Modern smartphones are equipped with multiple sensors, which allow for a rich user interface. Being generally useful, they can sometimes unintentionally disclose confidential information. While the privacy risks associated with sensors such as microphone, camera and GPS are obvious and well understood, there are also unobvious risks. In particular, access to motion sensors such as a gyroscope and accelerometer. Any program – even a Java applet on a website – can measure and store the performance of these sensors.
What are the risks? You can access the gyroscope and accelerometer: 1) identify the user by their walking pattern (obtained from a smartphone accelerometer); 2) read characters entered from the keyboard next to the smartphone; and even 3) listen to conversations without access to a real microphone – using the gyro as a rough microphone.
Battery that knocks.
Have you ever wondered how your battery from your cell phone will know when it will stop charging – when it is connected to the network, but your cell phone is off? The modern battery – it has a built-in microcomputer that communicates with the charger and the cell phone. The smart battery, or SBS (Smart Battery Management System) built into it, can be completely reprogrammed.
This option was originally designed so that the SBS could measure the battery parameters more accurately and adjust the charging algorithm more adaptively (depending on the chemical and other characteristics of the battery). If an intruder can change the operation of such an internal microcomputer, it can cause the battery to overheat or even cause the battery to burn. Also, an attacker who has access to a smart-battery microcomputer can observe trusted operations with the smartphone’s cryptochip (because the battery communicates with the operating system through a “trusted channel”).
Tell me how much power your phone is using…and I’ll tell you where you are.
Modern mobile platforms such as Android allow applications to read the total power consumption of a smartphone. This information is considered harmless and therefore reading it does not require the rights of a privileged user.
What is the threat? Just by simply reading a smartphone’s total power consumption for a few minutes, you can determine the location of the smartphone user. The total power consumption data of the phone is extremely noisy due to the many components and applications that consume power at the same time. However, thanks to modern machine learning algorithms, they can be sifted out and successfully located on a smartphone.
Wi-Fi reads by lips.
Wi-Fi-signals can “see” people’s movements and locations and “hear” their conversations – even those without any electronics. This is made possible by advanced radio-mapping techniques: coarse radio-mapping allows you to “see” and fine-grained radio-mapping even allows you to “hear” (and several people at once).
The case with Wi-Fi-video is more or less obvious, and therefore not so interesting. As for Wi-Fi-Hearing, the secret here is in profiling the motion of the mouth cavity. In this case, Wi-Fi-signal captures not only the characteristic position of the lips, but also the characteristic position of teeth and tongue. In addition, because radio signals pass through walls and other physical obstacles, Wi-Fi can “hear” conversations even behind the wall. To do this, the Wi-Fi signal only needs to find a person’s mouth without confuse it with a blinking eye. But this task is quite solvable.
Tell me what electromagnetic field is in the room… and I’ll tell you where you are.
Indoor-localization through smartphone fixation of electromagnetic field (electromagnetic fingerprints) – a widely discussed technology in recent years. This technology is based on the fact that in different rooms – the magnetic field is different. It differs depending on natural and artificial factors: design features of steel or reinforced concrete frame, design features of electric network, etc.
Thus, each room has its own unique electromagnetic print. The corresponding magnetic field profiles can be used as fingerprints for indoor-localization. Electromagnetic indoor localization gradually displaces Wi-Fi radio mapping as it is less energy consuming. After all, nothing but a smartphone is needed to fix the electromagnetic field. And you don’t need to generate this field – you already have it. While at Wi-Fi-radio mapping it is necessary to have several receivers and transmitters of Wi-Fi-signal.
RFID tags in your underwear.
Marketers in the retail industry are trying to present RFID tags – these tiny computer chips, smaller than a grain of sand that can track the movement of objects – as an “improved barcode. But RFID tags differ from barcodes in three fundamental ways:
1) Goods of the same model have the same barcode. Whereas, thanks to the RFID tag, each item has a unique identifier. This identifier can be easily associated with the customer. For example, to define a “frequent buyer” – when scanning his credit card.
