas, mind you. . . ;)

We do have open source handsets

[pyrico]

I won a QT greenphone http://www.trolltech.com/products/qtopia/greenphon e/ at QT DevDays 2006.

It's completly open from the Linux kernel, to Qtopia as a operating system to the user apps. You could even hack the modem device driver if you wanted too.

Unfortunatly it's set up as a developer device and not available to the public, it's GSM (not good coverage where i'm at) and still a bit buggy.

On the upside it's fun to hack and you can be sure the FBI has no backdoors :)

Uh hello?

[Lord+Kano]

The telecom industry has been in bet with federal law enforcement in the US since AT LEAST the mid 1990s. It's been mandated by federal law that all telecom systems be readily tappable by the feds. What the fuck do people think that this means?

I'm a bit paranoid when it comes to privacy issues, but things like this prove me right every time.

LK

Re:secrets of cell phones - WRONG! RFID tires real

Parent is fiction. I was just messing with everyone's head. The government doesn't spy on its citizens. Everyone should know that by now. Sell your Alcoa (reynolds wrap) stock. Nothing to see here. Move along. Moo.

cell phone close-coupling interference

[Barbarian]

Or just set the thing down next to a speaker and listen for the characteristic click-click-buzz when it's transmitting. Some phones are even powerful enough that my car stereo picks it up, or leaks into the signal of a nearby land-line (the PBX phones are work are real sensitive to it).

On occasion I've put my phone down next to an LED flashlight, and when the phone rings the flashlight turns on!

That effect is precisely why I never want to see cell phones allowed on airplanes.

Re:secrets of cell phones - WRONG! RFID tires real

Mod my parent up.

Please go into more detail

Can parent please go into (a lot) more detail? I want to know what he really thinks about Danny Rathjens (8471).

Sleeps With The Fishes

[sycodon]

And now, after the mob's booker found hundreds of calls to the FBI on Joey's phone bill, he sleeps with the fishes.

old news

[Susceptor]

this is very old news. Courts ruled over 10 years ago that phone conversations could be intercepted because they do not constitute protected speech. the constitutional rational is that people do not have a reasonable expectation of privacy in their cell phone conversations (legally) therefore, cell-phone conversations are not protected by the 4th amendment.

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

The Israelis killed a guy by installing an explosive in his cell phone. They listened to a call on his phone and after determining it was his voice they sent a signal that detonated the phone.

Re:What's so alarming LIAR! PHONE NOT ALTERRED!

[schwaang]

Yes! I wish people doing conference recordings and interviews were more aware of this effect. So many times I've heard the tell-tale sounds of cell-phone interference while listening to these. But you almost never hear this on professional TV or radio, so they handle it somehow. Anybody know if they have signs in studio greenrooms asking guests to pull their cellphone batteries before they go on?

Just out of curiosity, are there plausible scenarios where a phone that is NOT being used for LI would "ping the tower" while off?

Re:secrets of cell phones - WRONG! RFID tires real

[Nethead]

Silly, its there for "Supply Chain Management." Nothing to see here.. move along. (uh sir? Come with me please.)

Re:secrets of cell phones - UNBELIEVABLE! why?!

[Danny+Rathjens]

Oh man. Thanks for that. My jaw muscles are hurting since I haven't had a laugh like that since the heyday of adequacy.org. :) You are quite a clever guy (with typing speed I envy) or you have coded a clever rantinsultbot.

I actually read at +3 and give anonymous posts a +1 bonus. I used to be more paranoid and was against using the accounts and continued to post as AC when they were first added. Either I matured a bit or just got lazy. Hrm, actually, I think the ability to filter comments was the reason I finally registered an account; my memory of 8 years ago is hazy.

Re:secrets of cell phones - WRONG! RFID tires real

Then, common sense began to intrude. For the US governemnt to track my movements from the tags in my tires, two important things have to appen: 1. The government needs sales records that include the tag GUID and my name, and something else. Credit card might do. Address helps also.

All they need do is have a sensor that reads your tire IDs at the same tollbooth where they automatically OCR your license plate. Speedpass or the like makes it even easier, but is not needed.

2. The government needs to put up readers and some form of near-real-time communication.

Readers are already there. I suspect near real time isn't needed as much, because these things are most like used for data mining style info, after the fact. (E.g., once you are a suspect, the govt pulls all your vehicular travel records for the past year.)

Other handheld devices

I don't know much about cells as they are useless to me but if they work the way most other portable devices work when the power button is pushed the device does not actually shut off. It goes into standby mode but power is still being supplied. If this is the case for cells then there is power going through the board and could easily power the mic and transmit. It'd only take a firmware push from the provider to enable such a service if it's not widely available now.

Re:secrets of cell phones - WRONG! RFID tires real

Well, a dentist or hospital x-ray technician could x-ray a tyre or two, work out where something is located, then give it a good burst.

But in the UK, Cameras automatically snare your licence plate so WTF.
Maybe they did this to stop people renting cars, then switching the tyres exchanging plugs, O2 sensors, repaired panels, gearbox or batteries.

Sprint Engineer told me about this years ago

A Sprint engineer (a real engineer...the kind that knows everything there is to know about CDMA and whatnot) told me about this years ago during a lunch time conversation we had one day during a week long Sun Microsystems Solaris training class.

He said that it's possible to remotely activate the microphone on CDMA phones even when the phone is to all appearances, 'off'. After the shock wore off, I thought, who's gonna have the balls to use this 'feature' besides the NSA? and how long is it going to stay off the public radar?

Well, now we know. It's been about 4-5 years since that conversation, so how many important people has the NSA or CIA or FBI been listening in on during that time? We (or Congress for that matter) will never know...

Hey Johny....

...is that you, eh ? Va bene ?
I told you not to stick your face in my business - capisce ?
If you want to look like a smart made man at least provide the decency and respect that you should give the language your speaking, si ?! So... fuhgeddaboutit.

By the way, your truckload of phones did da same thing as you describe - all worthless crap that lights up all the time, fuhgeddaboutit...

PC Spying

Your PC speaker can be a microphone depending upon wether it is sourcing or sinking current, and this is software selectable.

Just what did the most recent software updates from (name you favorite vendor here) do?

Re:RFID req. in tires? I doubt it. Re:What's so al

[jafac]

Heh, I pay cash for my tires through a swap-meet vendor. Track THIS motherfuckers!

More violations of our rights.

It never ends, the gov't continues to rountinely violate our Constitutional rights.
They violate the 1st Amendment by caging demonstrators and banning books like "America Deceived" from Amazon. America Deceived (book)
They violate the 2nd Amendment by confiscating guns during Katrina.
They violate the 4th Amendment by conducting warrant-less wiretaps.
They violate the 5th and 6th Amendment by suspending habeas corpus.
They violate the 8th Amendment by torturing.
They violate the entire Constitution by starting 2 illegal wars based on lies and on behalf of a foriegn gov't.