Cyberphobia: Identity, Trust, Security and the Internet by Edward Lucas
Author:Edward Lucas [Lucas, Edward]
Language: eng
Format: epub
ISBN: 9781408850138
Publisher: Bloomsbury Publishing
Published: 2015-08-26T22:00:00+00:00
7
The Spy in Your Pocket
The mobile phone enables probably the most sophisticated and pervasive attacks on privacy and anonymity yet invented. The benefit is greatest for governments. If you can use the force of law to gain access to the phone company’s computers, your target’s phone is a tracking beacon, pinpointing his exact whereabouts. With a few simple tweaks it can also be a microphone picking up his conversation. With more sophisticated means it can be a way of infecting any computer he is close to. It does not even matter if the victim switches off his phone, so long as he does not remove the battery.*
John Bayliss, a former senior official at Britain’s GCHQ spy agency who is now a security consultant, tours conferences to give an eye-popping demonstration of what is possible even with commercially available products. He starts by showing how a phone can be turned on remotely, giving no sign that the microphone is live. It can either transmit what it picks up via a phone call, or (on some devices) record it and e-mail it secretly to the person organising the bugging. At a presentation in London, I watched Mr Bayliss, an amiable, rotund figure with a mop of unruly grey hair, pass a phone to a member of the audience. He asked him to check it was switched off, and then to speak quietly into it. The audience member’s voice blasted from a speaker on the stage. Next he showed how he can track his wife’s movements, using a commercially available product designed to help locate stolen phones. He installs it on his wife’s phone, but disables the feature that tells her that it is installed. As far as she is concerned, her phone is operating as normal. But Mr Bayliss can see her movements on his computer whenever he likes.
This software requires regular authorisation, sent by text message. But Mrs Bayliss never gets those messages. Her husband has set up another piece of software which diverts messages to him first. He then decides whether to forward them on to her. He can also read her outgoing messages, which are forwarded to him for review. Again, she will not notice anything, except perhaps a slight delay. If Mr Bayliss forgets to forward an SMS, she will blame the phone company. We do not expect our electronic devices to be completely reliable. Mr Bayliss has one more feature installed – every time his wife’s phone makes or receives a call, he gets an SMS telling him about it.
Mr Bayliss concludes his demonstration of wizardry by confessing that he does not actually do this to his wife. But he stresses that none of his exploits involve secret, advanced software of the kind that is available to his former employer, GCHQ. It is all possible using off-the-shelf commercial products. The only hurdle for the attacker is to get it installed on the target’s phone. This can be delivered by sending a picture, or even a doctored text message.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(6631)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(6354)
Machine Learning Security Principles by John Paul Mueller(6326)
Attacking and Exploiting Modern Web Applications by Simone Onofri & Donato Onofri(5995)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(5957)
Solidity Programming Essentials by Ritesh Modi(4066)
Microsoft 365 Security, Compliance, and Identity Administration by Peter Rising(3709)
Operationalizing Threat Intelligence by Joseph Opacki Kyle Wilhoit(3438)
Mastering Python for Networking and Security by José Manuel Ortega(3362)
Future Crimes by Marc Goodman(3351)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Blockchain Basics by Daniel Drescher(3308)
Learn Computer Forensics - Second Edition by William Oettinger(3195)
Incident Response with Threat Intelligence by Roberto Martínez(2926)
Mobile App Reverse Engineering by Abhinav Mishra(2889)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2873)
The Code Book by Simon Singh(2837)
Building a Next-Gen SOC with IBM QRadar: Accelerate your security operations and detect cyber threats effectively by Ashish M Kothekar(2810)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2787)
