Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA and GCHQ Target "Leaky" Phone Apps To Scoop User Data

Posted by samzenpus on from the always-watching dept.

schwit1 writes "New leaked NSA documents shed a new light on the agency's assault on the data controls of smartphone apps. Using app data permissions as a jumping off point, the documents show agency staffers building huge quantities of data, including 'intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.' One slide lists capabilities for 'hot mic' recording, high precision geotracking, and file retrieval which would reach any content stored locally on the phone, including text messages, emails and calendar entries. As the slide notes in a parenthetical aside, 'if it's on the phone, we can get it.'"

12 of 144 comments (clear)

  1. So what. by RightSaidFred99 · · Score: 3, Insightful

    People seem to be freaking out that all these capabilities exist when anyone with half a wit or more knew that this was all possible.

    The question is regarding the set of controls over how and when this is done.

    I mean, by golly, did you know that 5 years ago they could listen in on your phone conversations and even determine where you were located when you were making the phone call?!

    Carrying on about these capabilities (as opposed to the way they are used) is going to look as quaint to people in 20 years as the above concern about land-line phone calls looks now.

    1. Re:So what. by bob_super · · Score: 5, Insightful

      Yes, but it's only in the last couple decades that they've been able to regroup all the data from all the forms of communication attached to every single user.
      The scale of the task used to keep people focused on potential targets. Now it's about having everything on everyone, because nobody ever got fired for having too much data when shit happens.

    2. Re:So what. by fuzzyfuzzyfungus · · Score: 5, Insightful

      "The question is regarding the set of controls over how and when this is done."

      Yes, about those... The secret ones, that you'd need access to secret information to verify compliance with, based on a classified interpretation of a massive hodgepodge of assorted laws, executive orders, and precedents, as interpreted by a secret court that doesn't release opinions and hears only testimony from the state agents requesting authorization? Those ones... Forgive me if I'm... less than 100% reassured.

      Internal regulation and discipline can't even keep the officers of Hickville PD from periodic abuses that end up drawing big civil suits, and those guys are both nearly powerless and highly vulnerable to 3rd party scrutiny. Why would anyone expect 'controls' on an agency that can just stamp 'Double Top Secret' on anything embarassing and bury it forever to be more than a joke for the break room?

  2. Re:Smurftastic! by MightyMartian · · Score: 5, Insightful

    And a police officer has the technical capacity to walk into my house and shoot me dead. That I can appreciate his likely skill with a service revolver doesn't mean he gets to shoot me dead at a whim.

    The same applies to the NSA. That it has some bright brains who have some impressive technical capabilities does not mean that they should be permitted to wantonly do it without proper civilian oversight, including the requirement that no US citizen's data be collected without an explicit and accurate warrant.

    In other words; capacity is only part of the equation.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  3. Re:Can you hear me now? by Anonymous Coward · · Score: 1, Insightful

    To be clear, it's the Obama Administration that is doing this. After all, he is responsible for the actions of this and other Federal Agencies.

  4. Re:Can you hear me now? by SirGarlon · · Score: 3, Insightful

    Remember, I'm on your side

    Correction: I'm on the side you *claim to be on*.

    --
    [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
  5. Re:Ever wonder why US unscrambled GPS Signals. by fuzzyfuzzyfungus · · Score: 3, Insightful

    What? GPS receivers don't transmit. How do you track a GPS receiver?

    You don't(well, somebody with an indistinguishable-from-magic antenna array and a truck full of DSPs might be able to pick up some effect of your antenna and RF circuitry against background; but it'd be dubiously practical at best); but a great many GPS receivers are connected to cellphones that are delightfully cooperative about providing those data for you. Now, even without GPS, cell tower triangulation would provide rough data; but GPS neatens it up nicely.

  6. Re:Smurftastic! by Zaelath · · Score: 1, Insightful

    That's a worthless comment.

  7. Re:Smurftastic! by bob_super · · Score: 3, Insightful

    While that's a bit of an exaggeration since NSA is only collecting (once the data comes up/who cares where the hammer falls down/it's not my department/says NSA von braun), it fits in a more worrisome pattern.

    There was never a doubt in the European's mind that waterboarding is torture, because that's what was used by the Reich on the resistance. When you add a KGB/Stasi-on-steroids NSA, that makes for a nasty vibe.

  8. mod up. They used to target key suspects. by raymorris · · Score: 5, Insightful

    Indeed, that's the difference. When they had to show up with a warrant for a specific individual and have agents sit and listen, they did that for high value suspects. Now it's all of us, all the time, who are the targets.

  9. Re:Ever wonder why US unscrambled GPS Signals. by nctritech · · Score: 5, Insightful

    This is why the FIRMWARE of phone radio CPUs needs to be fully open-sourced. Until they are, there is no way to audit them for privacy concerns nor modify them to close such loopholes.

  10. Re:So... by Anonymous Coward · · Score: 1, Insightful

    If you're rooted, encrypting does nothing but give a false sense of security.