Assange: 'iPhone, BlackBerry, Gmail users - you're all screwed' Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge, said a representative from the Bureau of Investigative Journalism at a panel chaired by Julian Assange™ today. Companies also sell products that will let them change the messages you write, track your location and nick …
I'd say you were mistaken in that you never took any actual snaps of MI6.
I've done this myself: I have sworn that I'd saved a snap but it just wasn't actually committed to the SD card.
I'm mega-paranoid myself but I don't believe that MI6 CARE who photographs their building nor do I reckon they can do what you are suggesting.
MI6 sure are cunning at hiding their address.
Anyway, what's more likely here?
a) MI6 can remotely force your camera phone (running gawd knows what variant of firmware) to delete and resequence the shot numbers to cover its tracks.
or
b) You didn't hold down the shutter button long enough.
If they let their building be filmed in goodness knows how many Hollywood blockbusers, I hardly doubt a tourist with a camera phone is going to bother them.
FFS.
What happened there is...you've made it up - either deliberately or not.
Many years ago I went to a talk by Mark Thomas and his production team, although he didn't turn up in the end, it was just his team. They sat and told a room full of people about how "the man" could do all these things with your phone which, from several years working in mobile telecommunications for some of the worlds biggest handset manufacturers, I realised was completely untrue. People were audibly gasping at the thought of this big brother state, which didn't exist. People have been spreading this crap for years, everyone loves a conspiracy because real life is far more dull.
Which is more likely:
1) Governments employ teams of Jack Bauers, Edgars and Chloes who can hack into any computer, phone or security camera any time and perform miracles of surveillance on anyone anywhere in the world.
or...
2) Like any other large organisation, they are bogged down in unmanageable processes, faulty equipment, layers of management trying to save their own jobs, and general ineptness by a disinterested workforce.
Governments can't even pull off outsourcing NHS IT contracts for gods sake, the idea that "they" are watching you all the time is total fantasy.
Har har har.
All of your responses are quite understandable, however, there was no malfunction or problem with my operation of the camera, in fact I took more shots of that building than any other landmark, probably 10-20 at least as we passed the building in both directions. In between the two times we passed Vaxhaul Cross I took several shots of the O2 arena and they were all present and correct.
What I've posted is the simple fact of what happened, to this day I have no reasonable explanation for what happened to those shots or why, but I know that I took them.
Since you did no maloperation and it is highly unlikely that the MI6 was fiddling your phone there remains only one explanation: the MI6 deployed to newest über-tech to spin your mind into believing that you actually took pictures of its building.
If I'm right, this comment should never appear - because MI6 just made me believe that I wrote this. If it is being published, well, have a second thought about maloperation...
After taking the photos you left your cámera with the button - or combination of buttons- for erasing photos pressed. It secuentially erased your photos till you moved the camera again, probably a few seconds later.
Something like this happened to me a few years ago with several addresses in my non-smart-phone.
Now, I wouldn't totally discard your explanation, given what I've read on the subject.
The part that really pisses me off is the way the sheeple give away their privacy without a second thought in exchange for using some shitty app or belonging to some shitty social network, because "it's free".
I know that trying to "educate the masses" is like sowing sausages -lots of work, and success is not totally guaranteed ^_^ - but it's our only hope.
@Allan George Dyer
Sorry but Spooks shows the wrong building as HQ of the 'domestic' service. Spooks shows a law office and grand masonic lodge. Just like half the buildings in the last series where Harry meets somebody in a quiet London location, which turns out to be Greenwich University Campus - the old RN Maritime buildings.
Try navigating by street view near Millbank looking for a road with a prickly name. Look out for the fast-rise/fall bollards by the car entrance and the armed guard. That's where it actually is!
or tell me something I don't know.
Gmail emails like any other email can be intercepted, or just passed on by the service providers to third parties.
Certain features of mobile devices have been used by service providers and device manufacturers to monitor and record "certain" device functions. So it is common knowledge that a mobile device can spy on the user or at least it should be.
The real news would be in the proof that the Illuminati actually exist and are in a concerted effort, along with the assistance of service providers and device makers, to monitor the content of every email and the communications of every device user in order to manipulate the masses into acceptance of the Status Quo.
Still, it isn't unwise to learn how a device works and what it does by itself either during start up or as a background task and be able to change that behaviour, should you so wish, before entrusting it with information you would not want shared. The simple fact that such a device *could* leak information without the users knowledge or approval is a security risk and should be mitigated before the device is used.
Unfortunately learning how a device OS works and being able to alter the behaviour of that OS is often beyond the abilities of the average consumer that use these devices. So they *could* in the future be "screwed". Unless of course legislation saves them.
As for IT professionals, especially those in the security field there is no excuse, you can save yourselves by either rooting your iPhone or move to Android or another OSS and gain FULL control over your device. Until you gain that control, the simple fact is...Your device is a security risk.
All devices are security risks. Millions of things are security risks. The point is not that they are a risk, but how to handle them and make yourself aware of that risk. If you wrote your email on a computer with a chip in it, or with certain toolbars installed, chances are that you're less safe than your smartphone anyway.
