Schneier on Security

Has anyone tried this? It sounds rather unlikely; first of all, where would they get all that information, from all the different service providers? Secondly, why would they need a reply from the phone? Would that be because they need the phone's internal number (kind of like a MAC address)? Otherwise, if the phone has been moved while turned off, they would lose the "lock" on the position and would have to start over.

I don't know a whole lot about the details of the GSM protocol, but I can imagine they can find the location if they call someone (maybe even if the don't answer, as long as the phone is on).

Also, I would think this is only borderline-legal, if at all. One could argue that the location of their phone is personal information, and, as such, covered by privacy laws.

"The service promises to let you “catch cheating wives or cheating husbands” and even “bug meeting rooms.” Its tools use a phone’s microphone to let you hear essentially any conversations within earshot."

this sounds like something out of the old gene hackman movie, "the conversation".

I think that Flexispy needs an app running on the phone ( Symbian or Windows mobile ). Also from the FAQ - "FlexiSPY needs a working Internet connection on your mobile. "

I'm safe with my bottom of the range Nokia then!

And in fact one of the best ways to subvert this is to leave your well known cel phone somewhere convenient as you travel around without it.

Preferably right next to the speaker of a PC that you've been playing "Stack The Cats" on. :D "Stack the Cats" is my favorite low-cost, low-effort way of dealing with a bugged room.

http://www.thefrown.com/?/games/-2/384

@Sparky: IIRC from the first time I heard about a service like this, they don't "need" a response to the text message at all. It's a (feeble) security measure, an attempt to get the permission of the person being tracked. There's no technical need for it.

And yes, the big question is why network operators are (a) willing, and (b) permitted to provide the information needed to do this.

According to the website it's "only" Orange, Voda and O2. So maybe I'll call up Orange and tell them I'm switching to T-Mobile unless they can exclude my number from ever being tracked by any such service...

Looking at the FlexiSpy website, it appears that you have to install the software on the victim's phone:

"Can I install FlexiSPY remotely?
No. You need to have the phone physically in your hand for about 15 min. Installation is simple. You simply open up a web page on the mobile and enter your code. The download and install beings automatically"

"How does Remote Listening work ?
The phone with FlexiSPY on it is the target phone. The phone you make spy calls from is the monitor phone. When you call the target phone from the monitor phone, the target phone will answer the call, letting you listen to the phones surroundings. If the phone is busy or a key is pressed, the spy call will be disconnected, and the target will be none the wiser."

Simply put, you have the thing installed on your phone and someone else calls it. Not quite as dangerous as it initially sounds.

@sparky

Your phone can be uniquely identified by either the IMSI (sim), IMEI (phone) or MSISDN (number).

@sparky

Damn.. Posted my previous message before finishing!

Location updates (containing cell id and IMSI) are generated as a phone moves between cells. So that can give geography. But this is sent within the core mobile network and therefore would have to be provided by the network operator.

@Dave,

"Not quite as dangerous ..."

You have forgoton that the phone operator can download a patch to your phones software any time they like and frequently do (supposadly it needs to be signed or some such on modern phones...)

Also as a lot of teenagers know downloading a ring tone to a phone is not that difficult either. So 15mins seems a long time I recon with abit of practice it could be done whilst you go get a cup of coffee or comfort stop.

Phone security is at best laughable (have a look on Cryptome's GSM section). Even on modern phones the security model is to protect the phone OS from apps running in the computer OS running on the phone (MS windows / symbian et al).

Importantly phones are going to be used as security tokens in future. So not having propper app to app security is within a year or so be a significant issue.

Logged in to World Tracker - no signs of the scary ability to track someone by their cell phones. The service just allows you to _manually_ specify your location, so your friends can see where you are. Seems that Mr. Schneier just copypasted the text from www.geeksaresexy.net.

Kinda of related to the Telco / Spy thing, Why cant we devise a piece of software to track them??? YAs I know the Gov has all the tools

TO Bruce and all the Tech Guru's on this site: Would like your technical input on how Unknown Number / Unknown Numbers call be traced or HOW they are routed by Telecoms OR even allowed!

Below is my attempt at having COMCAST block a Unknown name / number that keeps calling my NEW Comcast Digital phone number!.

Hello COMCAST —This is rather long but please read

I have been trying to block a company that is calling our home number ( harassing us with unsolicited offers) I have tried using the comcast feature but it is not working as the company is obviously has a auto dialer with a registration of for both the name and number coming across as “Unknown Name & Number”. Can we do something on Comcast part to block this? The company first started calling the day after I got my new digital phone number. I was able to block the 800 service numbers but know they are using the “ Unknown Name Unknown Number” to harass us.

The 800 numbers that I have blocked are listed below, can you have Comcast investigation division get them/ trace them? Comcast should be able to trace the calls in the teleco routing station to the point from which they call.

800 257 5722
877 450 6649

if you look up these number on the internet it appears they have been frequent violators

http://whocalled.us/list/

http://800notes.com/Phone.aspx/1-800-257-5722

http://whocallsme.com/Phone-Number.aspx/8002575722

COMCAST
Thank you for contacting Comcast Live Chat Support. Please give me one moment to review your information.

