The Educational CyberPlayGround Educational CyberPlayGround

 

Cell Phone Secrets

BIG BROTHER BIG BUSINESS
Researchers Crack Cell Phone SECRETS

In 1973, Marty Cooper invented the mobile phone.

How to Deregulate and Destroy the Bell Telephone Monopopoly to help the citizens of the US benefit from competition in the marketplace. Stephen Colbert explains the whole AT&T thing.

This page contains a Flash video. To view it requires that the Flash plugin is installed and Javascript enabled.

Upgrade your Flash Player.

Ten dangerous claims about smart phone security and the NIST Network Security Guidelines

Health

 

Study Suggests Cell Phone-Salivary Gland Cancer Link First study to look at long-term cell phone users February 19, 2008

Cell Phone Jamming

 

 

Cell Phone Jamming Device - Cool, though illegal, new device

PROTECT KIDS

 

Social-Networking will drive the next-generation cellphone market.

What parents can do with their cell phones now. JuiceCaster 2.0 for phone-created Web content (enabling more kid-produced media on the Web). Sprint Nextel Corp. introduced a new service called Family Locator that lets parents track their kids' whereabouts, using the GPS capabilities in each child's cellphone. 

Wall Street Journal on parental controls for mobile phones 2007

Screenagers: Cut screen addiction for a week
Banning TV and computer use at her house for a week was the fact that her two sons, 8 and 10, are pretty outdoorsy and they aren’t yet teenagers (aka social networkers). On Day 2, it’s like having toddlers again (no time to one’s self, etc.). Day 4 is the high point – when all the rewards are glimpsed. Day 6 sees a relapse, find tips that help.

MeetMoi cellphone service, Internet dating
http://online.wsj.com/article/SB118108651441725709.html
one can receive a potential dates profile (that of a person whos selected by MeetMoi for his/her physical proximity) via text message and set up an encounter minutes away. It allows you to update your nearby prospects as you move around. Zogos another such service, and the giant Web-based Match.com is adding this mobile capability to its service. Another example, Fast Flirting, allows users to sign into a virtual lobby where they can select a flirting partner based on factors such as age and location for $3 a month. Its new but theres a market, the Journal says - 3.6 million US cellphone users having accessed a dating service from their mobile phone in March. There are safety mechanisms in place on many services (e.g., MeetMoi shares profiles without revealing actual location users do that) but, if teens are using them, parents might want to ask if they've tried such services and are taking advantage of safety features.

Flexispy, and its downloadable monitoring software for cellphones. Protect Your Children the software has already been used successfully worldwide to protect children from predators and SMS [phone text] bullying. It "runs invisibly in the background and can only be accessed using a secret code." Flexispy Light "automatically records all incoming & outgoing SMS messages, calls, emails and tracks the device location" and uploads all this to a Web site the "spy" can access. The "pro" version does all that and offers "the ability to secretly switch the phones microphone on from any other phone; thereby listening into the targets surroundings."

Before a cell phone can be put on the U.S. market, it has to live up to a lot of federal regulations and one of them is the maximum SAR level.   1.6 W/kg maximum, confirmed by the Federal Communications Commission "The FCC limit for public exposure from cellular telephones is an SAR level of 1.6 watts per kilogram (1.6 W/kg)."  And a new cell phone from FireFly Mobile Inc. thats designed specifically for little kids. Among other things, Firefly has a 911 button on its side for emergencies and its battery isn't removable because, according to the company's CEO, kids put their tongues on batteries. 

Radiation

VOIP SECURITY

 

Vulnerability researchers Humberto Abdelnur, Radu State and Olivier Festor claimed the exploit could allow a remote attacker to turn a VoIP phone into an eavesdropping device, citing a Grandstream SIP phone as an example.

Session Initiation Protocol (SIP) devices can be vulnerable to eavesdropping. 2007
If you use SIP enabled VoIP services, beware. SIP is used by Voice over IP (VoIP) software and hardware to provide digital phone service directly over the Internet, thus bypassing the telcos' analog switched networks and related long-distance charges. Skype is a VoIP service that uses SIP, for one example, and many ISPs and third parties offer VoIP.
Listen to SIP Phones Even When They are on the Hook
Late last year it surfaced that the FBI has used cellphones as "roving bugs", listening to conversations even when the targeted cellphones were turned off. Now a post on the "full-disclosure" list has revealed that SIP devices can be similarly vulnerable to covert listening. The Australian IT security firm Snnet Beskerming has written a commentary about the implications. It writes: "The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability. Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution
board, though it's still illegal to do so."