I use GMail, for personal email. I use a mobile phone, for personal conversations. I use Facebook, for posting select information. I don't have anything that I wouldn't show a court on demand, so it's not really a problem.
The simple fact is that almost all my emails are interceptable and readable, and not just by governments. I know that. I'm not stupid. My text messages are inherently insecure too. My phone calls. Faxes I send. All of them insecure and incredibly easy to be tapped by a determined entity. Worrying that GMail might be intercepted by a program on my Android phone is a little pointless in the face of that, even if it's by a commercial entity. If I was that worried, I'd not be using anything with that capability anyway (i.e. no smartphones at all).
But the stuff that matters, that's where you need to look at risks, not the stuff that doesn't. My credit card info is only stored at my bank and the vendors that I deal with. Thus it's not "high-risk" unless I'm stupid enough to email them my card number (or they do the same back to me). But even my bank transactions are not free from risk - credit card fraud is easy, key-snooping is simple, governments and law enforcement have COMPLETE access to my financial details if they want (not by my request, but just the way that things work). Anything in my email account may need to be produced to a court of law on demand. Even my computer isn't "safe".
That's the point here - you can worry about the stupid things that you can't avoid or you can worry about the important things that you can avoid. If you want to send some "super-secret" information in a way that your government won't know about it or be able to trace you, it's not easy but it is possible if you use your brain. If you want to send an email to your mate, it's not really that important who reads it.
However, if you use any device that you don't have the entire electrical specifications for, that hasn't been verified by you personally to meet those specifications, wasn't assembled in a clean-room with components that you've personally verified and watched all the way, doesn't have a completely open firmware with source code that you've compiled double with two different compilers (which you should compile each other with too) and compared the output to ensure rogue code isn't inserted, where you've verified every binary bit of the end product, then you *CAN'T* be safe. Basically, for all practical purposes, none of the above will ever happen for anything you buy in a shop. So it's game over unless you want to sit with your tin-foil hat hand-assembling transistors for the next decade.
And a government, or even a corporate entity, that reads my email, or even taps every byte of my home connection, wouldn't be unusual at all even in a first-world country (it only takes a suspicion of links to terrorism and a court order, even if you require them to do it legally) and they would get bored incredibly quickly. No, they shouldn't be doing it, but the point is that it takes seconds and you could be monitored now. Some crappy app on your smartphone is hardly the end of the world in comparison, and completely defeated by you a) not using it or b) at least not using it for anything you want to stay private.
Risk is a sliding scale of impact on me, consequence on others and chance. There's a risk that GMail will publish my entire inbox to the world next Tuesday and I'll be on the news. It would have virtually zero impact, but huge consequences for others and the chance is INCREDIBLY low. There's a risk that a smartphone is broadcasting my emails and location to a company in the US. It would have virtually zero impact, huge consequences for others and the chance is slightly higher. In terms of how you use those items (i.e. to communicate with people in foreign countries), there's probably no better way in the entire world though, than to trust GMail / smartphones.
That said, I don't use smartphones. Not for any privacy risk but because I really don't want to spend huge amounts of time managing yet-another-computer when all I need is a connection to a mobile network. Impact on my time to use a smartphone is high, consequences for others is zero, risk of something going titsup is high. It's a worse deal.
There is legislation in place for companies that abuse privileges (and these key-tapping smartphones aren't in Britain, probably because of our Phorm issues and the associated court cases) and that's the best you can do.
Everything's a risk. But not everything that avoids that risk is worth the time, effort and money to do so.
I really should buy shares in the tinfoil industry.
"Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge"
I've never understood this assertion. A good photo can't be taken from a device that's being waved around, tapped, swiped, or tucked into one's pocket. Nor will you get a great shot from a phone that's jiggling about in a cheap in-car phone holder.
Any photos an intelligence operative got from my phone would be blurry and shite. Or dark and pointless as my iPhone spends most of its life either in my pocket, or staring face-up at my living room ceiling while it's charging.
I'd imagine most phones would provide similarly pointless results.
Now, GPS location tracking is a possibility, but GPS chips are quite the drain on any phone's batteries and most people tend to switch it off when they're not using it. It's also highly unlikely that any phone will actually *get* a GPS signal when it's in a pocket and indoors (as I usually am). At best, you could log GPS usage on the device and upload a list of locations when needed. I'm not that bothered about this: I can drive from London to Rome entirely unaided—I've a very good sense of direction—so I use GPS extremely rarely.
And, of course, I switch my phone off if I'm driving across borders anyway as I'd only get irritated by the repeated "Welcome to country X" SMS messages informing me of their usurious roaming rates.
If you're particularly paranoid about GPS tracking, just learn to read a map. It's not *that* hard.
If you really do find it particularly difficult to remember a route in map form—i.e. you have poor spatial navigation skills—there's a wonderful invention called "signposts". I heartily recommend this ancient technology: reading these "signposts" means you can drive any arbitrary route by simply making an initial list of key towns and cities along the way. Follow the signs for the first destination on the list. As you approach that destination, you'll start seeing signs for the next destination on the list, so you switch to following those signs instead. Repeat until you've run out of list.
