Cell Phones and a Cashless Society
The Pocket Spy: Will Your Smartphone Rat You Out?
October 14, 2009New Scientist - ...A decade ago, our phones' memories could just about handle text messages and a contacts book. These days, the latest smartphones incorporate GPS, Wi-Fi connectivity and motion sensors. They automatically download your emails and appointments from your office computer, and come with the ability to track other individuals in your immediate vicinity. And there's a lot more to come. Among other things, you could be using the next generation of phones to keep tabs on your health, store cash, and make small transactions - something that's already happening in east Asia.
These changes could well be exploited in much the same way that email and the internet can be used to "phish" for personal information such as bank details. Indeed, some phone-related scams are already emerging, including one that uses reprogrammed cellphones to intercept passwords for other people's online bank accounts."Mobile phones are becoming a bigger part of our lives," says Andy Jones, head of information security research at British Telecommunications. "We trust and rely on them more. And as we rely on them more, the potential for fraud has got to increase."...In February, Google launched Latitude, networking software for smartphones that shares your location with friends. It can be turned off, but campaign group Privacy International is concerned by Latitude's complex settings and says it is possible the program could broadcast your location to others without your knowledge.
"Latitude could be a gift to stalkers, prying employers, jealous partners and obsessive friends," the organisation warns.
...By next year about 1 in 3 new smartphones will have accelerometers. Pressure sensors and gyroscopes will follow, and soon your handset may keep tabs on your health and pay your bills too.
For example, Nokia is experimenting with adding biosensors capable of monitoring heart and breathing rates, as well as glucose and oxygen levels in the blood.
"Your phone could act as a wellness diary, and start to integrate data with the primary health records kept by your doctor," says Marc Bailey, a researcher at the Nokia Research Centre in Cambridge, UK.Meanwhile mobile commerce, or M-commerce, in which phones are used to transfer money or pay for shopping, is already expanding rapidly. Cellphone users in Japan can buy train or airline tickets with their handset, while people in Afghanistan, the Philippines and east Africa can use their handsets to transfer money to each other.
"M-commerce is coming, and the expectation is that it will become prevalent in the UK and other European countries within four years," says Joe McGeehan, head of Toshiba's research lab in Europe.Though these developments should bring many benefits, security is expected to become a problem.
"As soon as you put money on anything, criminals become more interested in it," says McGeehan.To counter this, manufacturers are developing more secure ways of encrypting data on handsets. According to Nokia, users will be able to alter security settings depending on how much data they want available at any one time. Phones with built-in fingerprint scanners are already on the market, and Sharp has experimented with face recognition on handsets, though hackers have recently shown that face recognition is easily defeated with just a photograph.
Meanwhile, Apple is thought to be considering adding biometric security measures, such as a fingerprint scanner, to future iPhones. However effective these security features are, though, they will only work when turned on.
Phone security Q & A
If I delete a message or photo on my phone will it disappear completely?
Data often remains on a phone's memory chip until it is overwritten. Phones also create extra copies that are spread around its memory. It is possible to overwrite files by copying new data onto the phone. Commercial software will "zero fill" a memory or SIM card to overwrite it.
Where do recycled handsets end up?
According to Andy Jones, a security specialist at British Telecommunications, the main markets for recycled phones are Nigeria and China, "both of which are regarded as areas posing a high threat to the security of information".
What if I smash up my SIM card?
Forensic analysts can often recreate SIM cards using the data that's stored on the handset. How much information they can retrieve depends on the phone model. It is also possible to stick a damaged SIM card back together and then extract its data.
Can my movements be tracked, even if I don't have GPS on my phone?
A technique called cell site analysis can be used to track someone to within 10 to 15 metres, using cellphone masts to triangulate their position. GPS can give more detailed information, such as your altitude or the speed you are travelling at.
Can my handset be used to spy on me?
If someone can get direct access to your handset, they can install software that lets them listen to conversations and monitor text messages without your knowledge. Without direct access, they can still monitor your phone usage remotely, but not eavesdrop on your conversations. It is also possible to send text messages that look like they come from someone else - a technique called SMS spoofing. This makes it possible to upload messages to someone else's Twitter account, or send your boss rude messages using a colleague's number.
How do I improve my phone's security?
Switch on all security options such as handset PIN codes. Download software to wipe your phone before you throw it away or send it for recycling. Consider buying a handset with fingerprint recognition security. Alternatively, add software that can find your phone or even take control of it remotely should it be stolen, allowing you to encrypt all data stored on it, disable it entirely or even make it emit a loud alarm.
Is it legal for my employer or partner to send my cellphone for analysis?
