Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/24/2013
10:54 AM
50%
50%

Can The NSA Really Track Turned-Off Cellphones?

It depends on semantics, security experts say. What's clear is that surveillance is becoming much more sophisticated.

Or for more proactive surveillance, someone could plant a bug on a phone. "The best way to track an 'off' phone is to -- secretly -- install a chip, connected to the phone's battery supply," Graham said. "Thus, even when the phone is 'off,' that added chip would still be 'on.' In this case, it's not really the phone itself that's being tracked, but that chip. As long as you had a battery, the same tracking technique would work for portable laptops, your shoe or even a gun." The Federal Bureau of Alcohol, Tobacco, and Firearms (ATF) attempted to use this technique as part of its Operation Fast and Furious gun-tracking program, "but the batteries drained too fast," Graham said. Obviously, secreting a chip on a phone, which needs to be regularly recharged by its user, would help avoid that type of problem.

But old phones may not actually turn off, even if they appear to be powered down. For example, Graham said many old "feature phones," even when they were switched off, would have a baseband processor power up every 10 minutes or so to retrieve SMS messages, but not phone calls. "The moral of this is that just because you define the phone as 'off' doesn't mean that it's 100% completely 'off' all the time," he said.

An intelligence agency that could exploit this technological caveat, of course, would be able to track targets without their knowledge, as the Post story makes clear. And thus an entire intelligence ecosystem grew up around related data-collection practices, fed in part by the NSA embedding so-called "tactical cryptologic support teams" within military units and tasking them with collecting data during missions.

Another program, dubbed the Geolocation Cell, or Geo Cell, involved a combined team from the NSA and the National Geospatial-Intelligence Agency. Its purpose was to track targets in real time -- motto: "We Track 'Em, You Whack 'Em" -- so they could be killed using drones.

Grisly stuff, but what about for the rest of us -- meaning, anyone who's not an Iraqi insurgent or suspected terrorist? Numerous NSA surveillance programs have recently come to light thanks to the leaks by former agency contractor Edward Snowden, a Booz Allen Hamilton employee who worked at an agency facility in Hawaii that processes intelligence from around the Pacific Rim. Some of the thousands of documents he removed reveal a panoply of obscurely named, and overlapping, surveillance programs with names such as PRISM (audio, email and video interception), Mainway (traffic analysis of cell phone calls), Marina (Internet traffic analysis) and Nucleon (telephone content interception). Do you now have to worry about the NSA being able to track you even when the cell phone in your pocket has supposedly been powered down?

Predictably, White House and intelligence officials argue that the NSA's surveillance programs are both lawful and designed to avoid collecting data on U.S. residents. Civil liberties advocates, however, have criticized the agency's approach of collecting all possible data, then using search algorithms to attempt to avoid retrieving information about Americans.

But the scale of the data collection and potential for abuse should give us pause. Furthermore, if the NSA can apply its advanced skills to intercept this type of data, it could presage more mundane efforts by companies to track consumers. To wit, the Economist recently reported that Nordstrom was testing a Wi-Fi tracking system from Euclid Analytics, designed to track shoppers who enter or pass by 17 of their stores. The system works by passively watching for smartphones' and laptops' Wi-Fi beacons, thus tracking people without their devices even logging into a store-controlled Wi-Fi network.

Nordstrom posted a public notice near its stores saying that people might be tracked via their smartphones. But should such practices be allowed -- warning or no? And how far of a step is it for retailers to amass data not just about consumers via Wi-Fi, but also about their digital wallets? Tracking people via their smartphones is no less ominous when it's being practiced by a retailer instead of the NSA.

In today's enterprise, the endpoint could be any number of devices operating in any number of locations. With endpoint technology changing so rapidly, what's the best approach to building an effective, enforceable endpoint security strategy that works across the enterprise? Download our Building And Enforcing An Endpoint Security Strategy report today. (Free registration required.)

