Uncategorized

Cell Phone Privacy Part 1: The Problem

What if I told you that I knew everywhere you were in the last year. I know when you left your house, and I know when you stopped for gas. I know ever trip you made to the doctor’s office. I know your favorite coffee shop. I know how often you go to the liquor store, and how long you spend there. I also know every single person you call or text, how often, and for how long. Further, since I know everyone else’s movements and communications, I know who you met with, and how long you met with them. You have a mistress? I know who she is. Meet with a group of guys to go shooting? I know each of their names. Been talking to someone on a terrorist watch list? You might now be on that list. Even law abiding citizens of the US can have information turned up on them that they wouldn’t want exposed, leaving almost everyone vulnerable to misinterpretation or characterization of their activities, or even blackmail.

Here is the scary part. This is all tracked on every one of us, and it’s all legal. The data is captured by cell phone carriers, Apple, Google, Facebook, and all those apps you load on your phone. It’s permanently captured in databases, whether or not your phone screen is on.

I’m going to go a step further. If someone targets you, that person can find out your exact location at this moment. This doesn’t have to be done with a warrant. All the person needs is a phone number, and the person can engage private security services to find your location. And even if you trust the government with this information, we know that all databases will eventually be hacked. It’s only a matter of time before much of this information is leaked.

Many of us have security linked to our cell phones’ number. But did you know that your number could be vulnerable to SIM swapping attacks? If someone knows your phone number, they can potentially take it over.

Finally, cell phones are filled with software, and the software can have vulnerabilities that are exploited. These exploits may allow attackers to run code remotely, enabling the camera, location services, microphone, and even looking through your email or text messages, or even listening to the contents of phone calls. Journalists have recently been alarmed to hear that Pegasus could be used to compromise their security.

So yes, I’m saying that if someone knows my phone number, I can be tracked and potentially attacked. I’m also saying that my phone Google and Apple are always tracking their users, even when GPS location is turned off. I’m also saying that your cell phone provider always knows where your phone is. Your phone could be leaking every secret about your life.

Seems hopeless, right? Well, there are a number of ways to mitigate these attacks. Stay tuned.

Here are some references: