Big brother is watching you

Taiwan_Luthiers · March 29, 2009, 1:47pm

Next time if you are talking about something sensitive better take the battery out of your cell phone… because someone might be listening.

http://news.zdnet.com/2100-1035_22-150467.html

headhonchoII · March 30, 2009, 3:24am

I doubt anyone could install any software on my old Samsung!

Mick · March 30, 2009, 4:13am

Someone must of installed software for your phone to work. Samsung of course, but then also ARM who provides chips to Samsung and they supply pretty much every other mobile phone company in the world as well, Nokia uses a operating system called Symbian OS, it must use an ARM chip, Apple iPhones, Blackberries all use ARM. So unless ARM actually provided a backdoor, which would give access to just about every mobile on the planet, then your right, no one could install software on your old Samsung.

Now I wonder if the British governement had the ability to influence a company at home like ARM, that gave then listening ability over just about everyones conversation in the world that carried a mobile, would they do that? Hmmm, thats a tough one.

headhonchoII · March 30, 2009, 4:31am

Fair enough it is possible, but listening ability still has to activate the call somehow, how do they hide from end user and also from network provider? Inconsistencies will appear on their bills/network systems right? I’m sure it’s possible but must easier to do in the US due to the overall pervasive ‘war on terror’ and fear of government than outside the US, the chance to get caught out would be higher. Another way of course is to install a firewall on the mobile.

Mick · March 30, 2009, 4:54am

If it was done at the chipset level, no one, including Samsung, Apple , Microsoft or anyone would be aware of it. if the capabilities for handling incoming calls, what to activate, what to do reside in the ARM (which they do) . They can choose not to ring, to just open a mic, when a certain trigger is recieved. This would be fairly trivial.

In 2004 Clair Short was complaing about privicy laws and that she was getting trascripts of Kofi Annan’s private conversations, and I recall was saying they could listen in on who they wanted , when they wanted, which had Tony Blair describe her comments as “irresponsible and damaging” and left little to the imagination.

Traffic though a mobiles carrier is an interesting point, I still think that could be handled on the chip side, i.e. the chip would be responsible for sending information on when a call is established, when its ringing, when to log it as a missed call and could control that. Alternatively, a mobile station could be used to bypass the local network altogether.

Charlie_Phillips · March 30, 2009, 5:39am

A couple of years ago it was revealed that the FBI could listen to you via cellphone even when your cellphone is TURNED OFF.

Here’s the youtube of the Fox News story: youtube.com/watch?v=0G1fNjK9SXg

urodacus · March 30, 2009, 6:01am

…And the Chinese have been caught with their hand in the cookie jar too, running a cyber-eavesdropping system worldwide that targeted state enemies such as foreign diplomats and embassies, military computers in NATO, research companies, and even His Holiness the Dalai Lama, that most evil and sinister of threats to the peaceful rise of the Chinese dragon.

[quote=“CNN”]LONDON, England (CNN) – Nearly 1,300 computers in more than 100 countries have been attacked and have become part of a computer espionage network apparently based in China, security experts alleged in two reports Sunday.

The network was discovered after computers at the Dalai Lama’s office were hacked, researchers say.

Computers – including machines at NATO, governments and embassies – are infected with software that lets attackers gain complete control of them, according to the reports. One was issued by the University of Toronto’s Munk Centre for International Studies in conjunction with the Ottawa, Canada-based think tank The SecDev Group; the second came from the University of Cambridge Computer Laboratory.

Researchers have dubbed the network GhostNet. The network can not only search a computer but see and hear the people using it, according to the Canadian report.

“GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras,” the report says.

The discovery of GhostNet grew out of suspicions that the office of the Dalai Lama had been hacked.