WHY VOIP NEEDS CRYPTO Security impact of VoIP technology

Skype has been cracked - reverse engineered

NOW YOU CAN GET THE CRYPTO YOU NEED

 

 

Zfone, from Phil Zimmermann wraps voice over Internet Protocol (VoIP) calls in an additional layer of security. This is for the company that sells the phone.

Voylent  is a client for cellphones that encrypts voice conversations. The client has been tested only a few models, mainly Nokia S60 with Symbian OS. The full list of devices it runs on is included in the release notes & FAQ.

Can You Keep A Secret? Discussing Encryption in 1998

Federal Bureau of Investigation, are clashing with cyberlibertarians and powerful commercial interests over efforts to extend controls on so-called strong encryption to domestic uses.

 

First Trojan Spy for Symbian Phones

March 29, 2006
Today we heard of a rather interesting new Symbian malware application named Flexispy.A. It's a Symbian trojan spy that records information about the victim's phone calls and SMS messages, then sends them to a remote server. What makes this interesting is that Flexispy. A is a trojan spy written by a company for commercial reasons. The company claims that it's a useful tool for catching a cheating spouse. By installing the application on the phone they can monitor to whom the victim is calling and what SMS messages he or she is sending. The company even claims that Flexispy is not a trojan. However, this application installs itself without any kind of indication as to what it is. And when it is installed on the phone it completely hides itself from the user. So the application could easily be used by malware installing it as part of its payload, or a hacker could simply send it to a victim over Bluetooth and trust that there are enough curious people to install it.
Not to mention the fact that spying on people's private communication is illegal in most countries around the world. And the fact that all of the information is stored on the FlexiSpy servers, puts the company in a rather interesting light.
So yes, FlexiSpy is indeed a trojan and we have added the detection to our F-Secure Mobile Anti-Virus so that any user who has a phone that has been infected with this trojan will get a warning that someone is spying on them.

Whistle-Blower Outs NSA Spy Room

AT&T provided National Security Agency eavesdroppers with full access to its customers' phone calls, and shunted its customers' internet traffic to data-mining equipment installed in a secret room in its San Francisco switching center.On March 14, Zimmermann released a beta version of the widely  anticipated Zfone. The software is currently available only for OS X  (Tiger) and Linux, though a Windows version is due in April.
Zfone is designed to work with VoIP clients that use the industry standard SIP protocol, and has been tested with clients such as X- lite, Free World Dialup and Gizmo Project.

Researchers Crack Code In Cell Phones

by John Markoff Issue: Encryption : New York Times (D1,D5)
<http://www.nytimes.com/library/tech/98/04/biztech/articles/14phone.html>
Description: A group of Univ. of California computer researchers announced Monday that they had successfully cracked the world's most widely used encryption code that is designed to prevent the cloning of digital cellular phones. The researchers believe that the system, known as Group Speciale Mobile standard, or GSM, was deliberately weakened to permit government surveillance. GSM is used in about 80 million cellular phones around the world and in about 2 million phones in the U.S. The researchers broke the code by "using a computer to determine a secret identity number stored in the Subscriber Identity Module, or SIM, a credit cardlike device inside the phone." But what was even more interesting than the security threat, was that "the cracking code yielded a tantalizing hint that a digital key used by GSM may have been intentionally weakened during the design process to permit government agencies to eavesdrop on cellular telephone conversations." Both the researchers and officials from cellular phone companies said yesterday that the threat of cloning was "extremely remote" in comparison to the vulnerability of analog cellular phones. also see [source]

Record encryption puzzle cracked -- finally ZDNet

The broken encryption method is widely expected to secure next-generation wireless devices. But is the break such bad news?
By Robert Lemos, ZDNet News UPDATED April 14, 2000 7:06 AM PT
http://www.zdnet.com/zdnn/stories/News/0,4586,2542359,00.html
An encryption method widely expected to secure next-generation wireless phones and other devices succumbed to a brute-force collaborative effort to break it, a French research agency announced Thursday.
An international team of researchers -- led by crypto researcher Robert Harley of the French National Institute for Research in Computer Science and Control, or INRIA -- and other computer enthusiasts found the 108-bit key to a scrambled message after four months of number crunching by 9,500 computers worldwide.
<snip>

