Pin Me

Is Your Smartphone Safe from Government Security Agencies?

written by: •edited by: Simon Hill•updated: 6/22/2011

If you thought that storing vital data on a mobile phone was a good idea, think again! You don't even need to store valuable information on a mobile device as there are all sorts of malware threats ready to pounce - and that's after you've sorted out a BlackBerry-related diplomatic incident!

  • slide 1 of 5

    You're Never Alone with a Mobile Phone

    The RIM BlackBerry is a focus for governments with security concerns Hey, are you alone? Can anybody hear us? Any chance that someone is listening in?

    While there might be some outlandish claims that mobile phones can be used as bugs by national security agencies simply by remotely activating them (supposedly only avoidable by removing the battery) there continues to be a threat to privacy for users of smartphones such as BlackBerry, iPhone and Windows Phone users.

    Over the past few years there has been repeated controversy between BlackBerry manufacturers RIM and various governments in the Middle East and Asia concerning the security of the devices, while more recently it has transpired that Apple iPhones and Windows Phone 7 devices are storing location information about their users.

    It seems that being able to use a mobile device without being tracked or having your emails intercepted is becoming more and more difficult, but what is the truth about smartphone snooping? Is it a big problem?

  • slide 2 of 5

    BlackBerry, RIM and Corporate & International Espionage

    If you work and live in the Middle East or Asia and have a BlackBerry, the chances are that if any government department wants to know what you're up to, they can find out via your smartphone.

    During the summer of 2010, India, Turkey and many other countries in those regions raised concerns with RIM via their respective telecommunications agencies that data was being encrypted and stored on servers in Canada. This is normal behaviour for all data routed via a BlackBerry device, but in the case of India the practice was considered to be a security risk.

    RIM soon became the subject of threats, with governments such as Turkey threatening to block the licences of mobile phone networks supporting BlackBerry phones if the issue was not resolved, and certainly in India's case a resolution was found thanks to mediation via the US government and an agreement by RIM to provide automated access to India for all SMS messages sent via such smartphones. Similar arrangements were made with other governments; this was hardly a surprise as these are all growing markets for mobile phone companies, particularly India.

    BlackBerry was singled out during this dispute due to the security the company places on their devices, and the focus on security rather than games and music, something which might be more closely identified with iPhone or Android phones. The security offered by RIM's devices has seen them remain a firm favourite with businesses and national security agencies, and it remains to be seen just how these monitoring powers might aid or hinder the platform. It is a little ironic that RIM were punished for being too secure...

    Of course, European and North American governments also have powers to access information from your phone, so this shouldn't be viewed as anything other than foreign governments controlling their interests. As long as you and your job don't pose a threat then you can expect your data to be ignored - but use your BlackBerry with care!

  • slide 3 of 5

    Where Was I When I Called You?

    In addition to the quite serious situation concerning BlackBerry devices, Apple made headline news in early 2011 when it transpired that Apple iPhones were storing data logs that appeared to be tracking the movements of their users.

    Smartphones can track your location Security experts discovered that the log – hidden from normal view – was also copied to a computer whenever the iPhone was synced, meaning that the data would also be able to sync back to an upgraded iPhone, thereby creating a massive record of the longitude and latitude, date and time of the owner’s movements. Worse still, a stolen iPhone could reveal the owner’s regular activities and location, all of which can be displayed from the log thanks to a simple piece of software.

    This logging was apparently added with the iPhone 4 iOS upgrade, but once the fever concerning Apple had died down it transpired that Android, too, was involved, with both companies collating the data as phones uploaded it to a central repository which is supposedly designed to act as a location database for managing call quality and mobile Internet strength. This use, uncovered by The Wall Street Journal, security analyst Samy Kamkar after a lack of answers from Apple or Google is backed up by the fact that users who checked the log files found that their phones placed them several miles away from their actual locations, suggesting that the recorded location was in fact based on mobile phone towers rather than specific positioning of the phone.

    With Microsoft’s Windows Phone 7 devices also capable of storing and sharing such data with a central server, the best options for users of any of these devices is to disable location services, which rely on GPS and Wi-Fi triangulation and have already been reported to cause problems for users on Twitter.

  • slide 4 of 5

    General User Privacy Risks

    Smartphone snooping is also made possible thanks the Apple Store, the Android Market and the Windows Phone Marketplace, and the varying degree of controls each of these libraries has for items to be added.

    While the Microsoft and Apple app stores are relatively strict and offer users the ability to record thoughts and finding about the apps for others to act upon, the Android Market has been less strict, resulting in a number of questionable apps being listed and installed, several of which have been logging user information and sharing it with a remote server for commercial and illegal practices.

    The safety of many of these has been called into question, and while steps have been made to make the Android Market a safer choice, the existence and success of third party marketplaces such as that provided by Amazon suggests that users aren’t entirely convinced of Google’s commitment to their privacy.

    It remains to be seen if and how Amazon will be able to step in as a safe harbour app store for BlackBerry, Windows Phone and iPhone.

    Regardless of the threat of malware and spyware from unscrupulous developers, however, there is also the threat of the web to consider, and how your smartphone browser can handle vulnerabilities. The very fact there are anti-virus apps for Android and BlackBerry phones proves that there is a threat to be considered.

    Considerable security benefits can be gained by regularly wiping your phone (perhaps with a hard reset) of any apps and clearing the browser history. While the world awaits a severe browser exploit on one of the popular mobile platforms, it can only be a matter of time...

  • slide 5 of 5

    References