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Cara Latham
50%
50%
Cara Latham,
User Rank: Apprentice
7/25/2013 | 1:38:18 PM
re: Can The NSA Really Track Turned-Off Cellphones?
The difference between retailers accessing my smartphone -- and only providing warning -- and the government accessing my phone is that I can choose whether or not to enter Nordstrom and be subjected to it. While I am certain that I am not doing anything that would set off alarms at the NSA, CIA, or any governmental agencies, the fact that the government can still have access to my phone without my having a say is unsettling.
Alex Kane Rudansky
50%
50%
Alex Kane Rudansky,
User Rank: Apprentice
7/25/2013 | 5:02:01 PM
re: Can The NSA Really Track Turned-Off Cellphones?
Cara, I agree. The element of choice is significant. While most Americans have nothing to hide, the idea that we have no control over what the government can access is concerning. Nordstrom's tracking is still concerning, but at least consumers can opt out.
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
7/27/2013 | 10:36:38 AM
re: Can The NSA Really Track Turned-Off Cellphones?
Your interpretation of "doing something wrong" may fall inline with the popular definition, but governments consider things "wrong" for quite many reasons. I leave it up to you to spin that thought further on.
Cara Latham
50%
50%
Cara Latham,
User Rank: Apprentice
7/28/2013 | 2:56:43 PM
re: Can The NSA Really Track Turned-Off Cellphones?
Exactly why their access -- or the potential they have to access it -- is worrisome.
Councillor CarlC174
50%
50%
Councillor CarlC174,
User Rank: Apprentice
12/11/2014 | 3:20:36 AM
re: Can The NSA Really Track Turned-Off Cellphones?
There is a seperate battery which runs the GPS system on most phones, with the technology now days it is easy to find a phone that is turned off even with the battery out as GPS battery much harder to remove.

My advice leave your phone at home.
Rick_in_WV2day
50%
50%
Rick_in_WV2day,
User Rank: Apprentice
7/25/2013 | 2:05:45 PM
re: Can The NSA Really Track Turned-Off Cellphones?
Even if your cell phone is turned of its still emitting a signal. So are your rfid chips in credit cards. 1984 just came a little too late but it's here to stay...
MyW0r1d
50%
50%
MyW0r1d,
User Rank: Apprentice
7/25/2013 | 4:50:13 PM
re: Can The NSA Really Track Turned-Off Cellphones?
From the point of view of dropping added chips in a cell phone, sealed phones like the iPhone certainly make doing so much more time consuming. They also make removing the battery (ensuring off means off) logically impossible. Next DLP step to avoid corporate espionage, check your iPhones at the door before entering company strategy meetings. Wouldn't it be nice to have a meeting once again with everyone focused rather than distracted by texting, catching the latest news on their phone or forgetting to turn on the mute features?
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
7/27/2013 | 10:34:49 AM
re: Can The NSA Really Track Turned-Off Cellphones?
There is still the option to take a hammer. Any iPhone will be off for sure after that.
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
7/25/2013 | 6:29:38 PM
re: Can The NSA Really Track Turned-Off Cellphones?
This could have come in handy when I lost my cellphone last week.

Jim Donahue
Managing Editor
InformationWeek
justanotherengineer
50%
50%
justanotherengineer,
User Rank: Apprentice
8/1/2013 | 6:30:18 PM
re: Can The NSA Really Track Turned-Off Cellphones?
Combine this with the recent 'apps' that use the accelerometer to determine when to take some pictures, and record some sounds (aka PlaceRaider) . . . and you have the ultimate in surveillance. People who voluntarily bug themselves.
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Ericka Chickowski, Contributing Writer,  12/2/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19647
PUBLISHED: 2019-12-09
radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.
CVE-2019-19648
PUBLISHED: 2019-12-09
In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.
CVE-2019-19642
PUBLISHED: 2019-12-08
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareNa...
CVE-2019-19637
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19638
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.