Easy Listening (for Big Brother) Brett Glass http://www.mercurycenter.com/premium/opinion/edit/CELLPHONES.htm Jun 12 2000
EASY LISTENING: Government must rewrite cell phone eavesdropping rules to provide judicial oversight and incorporate privacy concerns.
SIX years ago, Congress approved a bill to help law enforcement keep pace with the digital world. The purpose was straightforward: Make sure that the FBI and police hold onto the same kind of wiretapping capabilities they had before cellular phones complicated electronic surveillance.
Skip ahead to this month.
Within weeks, the government will have new powers to eavesdrop on you that go beyond maintaining the status quo. That's when the first set of defective rules crafted by the Federal Communications Commission is scheduled to be implemented. Others take effect next year.
The rules need to be revised. If not, law enforcement agencies will be able to follow and monitor cellular phone users in ways that Congress never envisioned. Here's one example: Investigators will be able to track the physical locations of cellular phone users, pinpointing your whereabouts at the beginning and end of every call. In essence, wireless phone systems will be transformed into giant tracking networks....

 

Pre Paid Mobile Phone

 

2006 Apparently China is planning on requiring mobile phone users to register with the operators and show their identity papers. The above article says it is "the latest move in the nation's fight against unsolicited advertisements, fake educational certificates and bank fraud via short messages." I'm sure here in the U.S. we can come up with a homeland security justification for needing to show papers before buying a prepaid mobile phone.  Can prepaid calling cards be next?

Pre-paid mobile phones
Tell them you don't want to give an address they will fill in the address of the store. The salesperson wants to make a sale, after all, not enforce pointless rules. Pointless because there is an anonymous aftermarket in prepaid phones and SIM cards. Buying a prepaid SIM card or even prepaid phone when you visit a country for more than a few days is a wise choice, considering both roaming charges and the cost of people to phone you at a foreign number. We are now starting to see kiosks to sell SIMs in the arrivals hall of some airports. However, it is reported that quite commonly hostels operate a cheap and anonymous used market in prepaid phones and cards, where people buy the cheap phone (perhaps $10 or so, more if there's airtime in it) and sell it back for a similar price. It makes sense for the cost conscious hostel guest. As long as these markets exist, "bad guys" will be able to get anonymous phones, and all this other tracking is a waste of time and invasion of privacy. And even if they should ban these markets, I doubt they would eliminate them, any more than they eliminate other black and gray markets in products people want.

Okay, so, we have all known cell phones are "dangerous" ~ Gadi Evron
Stepping out of the cellular protocols security and vendor-side systems, and forgetting for a second about interception of transmissions through the air, Trojan horses/worms that may install themselves on the cell phone and even bluetooth risks, there is the long talked of risk of "operating" a regular un-tampered cell phone from a far and the risk of modified devices.
Sorry for stating the obvious, but cell phones are transmitters.
For years now paranoid people and organizations claim that eavesdropping through a cell phone is a very valid risk. Much like somebody pressing "send" by mistake during a sensitive meeting is a very valid yet different risk.
Some of the stricter organizations ask you to do anything from (top to bottom) storing the cell phone in a safe, through shutting it off or removing the battery, and all the way to *only* "don't have that around here while we are in a meeting". Then again.. *most* haven't even heard of this risk.
Forgetting even this risk, many of us even ignore the obvious. I usually ask people who talk to me while I'm on the phone "even if the NSA (for example) is not interested in what I have to say or not capable of intercepting it and even that I don't care if they heard my conversations...  Should the person I talk to hear our conversation?"
Lately there seems to be some more awareness about the "dangers" of cell phones. Knowing which risk is more of a threat than the other is another issue.
It seems to me that other than in the protocols, where there has been a serious learning curve (and GPRS seems very promising), cellular companies keep doing the same mistakes, and we can see the security problems of the PC world reappearing in cell phones, much like those of the main frames re-appeared in PC's (to a level).
History repeated.  Heck, I can't even disable Java or the web browser in most cellular computers (we really should refer to them as computers now).
Here are some URL's on the subject:
Here is a product for sale, a cellular phone BUILT for eavesdropping:
http://wirelessimports.com/ProductDetail.asp?ProductID=347
Also, check out the IEEE Pervasive article that mentions this problem area, although discusses more the issue of malware:
http://csdl.computer.org/comp/mags/pc/2004/04/b4011abs.htm
Or Google for "symbian +virus", for example.