2) RFID chips can be read from a distance; right through your clothes, purse or backpack – without your knowledge and consent. As consumers, we cannot know which products have these chips and which do not. RFID chips can be well hidden. For example, they can be sewn into the seams of clothing, placed between layers of cardboard, cast in plastic or rubber, and integrated into the design of consumer packaging. In addition, the antenna required for these chips can now be simply printed with conductive ink, making RFID chips virtually invisible. Some companies are even experimenting with the design of the packaging, which itself will be an antenna (and so a special antenna is not needed). As a result, in the near future, consumers will not be able to find out if the product they are purchasing contains an RFID tag or not. So, today RFID tags are not only placed on the product label, but – in the case of garment tagging – are increasingly being sewn directly into garments. At the same time, the person concerned will have no problem walking around the store with an RFID reader and product catalogue and then matching RFID tags with items of clothing.
Eventually, he or she will be able to find out what the person is wearing while walking down the street with an RFID scanner. However, if you still think that RFID tags can only be read from a few centimetres away, then you are mistaken. With low-cost special equipment, they can be read from a distance of 20 meters, and even more.
Ultrasonic conspiracy of your smart gadgets.
The Ultrasonic Tracking System (uBeacons) is a relatively new technology that uses audio beacons outside of human hearing to track users and devices. uBeacons are high-frequency audio beacons that can be emitted and detected by most commercial speakers and microphones; and that people cannot hear. Typically in the 18-20 kHz range. This ultrasound is the holy grail of marketers, as it allows you to track user actions on different devices.
For example, knowing that Uncle Vasya just watched a TV ad; and now he’s already online from his smartphone (to find a birthday present) – the advertiser can show relevant contextual advertising. uBeacons can be built into websites or television ads, and can be built into smartphone apps with SDKs. The advantage of uBeacons, which is especially favoured by marketers, is that this technology provides high precision targeting of ads without requiring any action from the user. However, for this purpose it is necessary that the uXDT framework is installed on the user’s mobile device. The essence of the work of uXDT-framework is that mobile applications embed appropriate audio beacons: to keep track of what the user does.
At the same time, a developer of a mobile application may not even know that such a beacon is hidden in his project. This can happen, for example, when he used the “free SDK” in software development, where the developer of this SDK for the sake of income built an ultrasound module into his library. Advertisers use uXDT to target users in the following ways.
1) First, the advertiser launches an ad with ultrasound elements: either on TV or on the website.
2) As soon as the ad is displayed, a short sequence of high-frequency (i.e. ultrasonic) tones is produced from the device’s speaker. This high-frequency tone is immediately captured by the uXDT framework on the user’s smartphone.
3) To provide this functionality, the uXDT framework operates in the background and periodically accesses the microphone of the device to listen to ultrasonic signals.
After such a signal is recorded, the uXDT-frame extracts a unique ad identifier from it and informs the advertiser about it – along with the unique identification data of the device and the user. The advertiser then uses this information to identify the interests and preferences of the user, and accordingly makes him an individual promotional offer: sends the targeted ad to the user’s device.
The enemy from the fridge-(and book shelf).
In 1999, the University of Massachusetts initiated the Auto-ID project, which aims to: create a “physically connected world” in which every element on the planet is inventoried, catalogued and tracked. There are now 0.3 mm RFID beacons that are as thin as human hair. They can easily be placed in money notes, allowing intelligence agencies to track the history of money transactions. This initiative eliminates the anonymity of cash exchanges.
“Refrigerators that report their contents to the supermarket.” “Interactive television that selects advertisements relevant to you” (e.g. based on the contents of your refrigerator). All of this is the reality of our day. Auto-ID, in combination with RFID scanners installed in bookshelves (so-called smart shelves) – can provide a degree of awareness about the behavior of potential consumers. What’s more, sometimes these RFID scanners are installed in interior items even without the end consumer’s knowledge.
Secret life of your SIM card.
A SIM card is a mysterious little computer in your pocket that you have no control over. A SIM card can do much more than just mediate authorization procedures on your mobile phone. The simplest applications can be downloaded and executed directly on the SIM card – separately from your mobile phone – without even knowing what operating system is on your mobile phone. These applications can: 1) navigate through URLs; 2) send SMS; 3) initiate and receive calls; 4) connect and use information services; 5) run AT commands on your mobile. Applications on the SIM-card are loaded in “silent mode”, – by means of packet data transmission via remote access. Applications on the SIM-card can be updated either by a mobile operator or by an intruder pretending to be a mobile operator (e.g. by IMSI interceptor). Detailed instructions on how to do this are publicly available.
