Phone security Q&A
Danny | 16.10.2009 12:29 | Other Press | Technology
The following advice from New Scientist is just a useful reminder that activist security means more than just removing your phones battery when discussing shit. It requires one caveat. When it says "Without direct access, they can still monitor your phone usage remotely, but not eavesdrop on your conversations" that this doesn't apply to the security services who can eavesdrop on turned off phones remotely.
Phone security Q & A
If I delete a message or photo on my phone will it disappear completely?
Data often remains on a phone's memory chip until it is overwritten. Phones also create extra copies that are spread around its memory. It is possible to overwrite files by copying new data onto the phone. Commercial software will "zero fill" a memory or SIM card to overwrite it.
Where do recycled handsets end up?
According to Andy Jones, a security specialist at British Telecommunications, the main markets for recycled phones are Nigeria and China, "both of which are regarded as areas posing a high threat to the security of information".
What if I smash up my SIM card?
Forensic analysts can often recreate SIM cards using the data that's stored on the handset. How much information they can retrieve depends on the phone model. It is also possible to stick a damaged SIM card back together and then extract its data.
Can my movements be tracked, even if I don't have GPS on my phone?
A technique called cell site analysis can be used to track someone to within 10 to 15 metres, using cellphone masts to triangulate their position. GPS can give more detailed information, such as your altitude or the speed you are travelling at.
Can my handset be used to spy on me?
If someone can get direct access to your handset, they can install software that lets them listen to conversations and monitor text messages without your knowledge. Without direct access, they can still monitor your phone usage remotely, but not eavesdrop on your conversations. [NB The security services can eavesdrop on phones that they have only remote access to, according to BBC and other mainstream reports of MI6 spying at the UN - Danny.] It is also possible to send text messages that look like they come from someone else - a technique called SMS spoofing. This makes it possible to upload messages to someone else's Twitter account, or send your boss rude messages using a colleague's number.
How do I improve my phone's security?
Switch on all security options such as handset PIN codes. Download software to wipe your phone before you throw it away or send it for recycling. Consider buying a handset with fingerprint recognition security. Alternatively, add software that can find your phone or even take control of it remotely should it be stolen, allowing you to encrypt all data stored on it, disable it entirely or even make it emit a loud alarm.
Is it legal for my employer or partner to send my cellphone for analysis?
If it is a company phone, or was a present from your partner, beware. Chances are that they can claim legal ownership and so can do what they want with it.
[see also http://news.bbc.co.uk/1/hi/magazine/3522137.stm ]
If I delete a message or photo on my phone will it disappear completely?
Data often remains on a phone's memory chip until it is overwritten. Phones also create extra copies that are spread around its memory. It is possible to overwrite files by copying new data onto the phone. Commercial software will "zero fill" a memory or SIM card to overwrite it.
Where do recycled handsets end up?
According to Andy Jones, a security specialist at British Telecommunications, the main markets for recycled phones are Nigeria and China, "both of which are regarded as areas posing a high threat to the security of information".
What if I smash up my SIM card?
Forensic analysts can often recreate SIM cards using the data that's stored on the handset. How much information they can retrieve depends on the phone model. It is also possible to stick a damaged SIM card back together and then extract its data.
Can my movements be tracked, even if I don't have GPS on my phone?
A technique called cell site analysis can be used to track someone to within 10 to 15 metres, using cellphone masts to triangulate their position. GPS can give more detailed information, such as your altitude or the speed you are travelling at.
Can my handset be used to spy on me?
If someone can get direct access to your handset, they can install software that lets them listen to conversations and monitor text messages without your knowledge. Without direct access, they can still monitor your phone usage remotely, but not eavesdrop on your conversations. [NB The security services can eavesdrop on phones that they have only remote access to, according to BBC and other mainstream reports of MI6 spying at the UN - Danny.] It is also possible to send text messages that look like they come from someone else - a technique called SMS spoofing. This makes it possible to upload messages to someone else's Twitter account, or send your boss rude messages using a colleague's number.
How do I improve my phone's security?
Switch on all security options such as handset PIN codes. Download software to wipe your phone before you throw it away or send it for recycling. Consider buying a handset with fingerprint recognition security. Alternatively, add software that can find your phone or even take control of it remotely should it be stolen, allowing you to encrypt all data stored on it, disable it entirely or even make it emit a loud alarm.
Is it legal for my employer or partner to send my cellphone for analysis?
If it is a company phone, or was a present from your partner, beware. Chances are that they can claim legal ownership and so can do what they want with it.
[see also http://news.bbc.co.uk/1/hi/magazine/3522137.stm ]
Danny
Homepage:
http://www.newscientist.com/article/mg20427301.100-the-pocket-spy-will-your-smartphone-rat-you-out.html?page=2
Additions
taking battery out in meetings
17.10.2009 18:10
To all those people who go to a meeting and at the start of it they take out the battery.
So whoever may be monitoring phone movements. They see all these phones converging at the same point at the same time. Then suddenly they are all turned off. At the same time. What would you think?
If you need privacy for your meeting, leave your phone at home.
So whoever may be monitoring phone movements. They see all these phones converging at the same point at the same time. Then suddenly they are all turned off. At the same time. What would you think?
If you need privacy for your meeting, leave your phone at home.
c.
Comments
Display the following 3 comments