If it is a company phone, or was a present from your partner, beware. Chances are that they can claim legal ownership and so can do what they want with it.
Sprint Received 8 MILLION Law Enforcement Requests for GPS Location Data in the Past Year
December 2, 2009EFF - This October, Chris Soghoian — computer security researcher, oft-times journalist, and current technical consultant for the FTC’s privacy protection office — attended a closed-door conference called “ISS World”. ISS World — the “ISS” is for “Intelligence Support Systems for Lawful Interception, Criminal Investigations and Intelligence Gathering” — is where law enforcement and intelligence agencies consult with telco representatives and surveillance equipment manufacturers about the state of electronic surveillance technology and practice. Armed with a tape recorder, Soghoian went to the conference looking for information about the scope of the government’s surveillance practices in the US. What Soghoian uncovered, as he reported on his blog this morning, is more shocking and frightening than anyone could have ever expected.
At the ISS conference, Soghoian taped astonishing comments by Paul Taylor, Sprint/Nextel’s Manager of Electronic Surveillance. In complaining about the volume of requests that Sprint receives from law enforcement, Taylor noted a shocking number of requests that Sprint had received in the past year for precise GPS (Global Positioning System) location data revealing the location and movements of Sprint’s customers.
That number? EIGHT MILLION.
Sprint received over 8 million requests for its customers’ information in the past 13 months. That doesn’t count requests for basic identification and billing information, or wiretapping requests, or requests to monitor who is calling who, or even requests for less-precise location data based on which cell phone towers a cell phone was in contact with. That’s just GPS.
And, that’s not including legal requests from civil litigants, or from foreign intelligence investigators. That’s just law enforcement.
And, that’s not counting the few other major cell phone carriers like AT&T, Verizon and T-Mobile. That’s just Sprint...
Military Could Use iPhones to Track Friends, Enemies in War
December 16, 2009New York Times - Is the iPhone going to war?
On Wednesday at the 2009 Intelligence Warfighting Summit in Tucson, Raytheon, the military contractor, announced an iPhone application that tracks friends and foes, shows their positions on live, real time maps and provides secure communications.
Called the One Force Tracker, the Raytheon iPhone software can also be used by first responders like police, firemen and emergency medical technicians.
The app works on a standard iPhone, said J Smart, chief technology officer for Raytheon’s Intelligence and Information Systems.
“We are really delighted to be leveraging Apple’s innovation.”The adaptation of the iPhone to military use is somewhat unusual, as technology more often trickles from the military to the consumer market. But this is a rare case of consumer hardware and software concepts being adapted for military use.
For instance, crowdsourcing, which has volunteers use cellphones to report real-time traffic flow, could be adapted to turn each soldier into a reporting unit, delivering real-time data about position and status.
Communications resemble social sites like Facebook, in which your friends would be represented by a military unit and could be used to track the position of, and communicate with, other units.
Maps with an overlay of points of interest are familiar to every GPS user. The Raytheon app would use the same concept, but points of interest might be known sniper sites or safe fallback positions.
Field information would be transmitted to a central computer that would crunch the data, update it and push it back out to the soldiers...
Mr. Smart also said that Raytheon was developing sensors that could be attached to phones so that they would serve other purposes. He declined to give specifics, however mobile phones have been outfitted as portable ultrasound machines, which would be useful for battlefield medicine.
Although the application that Raytheon has developed will work with an off-the-shelf iPhone, the company concedes that there would have to be alterations for the battlefield.
One iPhone limitation to be addressed is that it only carries out one function at a time unlike competing systems from Palm and Google, which can run several concurrently. If a soldier is to have position automatically reported, the GPS will have to run at the same time as other applications. Mr. Smart said it would be an easy adaptation to make.
“Underneath the iPhone is a Mac OS X operating system, which is based on Unix, which gives us Unix multitasking,” he said.But that raises another issue. Apple limits multitasking because it empties the batteries quickly. Because the iPhone doesn’t have a replaceable battery, a fresh one can’t be popped in when power gets low. Mr. Smart said that Raytheon may address that through a ruggedized phone case that would accommodate a larger battery.
Mobile phones are also known to be vulnerable to hacking attacks. Mr. Smart said that some safeguards were built in to the software, but especially sensitive transmissions could be passed through a more sophisticated scrambler that it would dock with.
Apple did not respond to a request for comment.
Raytheon is developing other iPhone apps as well. It has also demonstrated an application that would serve to train air-traffic controllers. It would not completely replace current training, but would build skills in recalling aircraft and terrain, visual scanning, on-the-fly mathematics and rule-based decision-making, skills that also are used frequently by gamers.
No comments:
Post a Comment