Even Powering Down A Cell Phone Can't Keep The NSA From Tracking Its Location

from the making-a-strong-case-for-Snowden's-fridge-logic dept

We know how much information the NSA can grab in terms of cell phone usage -- namely, calls made and received and length of conversations, along with phone and phone card metadata like IMSI and IMEI numbers. It can even grab location data, although for some reason, it claims it never does. (No matter, plenty of law enforcement agencies like gathering location data, so it's not like that information is going to waste [bleak approximation of laughter]).



According to Ryan Gallagher at Slate, the NSA, along with other agencies, are able to something most would feel to be improbable, if not impossible: track the location of cell phones even if they're turned off.

On Monday, the Washington Post published a story focusing on how massively the NSA has grown since the 9/11 attacks. Buried within it, there was a small but striking detail: By September 2004, the NSA had developed a technique that was dubbed “The Find” by special operations officers. The technique, the Post reports, was used in Iraq and “enabled the agency to find cellphones even when they were turned off.” This helped identify “thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq,” according to members of the special operations unit interviewed by the Post.

In 2006, it was reported that the FBI had deployed spyware to infect suspects’ mobile phones and record data even when they were turned off... In 2009, thousands of BlackBerry users in the United Arab Emirates were targeted with spyware that was disguised as a legitimate update. The update drained users’ batteries and was eventually exposed by researchers, who identified that it had apparently been designed by U.S. firm SS8, which sells “lawful interception” tools to help governments conduct surveillance of communications.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Normally, turning a cell phone off cuts the connection to towers, effectively taking it off the grid and making it only traceable to the last point it was connected. The Post article doesn't explain exactly how the NSA accomplishes it, but other incidents over the past half-decade offer a few indications of how this might be done.The FBI's use, in which cell phones' microphones were remotely activated to record conversations (even with the phones turned off), probably had some bearing on Snowden's request that journalists power down their phones and place them in the fridge According to Gallagher, the NSAbe using mass updates to infect phones of targets overseas (and presumably, any "non-targets" applying the same faux update). This would be difficult, but not impossible, and considering what we've learned about the NSA's far-reaching surveillance net, certainly not implausible. A couple of details in support of that theory:First, two telcos that provide service to millions of cell phone users are known to be overly cooperative with intelligence agencies. You may recall the fact that Verizon and AT&T notably did not sign the collective letter asking the government to allow affected companies to release information on government requests for data. Given this background, it's not unimaginable that Verizon and AT&T would accommodate the NSA (and FBI) if it wished to use their update systems to push these trojans.Add to this the fact that Microsoft and others have allowed intelligence agencies early access to security flaws , allowing them to exploit these for a certain length of time before informing the public and patching the holes. Add these two together and you've got the means and the opportunity to serve snooping malware to millions of unsuspecting cell phone users.Sparing usage, properly targeted isn't really an issue. But if updates containing spyware have been pushed to the thousands of non-targeted individuals just to ensure the targets are included, it becomes more problematic, and the track record of the two agencies who have used this technology is far from pristine.

Filed Under: fbi, mobile phones, nsa, nsa surveillance, surveillance, tracking, trojans