Cell phones won't keep your secrets August 30, 2006
http://www.cnn.com/2006/TECH/ptech/08/30/betrayed.byacellphone.ap/index.html The married man's girlfriend sent a text message to his cell phone: His wife was getting suspicious. Perhaps they should cool it for a few days. "So," she wrote, "I'll talk to u next week." "You want a break from me? Then fine," he wrote back.
Later, the married man bought a new phone. He sold his old one on eBay, at Internet auction, for $290. The guys who bought it now know his secret. The married man had followed the directions in his phone's manual to erase all his information, including lurid exchanges with his lover. But it wasn't enough.
Selling your old phone once you upgrade to a fancier model can be like handing over your diaries. All sorts of sensitive information pile up inside our cell phones, and deleting it may be more difficult than you think.
A popular practice among sellers, resetting the phone, often means sensitive information appears to have been erased. But it can be resurrected using specialized yet inexpensive software found on the Internet. A company, Trust Digital of McLean, Virginia, bought 10 different phones on eBay this summer to test phone-security tools it sells for businesses. The phones all were fairly sophisticated models capable of working with corporate e-mail systems. Curious software experts at Trust Digital resurrected information on nearly all the used phones, including the racy exchanges between guarded lovers.
The other phones contained:
* One company's plans to win a multimillion-dollar federal transportation contract.
* E-mails about another firm's $50,000 payment for a software license.
* Bank accounts and passwords.
* Details of prescriptions and receipts for one worker's utility
  payments.
The recovered information was equal to 27,000 pages -- a stack of printouts 8 feet high. "We found just a mountain of personal and corporate data," said Nick Magliato, Trust Digital's chief executive. Many of the phones were owned personally by the sellers but crammed with sensitive corporate information, underscoring the blurring of work and home. "They don't come with a warning label that says, 'Be careful.' The data on these phones is very important," Magliato said.
One phone surrendered the secrets of a chief executive at a small technology company in Silicon Valley. It included details of a pending deal with Adobe Systems Inc., and e-mail proposals from a potential Japanese partner: "If we want to be exclusive distributor in Japan, what kind of business terms you want?" asked the executive in Japan. Trust Digital surmised that the U.S. chief executive gave his old phone to a former roommate, who used it briefly then sold it for $400 on eBay. Researchers found e-mails covering different periods for bothmen, who used the same address until recently. Experts said giving away an old phone is commonplace. Consumers upgrade their cell phones on average about every 18 months. "Most people toss their phones after they're done; a lot of them give their old phones to family members or friends," said Miro Kazakoff, a researcher at Compete Inc. of Boston who follows mobile phone sales and trends. He said selling a used phone -- which sometimes can fetch hundreds of dollars -- is increasingly popular.
The 10 phones Trust Digital studied represented popular models from leading manufacturers. All the phones stored information on "flash" memory chips, the same technology found in digital cameras and some music players.
Flash memory is inexpensive and durable. But it is slow to erase information in ways that make it impossible to recover. So manufacturers compensate with methods that erase data less completely but don't make a phone seem sluggish.
Phone manufacturers usually provide instructions for safely deleting a customer's information, but it's not always convenient or easy to find. Research in Motion Ltd. has built into newer Blackberry phones an easy-to-use wipe program. Palm Inc., which makes the popular Treo phones, puts directions deep
within its Web site for what it calls a "zero out reset." It involves holding down three buttons simultaneously while pressing a fourth tiny button on the back of the phone. But it's so awkward to do that even Palm says it may take two people.   A Palm executive, Joe Fabris, said the company made the process deliberately clumsy because it doesn't want customers accidentally erasing their information.
Trust Digital resurrected erased e-mails and other information from a used Treo phone provided by The Associated Press for a demonstration after it was reset and appeared empty. Once the phone was reset using Palm's awkward "zero-out" technique, no information could be recovered. The AP already used that technique to protect data on its reporters' phones.
"The tools are out there" for hackers and thieves to rummage through deleted data on used phones, Trust Digital's chief technology officer,Norm Laudermilch, said. "It definitely does not take a Ph.D." Fabris, Palm's director of wireless solutions, said the company may warn customers in an upcoming newsletter about the risks of sellingtheir used phones after AP's inquiries. "It might behoove us to raise this issue," Fabris said. Dean Olmstead of Fresno, California, sold his Treo phone on eBay after using it six months. He didn't know about Palm's instructions to safely delete all his personal information. Now, he's worried. "I probably should have done that," Olmstead said. "Folks need to know this. I'm hoping my phone goes to a nice person." Guy Martin of Albuquerque, New Mexico, wasn't as concerned someone will snoop on his secrets. He also sold his Treo phone on eBay and didn't delete his information completely. "I'm not that kind of valuable person, so I'm not really worried,"   said Martin, who runs the www.imusteat.com Web site. "I guarantee that three-quarters of the people who buy these phones don't think about this."
Trust Digital found no evidence thieves or corporate spies are routinely buying used phones to mine them for secrets, Magliato said.   "I don't think the bad guys have figured this out yet." President Bush's former cybersecurity adviser, Howard Schmidt, carried up to four phones and e-mail devices -- and said he was always careful with them. To sanitize his older Blackberry devices, Schmidt would deliberately type his password incorrectly 11 times, which caused data on them to self-destruct. "People are just not aware how much they're exposing themselves,"   Schmidt said. "This is more than something you pick up and talk on.  This is your identity. There are people really looking to exploit this." Executives at Trust Digital agreed to review with AP the information extracted from the used phones on the condition AP would not identify the sellers or their employers. They also showed AP receipts from the Internet auctions in which they bought the 10 phones over the summer for prices between $192 and $400 each. Trust Digital said it intends to return all the phones to their original owners, and said it kept the recovered personal information on a single computer under lock and disconnected from its corporate network at its headquarters in northern Virginia. Peiter "Mudge" Zatko, a respected computer security expert, said phone owners should decide whether to auction their used equipment for a few hundred dollars -- and risk revealing their secrets -- or effectively toss their old phones under a large truck to dispose of them. What about a case like the Lothario whose affair Trust Digital discovered? "I'd run over the phone," Zatko said. "Maybe give it an acid bath."