Not much you can do about cellphone mast triangulation, but that's not exactly accurate. Consumer-grade GPS is a bit vague too, so it's not a 100% reliable source of data for a court case. (The GPS signal on my iPhone right now thinks I'm actually sitting in the middle of a car park over 150 metres away from my apartment. GPS and narrow valleys are not a great combination.)
Granted, keylogging and the like aren't easy to circumvent, but that level of surveillance requires either a root kit installed with the OS (hello Carrier IQ), direct physical access (in which case, all bets are off), or some form of third-party trojan installed through an insecure channel. Say what you will about Apple's curation processes, but while they may not be 100% foolproof, they're still a substantial barrier.
"We're seeing increasingly wholesale monitoring of entire populations with no suspicion of wrongdoing – the data is being monitored and stored in the hope that it might one day be useful."
Well YES... what do they think GCHQ and the NRO have been doing all these years?
These are just new methods for the same old thing.
Sad but true.
This post has been deleted by its author
It'd be nice if some clever developer could write an app that would deport Assange to Sweden, or at least back to Australia. I'm far more worried that the combined forces of law and order in two European countries can't seem to achieve that one simple thing than I am about my mobile phone spying on me.
It's actually not that crazy to think that you could get useful photos.
First, there are the photos people take of -themselves- - at some tourist trap, playing with their kids, etc. But there are also plenty of times your phone *isn't* in your pocket or against your ear - I'll charge my blackberry at my desk, occasionally, so there it'll sit, pointing up at the ceiling. Or maybe propped up against the computer if there's something big I need to put in its usual area. Voila, perfect photo op.
Or you hand your phone to someone so they can look at some picture / read some email... mostly the camera will be facing down, but there'll be moments where it isn't.
So, it would take some effort, but you could certainly get a good picture of someone with some patience. And a whole LOT of good pictures of the people who happen to be around them, standing to the right - and depending on the organization you belong to, that might be worth even more!
I'm not sure how likely I rate this stuff as being, but it doesn't seem blatantly impossible on its surface.
That said, this stuff has to be installed by your carrier, or someone else with physical access, like your cat, right? It's not like Numbnut Marketing from Wallawalla, Washington can just pay five grand for some software and start the knuckle-cracking and cackling as they find out that you like potted begonias, motorsports, pleated trousers, and progressive trance, and therefore determine that they should sell your information to Toyota since you're much more likely to buy an Avalon - probably with the V6 and premium package - than a Sonata.
So, you can go the uber-tinfoil way, and say it's the government insisting on having this access. But if that were the case, we wouldn't hear about it. The government is bad at many things, but if it's -really important-, it gets done right. So I doubt that's it, unless they just don't -care- if they're caught.
Or you can go the other way, and say that the service providers deliberately allow arbitrary companies to access any and all of your most personal data, and watch you in your own house. That's a huge risk for what would have to be relatively small compensation. And why would BlackBerry allow this? Their whole model is based on corporate security; this would be utterly devastating (well, to the extent that they can be further-devastated).
It all seems quite strange. Granted, people have done pretty irrational stuff before, but this would be a hell of a big project, with a lot of people involved, to have it been driven purely by insanity.
Let's just switch this round for the "if you have nothing to hide you have nothing to fear" crowd
Ask these companies to go public on what information the collect, how they store it, who they give/sell it to and how long they keep it.
After all, they are going to tell you because "if THEY have nothing to hide, then THEY should have nothing to fear"
Not getting a response? then I guess they do have something to hide, and something to fear!
...and admittedly some of the claims are, shall we say, eminently mockable, but... the capability to compromise a mobile phone and use it to monitor conversations (even in standby) is quite real. A few years ago all government departments in the land I shall codename Dow Nunder quietly installed lockers outside their secure meeting facilities (depositing mobiles prior to meetings, for the use of). Prior to this ruling mobiles were permitted in (most) meeting rooms as long as they were turned off.
As far as gmail is concerned, for the really paranoid ones, pgp (gpg) is the savior. Email client such as mutt, alpine vm (rmail) from the emacs, thunderbird/kmail or any decent client will also work. Or just install postfix+spamassassin ....
Not sure, why specifically gmail? Not yahoo/hotmail or others?
It's called iPhone auto-correct and is the cause of most SMS related awkwardness in history!
Son: WORST DAY EVER
Son: Bring some scissors over. Robby got his cum in my hair.
Mom: It's ok. I have had so much cum in my hair. I don't have to cut it. Just wash it.
Son: I meant GUM mom. GUM.
Son: Now I'm gonna throw up!
Mom: I will be over in 2 mins
... and I'm confused as to how they work. To me, the correction in the current example would be cum>gum, not gum>cum, so how does this autocorrect work. What sort of dictionary does it have - a very complete one, presumably!
Disclosure: I do not use text-guessing on any of my communications devices, and it may be a bigger problem than the iPhone, for all I know.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