COMCAST
I am sorry to hear of what this company is doing.

COMCAST
Have you had a chance to add your number to the do not call list?

Customer
I am doing that, but what about getting the comcast investigation unit involved?

COMCAST
I apologize but our features work on blocking numbers with by the phone number registered under the line or by blocking numbers who have their display blocked. Since the display shows “ Unknown Name Unknown Number” it tells us that their called id information is blank

COMCAST
I would recommend to contact the company to be removed from their contact list as well as adding your name to the Do no call list.

Customer
Again, what about having the investigation unit get involved, it seems crazy that anyone could get a number without an ID. I told them when they first called to remove me.

COMCAST
Please give me just one moment to see if there is anything that we can do on our end.

Customer
ok

COMCAST
I have looked into this for you and I am very sorry but at this time Comcast is unable to address this for you. The only thing that we would advise is for you to enter your number on the states Do no call list and the National one. If after you do this, the calls persist, I would recommend to contact the Federal Trade Commission which the is the Government office that is in charge of making sure that the Do not call registries are followed.

@Ruby: Maybe you could use some guerrilla warfare. Depending on what they are offering you, and your local laws, you could do a few things that cost them money and effort. Where I live (the Netherlands), the law basically says return any item over something like 50 euros (don't know exactly) and get a refund, no questions asked (provided the item is in new condition, packaging intact etc.). This also applies to anything send to you by mail.

You could also refuse to accept anything they have send you, make appointments for a mortage broker or whatever when you're not home, have them go through the trouble of selling you something (probably recorded), where you just mention you are intoxicated (and thus unable to enter into a contract).

If they are offering anything, you should be able to at least get a company name.

comcast dosent care, except that they are in the middle of a big promotion to get people to sign up for their network. A bad news story will damage millions of dollars worth of propaganda. There is a national do not call list in the US. its equally useless, especially if comcast will not tell you where the call originates.

@Ruby,

The problem is actually tracing the call originators connection point. It might not actually have a "dialling number" attached to it that is known. And COMCAST may not be able to trace it back further than to the forign network connection to their network.

The easiest solution is to take the call and give the sales droid the run arround and waste their time as much as possible without giving any details.

Fairly soon the droid or the next one will log you as being a time waster, which earns them nothing and at that point you usually get left alone.

@Sparky.

First of all I worked for two years for a company providing high accuracy location services for embedding into GSM networks

GSM networks support multiple methods for determining the location of a handset - ranging in accuracy from the cell location (accurate to kms down to 100's of m) upto and including GPS enabled on the handset itself. (The technology I worked on was measuring the timing of arrival of base station signals on the handset and using that to determine it's location - google for E-OTD).

One of the initial drivers for high accuracy is for emergency use (E911 in the US, sim elsewhere), and for obvious reasons does not require permission from the end user for the emergency services to locate your handset.

The operators have looked to resell this technology for general use and it is available for 3rd parties to buy from them to build applications round - e.g. the World Tracker here could be based on such a resold service. Obviously opt in/out sholud be applicable.

Dave

Hehe, Symbian or Windows Mobile...
... how do I love proprietary OLD devices.

And I will NEVER EVER use a mobile phone with build in GPS/GALILEO

From Worldtracker's site...
http://www.world-tracker.com/products/lbs/

World-Tracker.com GSM is a service which can give you the peace of mind of knowing where your (love) children, their parents or any other pesky guardians are at any time, without letting them intrude on your day to day 'activity'. It uses the mobile phone network to locate your little 'friends' anywhere in the UK. You can access this information from this website or via text message.

World-tracker. Know where (...they are when you need some.)

Well, near enough.

@Sparky: ``I would think this is only borderline-legal''

And your point is?

My answer is the ``John Ashcroft solution[1]'': buy a blister-pack pay-as-you-go phone. So long as you activate it from somewhere other than your own phone, it's anonymous.

(Admittedly, if They want to know whose phone it is, traffic analysis would have you nailed in minutes.)

[1] http://media.www.thevistaonline.com/media/storage/paper962/news/2001/09/26/UndefinedSection/Disposable.Cell.Phones.Available.In.October-2112861.shtml

RE: Cell phone eavesdropping -

This has been done for years...in fact, one very large company routinely listens in on its employees' company issued phones - without their knowledge (you can't even tell you've been connected).

Solution? Turn the damn thing off when not in use.

Three blog posts about this (from 2006):

http://www.badscience.net/index.php?s=track+girlfriend

from a respected pro-science blogger.

http://www.wired.com/science/discoveries/multimedia/2008/05/gallery_squid_autopsy

Friday Squid Blogging anyone? Haha

"in fact, one very large company routinely listens in on its employees' company issued phones - without their knowledge "

These laws vary from state to state in the US, but I believe that every state requires that either the caller or the callee must be informed that a call is being monitored/recorded. So either the employees sogned something saying they understand that the company will do this, or when they call someone that someone would get a message ("to improve the quality of service, this call may be monitored or recorded") which the employee would get asked about in short order.

I don't think there's a legal way for a company to listen in on a company-issued cellphone without the employee knowing.