Tracking anonymous peer-to-peer VoIP traffic over the Internet is possible (PDF). In fact, it can be done even if the parties have taken some steps to disguise the traffic.

From Cell phones to VoIP and law enforcement
Communications Assistance for Law Enforcement Act. CALEA, passed in 1994, gives the FBI the ability to easily tap landline and cell phone calls. As written, CALEA had originally included some exemptions for Internet-based systems, but the FBI convinced the Federal Communications Commission that they should not apply to VoIP traffic. As a result, VoIP operators in the US will need to make their systems wiretap friendly.Despite appearances, nothing we do on the Internet is truly anonymous.

IN A DISASTER CELL PHONE OR SATELLITE PHONE? IN A DISASTER YOU CANNOT TRUST CELL PHONES

 

 

 

 

The main problem is no communication connectivity and telecommunications will breakdown
Satellite phones work in emergencies, transmit calls through networks of low-earth-orbiting satellites technically capable of transmitting calls anywhere on earth, BUT they have the drawback of not working inside buildings and being much heavier and more expensive than cell phones. Trusting cell phones to work in many emergency situations can be dangerous or fatal.
Two firms -- Iridium and Globalstar -- dominate the satellite-phone market. Cell phones become useless from call traffic overloading, power cutoffs, microcell batteries running down within a couple of days, power failures can turn regional cellular networks into largely useless hardware in short order. Organizations should not depend on inexpensive cell phones rather than the expensive dedicated radio equipment. Newer satellite phones commonly sell for $1,000 to $1,500 dollars. Monthly calling plans aren't cheap either. Iridium subscribers typically pay between $1 and $1.50 a minute for air time. Globalstar's monthly rate plans range from $50 for 50 minutes to $550 for 4,000 minutes of air time.

