Is my cell phone bugged? – What is the likelyhood, who would do it, and how can they can get away with it?
Kevin D. Murray
Introduction to smartphone security
The level of privacy you experience is inversely proportional to the amount of time and money an eavesdropper can devote to spying on you, plus the value of what he/she can learn through surveillance. This value may be anything from multimillion-dollar business secrets to a divorce strategy to the desire to satisfy prurient interests.
Unfortunately, it is not only your cell phone that puts your privacy at risk. Consider the many other ways you communicate without wires. If you are reading this, you probably use at least two of these wireless devices regularly:
• Cellular phone (GSM, CDMA, with SMS/MMS capabilities) (Note that for simplicity, all wireless public telephone system phones are referred to as ‘cellular/cell phones.’ Short-range, wireless extensions to business and residential telephone lines are referred to as ‘cordless phones.’)
• Home cordless phone (analog, digital spreadspectrum, DECT, etc.)
• In-transit airline and ocean liner phone (Picocell via satellite link)
• Personal microcell phone (used at some corporate campuses)
• Satellite phone
• VoIP Wi-Fi phone software (on laptops, cell phones, or tablet devices)
• Bluetooth® cordless phone, speakerphone, and accessories
• Cordless headset
Each of these technologies has its own set of vulnerabilities. Fortunately, the privacy precautions and security techniques can be applied to counter just about all of them.
To enhance your cell phone privacy, you need to take the following steps:
• Demystify the technical aspects of wireless communications. You need to understand what can happen, what can\’t happen, and what is happening.
• Separate the facts from the fiction. For example: No, there is no phone number you can dial to see if your phone is bugged or wiretapped. This is an urban legend that at one point had a tiny grain of truth to it—before the phone companies changed over to electronic switching in the 1970s and 1980s.
• Consider some of the not-so-obvious possibilities. While a bugged cell phone is a very real possibility, it is not the only way someone can learn about your activities.
• Mix in some common sense. (BTW – Searching for mobile phone spyware on your phone is not the best first step toward solving the problem.)
• Create security checklists. Follow the generally accepted security rules. The primary rule is: Use a password to lock your phone and keep it secret. This alone one will reduce your security loopholes and help ensure increased privacy in your communications.
Let\’s ask a few important questions.
How Likely Is It That Someone Is Listening to Your Phone Calls?
It\’s hard to say. The type of phone you use and the importance of your calls (as perceived by nosy neighbors, spouses or significant others, business competitors, law enforcement agencies, etc.) contribute to the likelihood of your call being a target for eavesdropping. Also, eavesdropping is time-consuming and it is costly. These elements all factor into the probability of you being a target.
Also keep in mind that eavesdroppers thrive on information. To them, information means either power, money, or some sort of enjoyment. That\’s their reward. Thus, our obvious first tip is . . .
Tip - The less information you give them, the sooner they will get bored and move on.
What About Law Enforcement ?
For law enforcement agencies to legally eavesdrop, they must follow certain procedures laid out by law. Often they must also follow additional strict internal guidelines before they are allowed to tap into a phone call. Unless you are really interesting from their perspective, you will not be on their list of usual suspects—and so they should not be on your list of usual suspects. The days of rogue phone taps by cops and ‘my buddy at the phone company’ are pretty much over.
By the way . . . if you are concerned that you\’re the target of a legal, court-ordered wiretap, assume that your communications may be intercepted. The Communications Assistance for Law Enforcement Act of 1994 (CALEA) mandated that all U.S. phone companies modify their equipment to make legal wiretapping easy. The end result is that, with a few keystrokes, any call may be easily monitored. This monitoring does not change the physical or electrical characteristics of the phone (wired or wireless); thus it is undetectable by the user no matter what type of mobile or landline communications device he/she is using.
If surveillance by a government agency is your concern, there is not much you can do to thwart the effort other than keep your mouth shut. You need to read Dr. Dorothy E. Denning\’s ‘Wiretap Laws and Procedures: What Happens When the U.S. Government Taps a Line.’ You can find it at various locations on the Internet.
Although it was written some years ago, much of the information in this white paper remains pertinent today.
‘Illegal eavesdropping is outrageous. There ought to be a law!’
There are laws—several of them. Eavesdropping by private individuals on any telephone call is illegal in the United States, with very few exceptions. But do these laws help? A little. Still, the deck is stacked against you. Analyzing the key issues involved in protecting your privacy will help you understand why:
• Availability. Bugging devices and spyware that would have made James Bond and Q giddy just ten years ago are now commonplace items. Today, Bond\’s toys are available to everyone. If a wouldbe spy has a computer, a credit card, and Internet access, he/she can shop from home.