His staff sent a foreign diplomat an e-mail invitation to meet the Tibetan spiritual leader, but before the Dalai Lama’s people could follow up with a phone call, “the diplomat’s office was contacted by the Chinese government and warned not to go ahead with the meeting,” according to the Cambridge report. Video Watch CNN’s John Vause report on the network »

An investigation resulted in both reports. Both found links to computers in China, but the researchers did not conclude who they thought was behind the “malware,” or malicious software.

“Chinese cyber espionage is a major global concern … [b]ut attributing all Chinese malware to deliberate or targeted intelligence gathering operations by the Chinese state is wrong and misleading,” according to the Canadian report titled, “Tracking GhostNet: Investigating a Cyber Espionage Network.”

“The sheer number of young digital natives online can more than account for the increase in Chinese malware,” it adds.

But the report also points out that China is among a handful of countries, including the United States, Israel and United Kingdom, that are “assumed” to have considerable computer espionage capabilities.

Attempts by CNN to contact the Chinese government in Beijing and its American embassy and consulate offices were unsuccessful on Sunday, as the offices were closed.

However, a spokesman for the Chinese consulate in New York dismissed the idea China was involved when speaking to The New York Times.

“These are old stories and they are nonsense,” Wenqi Gao told the Times. “The Chinese government is opposed to and strictly forbids any cyber crime.”

Hackers gained access to computers in the Dalai Lama’s office by tricking computer users into downloading e-mail attachments that had been carefully engineered to appear safe, according to the authors of the Cambridge report, titled, “The Snooping Dragon: Social-malware Surveillance of the Tibetan Movement.”

“The attackers took the trouble to write e-mails that appeared to come from fellow Tibetans and indeed from co-workers,” according to the report, authored by Shishir Nagaraja and Ross Anderson. Once the attackers gained an initial foothold, “they also stole mail in transit and replaced the attachments with toxic ones,” the report adds.

The Dalai Lama investigation led to the discovery of hundreds more infected machines in locations from The Associated Press in Britain and Deloitte and Touche in New York, to the ministries of foreign affairs in Indonesia, Iran and the Philippines. The office of the prime minister of Laos was also snared, as was a single non-secure computer at NATO, according to the Canadian report. Infected computers “checked in” with control servers as early as May 2007 and as recently as March 12 of this year, the report adds.

Attempts by CNN to verify the reports’ allegations with NATO, the Laotian government and the Dalai Lama’s organization in India were not immediately successful on Sunday.

The attack has broader implications, Nagaraja and Anderson warn, since a single person could carry out a similar one.

“Even a capable motivated individual could have carried out the attacks we describe here,” they say.

The computer systems of businesses are almost certain to be hacked by similar means, if they have not been already, the experts claim.

“Social malware will be used for fraud, and the typical company really has no defense against it,” since it is so expensive and inconvenient, for example, to keep sensitive information or processes on computers with no Internet access. “We expect that many crooks will get rich before effective countermeasures are widely deployed.”

The Information Warfare Monitor Web site, where the Canadian report was released, was down Sunday afternoon.[/quote]

But of course it must be a red herring, for we all know that the Chinese government is totally against all kinds of spying.

And on another note, the have been many many rumours, unsubstantiated as of yet, that computers or chips made in China have “sleeper circuits” that remain hidden until activated, so potentially anything with a Chinese chip in it cold be a Trojan.

Much more information in another article here

Snooping Dragon, an academic technical report, is available here in pdf

the main Tracking Ghost report itself is available here.

Big_Fluffy_Matthew · March 30, 2009, 7:55am

Shouldn’t it be “Big Brother is listening” ?

Anyway, I’m sure they only do it to people who are really bad guys.

headhonchoII · March 30, 2009, 8:27am

[quote=“urodacus”]…And the Chinese have been caught with their hand in the cookie jar too, running a cyber-eavesdropping system worldwide that targeted state enemies such as foreign diplomats and embassies, military computers in NATO, research companies, and even His Holiness the Dalai Lama, that most evil and sinister of threats to the peaceful rise of the Chinese dragon.