Why cell phone outage reports are secret
Consumers have no idea how reliable their cell phone service will be when they buy a phone and sign a long-term contract. The Federal Communications Commission could offer some guidance, but it won't. The agency refuses to make public a detailed database of cell phone provider outages that it has maintained since 2004. A federal Freedom of Information Act request for the data, filed in August by MSNBC.com, has been rejected by the agency. The stated reasons: Release of the information could help terrorists plan attacks against the United States, and it would harm the companies  involved. [The  refusal to release the records "on the grounds it might harm the companies involved" is especially egregious and blatant. The feds are not  supposed to be protecting the telcos against their customers' legitimate grievances.]

Mark Woods secretary of the international cellular emergency alert  services association (CEASa)

When the DOD finally gets involved

Internet cellphones and Wireless Connections.
Walk-by talkers" stealing other people's bandwidth. Cell phones designed to make free or low-cost calls over the Net by taking advantage of "the hundreds of thousands of wireless access points deployed in cafes, parks, businesses and, most important, homes. A Belkin phone works with the Skype. Yahoo has launched a new mobile social-networking service called Mixd that gives groups of friends a Web site "where all the pictures, videos and messages sent through the phones will be posted for viewing later. Like other phone-based social services, Mixd is "centered on making it easy for (college kids) groups of friends to use text messaging as a way to organize a party, meet in a restaurant, attend a football game or arrange any other social activity. Yahoo expects users to form a lot of ad hoc groups around particular events, and use the service's 'reply-to-all' feature as way to communicate collectively.

LOCKED UNLOCK CELL PHONES

 

Step by Step guide to jailbreak and unlock IPone 3.0

Locked / Unlock Cell Phones Bob Frankston frankston.com
Date: January 14, 2007 Visual Voice Mail
Sometimes one has to say DUH. Of course you want to manage your message store and treat voice messages no differently from email and other messages in your message store. Its has also been obvious for decades that you want to use a smart surface with feedback. Might as well look at MMS and, for that matter, Bluetooth, to see the result of absolute power and design by committee.
The problem with voice mail is not the user interface its the fact that all we get is the user interface and we dont have access to an API that allows us to implement our own interfaces and management tools. This is the faade problem we tend to confuse the facade for the real thing.
This is why Ive complained in the past about the attempts to ban cell phones on airplanes the social agenda denies us the underlying  technology.
Today we talk about broadband competition because weve managed to use that problematic transport as a path for Internet packets. People now think that we have the Internet because of not despite broadband and the FCC is complicit in this delusion.
Some people even think that only a phone company can make a phone call. Maybe the iPod/iPhone is the perfect product for those who don't want to know they should be able to do it themselves. See Cap'n Crunch AKA John Draper Irony: Apple is back to phones again with the Iphone - understands business morals.

How do you get out of your current contract?
Sites help free cellphone users from contracts 1/1/07
Internet cottage industry of companies that help liberate people from their contracts. The websites, Celltradeusa.com , Resellular.com , and CellSwapper.com, provide online marketplaces where customers trying to get out of their contracts can connect with people willing to take over the remainder of their contracts, for a fraction of the typical $175 termination penalty. Customers post an online advertisement with the details of their contract, and any benefits they're willing to throw in -- such as a free Blackberry, a Bluetooth headset, or money toward the contract. The services charge $19.99 at Celltradeusa.com and $14.99 at Resellular.com to people trying seeking to get out of their contracts. CellSwapper.com is still a beta version. Once a person who wants to get out of a contract is matched with a person who wants to get in, the transfer must be made through the wireless provider. That type of transfer is already available to customers who call their providers and have a relative or friend willing to go through a credit check and legally take over the rest of the contract. But these Internet services allow people to look beyond their immediate friends and connect with a nationwide network of people.

Cell Phone Speed Test - verify Edge Speed

Big Brother Big Business - Invasion of Privacy New York businessman Adam Yuzuk's tells us how his personal cell phone records were repeatedly stolen. Private Eye veteran Ernie Rizzo explains how easy it is to obtain private cell phone records and much more.

About Us | Privacy Policy | | ©1997 Educational CyberPlayGround™ All rights reserved world wide.