So, this is 10 modern technologies of mobile psychics, which allow Big Brother and other interested parties to carry out total surveillance. But the techniques of “old school”, using spyware, secretly deployed on mobile devices, are still relevant.
There are several dozens of spyware programs that can be remotely installed on a mobile phone in “silent mode”, and spy on its owner, without giving away their presence. Previously, it was believed that sticking to the so-called “hygiene of cybersecurity”, you can safely protect yourself from such interference in your personal life. However, today the victim of mobile espionage can be even those who avoid risky behavior in the network, who use the most advanced protection and who use the latest software updates.
Thanks to modern security features, some spyware can be tracked. However, in order to keep these security features up to date, you need to be able to configure them. After all attackers just as well as defenders do not sit on a place, and make considerable efforts to hide the programs from the automated systems of protection. Thus, to adjust protection with the course of time becomes more and more difficult, and to carry out successful attacks all easier. Including because with submission of the western special services the most modern information technologies today are in open access. As a result of this policy of openness, the risk of using hightech toys – an obsolete film about hackers by young people; unpredictable and impulsive.
The widely publicized leaks of today’s CIA high-tech toys are not at all Snowden’s and WikiLeaks’ démarches – which the media are trying to convince the unsophisticated public – but a controlled information leak aimed at directing competitors in an “arms race” in a direction that is known to be losing; so that they continue to invest time and money in tools that no longer offer a competitive advantage. Cyber operations and info-centric wars are no longer the key to competitive advantage. Today, the ball is ruled by knowledge-centric wars, the essence of which is that “professionals break people, not machines”.
Thus, we are witnessing an increasing exponential asymmetry of cyber-security today: the attackers are in better conditions than the defensive ones. The annual increase in mobile threats is 42%. Below are a few examples of spyware that is distributed as legal programs – under the guise of so-called “parental control systems” and the like. They all hide their actions from the owner of the mobile phone.
Neo-Call Spy. Originally created for Symbian mobiles, now also works on iPhone, Blackberry, Android, Windows Phones. It sends information directly to another mobile phone. This program is based on the IMEI number, i.e. an intruder must know his target. The program monitors the following parameters: SMS, call list, location; performs remote listening, keystroke logging. It receives commands from the manager’s mobile phone via hidden SMS messages.
Mspy. Works on smartphones and tablets. Allows you to follow calls, SMS messages, e-mail messages, GPS location, browsing history, calendar, address books, IM messages; allows you to manage installed applications, view multimedia files. It also has remote control features, such as complete erasure of the device and detailed reporting. To collect and provide information, it uses a secure Internet account through a client-server architecture, with a web interface.
FlexiSpy. This program was originally classified as a mobile trojan because of its aggressive behavior; however, it later became softer and was removed from the mobile trojan category. It allows you to spy on mobile phones and tablets. It offers about 130 functions, including those that Mspy is equipped with. Of the unique features: access to the camcorder, viewing the wallpaper. Just like Mspy, it uses a secure Internet account through a client-server architecture with a web interface to collect and share information.
Mobile Spy. Possesses most FlexiSpy functions; in addition, it can block applications, install new applications, and interact in real time with the control panel of the mobile user interface.
Higster Mobile. Easy-to-use monitoring software: text messages, phone records, call logs… everything is sent from the victim’s phone to either an email or mobile, or to a secure Internet account.
All-in-one Spy Software. High-quality mobile spy software, developed since 2006. Mobile phone tracking and surveillance. Secure SMS. Voice encryption; and computer software for monitoring.
Spyera. Program installed on your smartphone – to control everything that happens on your mobile. Secretly records all the events (SMS, call history, phone book, location, emails, app messages, IM, Facebook chat, Skype, view photos taken, and much more) that occur on your phone; and delivers this information to a secure web account.
SpyMaster. The most effective and advanced mobile espionage software. One hundred percent hidden mode, leaves no chance of detection. At least that’s what the developers say.