• Low cost of entry. Bond and Q had unlimited government budgets, which was crucial since spy gadgets used to be very expensive. Today, however, GSM bugs, which can remotely monitor from anywhere there is phone service, are sold on eBay for less than $25. Cell phone spyware is also moderately priced.
• Low, low probability of detection. Even if a bug or spyware is discovered, there is usually no evidence linking the criminal to the crime. From the eavesdropper\’s viewpoint, the chances of being caught are close to nil. Thus, laws provide little deterrence and may even seem irrelevant.
• Low, low, low probability of prosecution. On the off chance that an eavesdropper is caught, the probability of him/her being prosecuted is pretty slim. Law enforcement and the courts are overwhelmed with bigger fish to fry. Given the workload of more serious crimes that the legal system has to handle, personal eavesdropping doesn\’t carry much weight. The proof of this can be seen on Internet auction sites and spy shops, where sellers of illegal bugging devices enjoy an open and flourishing trade.
• Low, low, low, low probability of meaningful punishment. Let us assume, for the sake of argument, that an eavesdropper is caught and is successfully prosecuted. Still, eavesdropping is not viewed as a particularly heinous crime (one exception: using spycams to peep on minors in the bathroom). A fine and possibly a probation sentence are all that can be expected for punishment. A trip to the Gray Bar Motel is unlikely. In one recent case, a former Wall Street broker was sentenced to no jail time and only a $500 Fine, even though he pleaded guilty to conspiracy to commit securities fraud by allowing others to eavesdrop on the firm\’s confidential squawk box conversations. (Chad Bray, ‘‘Squawk Box\’ Case Witness Receives No Prison Time,’ The Wall Street Journal, September 9, 2010.)
While actual criminal statistics do not yet exist to support or refute these points, we can tell from news reports over the years that eavesdroppers have little to fear from the judicial system. Many examples of this are documented in the long-running online newsletter Kevin\’s Security Scrapbook (http://spybusters.blogspot.com).
The legal system kicks in only after a crime is committed, but given the key issues listed above, laws do not have much deterrence value.
Tip – You cannot depend on the law to protect you from electronic eavesdropping.
So, if you cannot count on the law to punish your snoop, what can you do? The answer is clear: You must take steps to protect yourself.
Because we cannot see eavesdroppers, there is a natural tendency to think there are no eavesdroppers. The result is that we use our communications tools as if they offer 100 percent privacy. Strange! One would not apply the same faulty logic to driving a car: We cannot see our next accident coming, but this does not mean we dispense with the seat belts. Communications privacy is no less precarious. Precautions are necessary.
Naturally, you must become acquainted with the technology used for electronic surveillance. But even more important, the first step is to make a change in your mindset. How, where, and when you use your wireless communications devices is as important as choosing the right technology. Plus, you need to believe that eavesdropping really happens and that real people are doing it. Most people have a difficult time with this, even when faced with the evidence.
Article Source: http://www.articlesbase.com/cell-phones-articles/is-my-cell-phone-bugged-what-is-the-likelyhood-who-would-do-it-and-how-can-they-can-get-away-with-it-4801271.html
About the Author
Kevin D. Murray (CPP, CISM) is an independent, professional security consultant and author. The educational information in his book, ‘Is My Cell Phone Bugged?’ has helped many people solve their communications eavesdropping and privacy concerns, themselves.
Mr. Murray began solving electronic eavesdropping, security, and counterespionage matters in 1973 while with Pinkerton\’s Inc., and from 1978 to present at his consulting firm, Murray Associates which provides advanced eavesdropping detection, also known as technical surveillance countermeasures (TSCM) and counterespionage strategy development.
Headquartered in the New York metropolitan area, with services available worldwide, Murray Associates invites inquiries from corporate, government, professional entities and high-profile individuals.
Murray Associates\’ client family includes:
• 375 Fortune 1000 companies
• 800 others from every imaginable corner of business
• Many North American government agencies
• Clients in 39 states and several foreign countries
Mr. Murray\’s professional certifications are as follows:
• CISM (Certified Information Security Manager)
• CPP (Certified Protection Professional)
• CFE (Certified Fraud Examiner)
• BCFE (Board Certified Forensic Examiner)
• MPSC (Mobile Phone Seizure Certification)