December 5th, 2006

headshot

Remotely Eavesdropping on Cell Phone Microphones

Bruce Schneier (syndicated on LJ as bruce_schneier) has an interesting article in his security blog today dealing with using cell phone microphones to enable remote eavesdropping:
Remotely Eavesdropping on Cell Phone Microphones

I give a talk called "The Future of Privacy," where I talk about current and future technological developments that erode our privacy. One of the things I talk about is auditory eavesdropping, and I hypothesize that a cell phone microphone could be turned on surreptitiously and remotely.

I never had any actual evidence one way or the other, but the technique has surfaced in an organized crime prosecution:
The surveillance technique came to light in an opinion published this week by U.S. District Judge Lewis Kaplan. He ruled that the "roving bug" was legal because federal wiretapping law is broad enough to permit eavesdropping even of conversations that take place near a suspect's cell phone.

Kaplan's opinion said that the eavesdropping technique "functioned whether the phone was powered on or off." Some handsets can't be fully powered down without removing the battery; for instance, some Nokia models will wake up when turned off if an alarm is set.
Read more....
It appears that the government probably forced a download to Ardito's phone (without his knowledge) that allowed them to turn his phone's microphone on and off at will.

I'm not going to make much comment on this other than to say it's interesting and point out the double-edged nature of the technology. Technology like this can obviously be a great help to law enforcement agencies. Technology like this can also obviously be a great threat to individual privacy.