If you’re familiar with the writings of George Orwell, you’ll undoubtedly be aware of the dangers posed by unregulated and unrestricted mass surveillance. Orwell (1903-1950) is one of England’s most acclaimed authors, gaining worldwide recognition for his bestselling novels and essays which include Animal Farm (1945), Homage to Catalonia (1938), and his most famous work, 1984 (published in 1949).
In Orwell’s 1984, London is the centre stage for a totalitarian regime headed by ‘Big Brother’. Winston Smith, the story’s main protagonist, is one of the last members of British society that hasn’t been fully indoctrinated by the regime’s propaganda. The book’s narrative expertly describes living conditions under authoritarian regimes and the surveillance techniques used to maintain compliance.
Every morning, Winston is required to stand before a surveillance camera installed in his apartment and detail his planned activities, associates, and other minute details about his life. The surveillance officer monitoring Winston is always present, turning off the camera is impossible, and attempts to secure privacy are futile.
Modern Day Surveillance
The mobile phone you have in your pocket (or that you’re reading this on) functions much like the surveillance camera installed in Winston’s home. The difference, however, is that your mobile phone goes wherever you go and it doesn’t require a full-time government agent monitoring you.
And, modern smart-phones are, in some respects, a dream for any would be totalitarian government; why pay to install surveillance equipment in your citizens’ homes, when the citizens will willingly pay for the surveillance equipment themselves?
Experts have long known that mobile phones are the enemy of privacy, and the mitigations that can be used to anonymise your computer’s internet traffic – such as TOR, VPNs, or live operating systems – are ineffective when used on mobile devices.
Let’s explore the four main vulnerabilities in mobile phones that governments exploit, and why going back to basics might be the only option for privacy-conscious consumers.
Method One: IMSI Catchers.
You may, or may not have heard of IMSI catchers before. Out of all the surveillance techniques used by governments, IMSI catchers (international mobile subscriber identity-catchers) are the most widely reported by the media.
Your smart phone relies on telephone towers to send and receive calls and messages, and access the internet. Knowing this, the IMSI catcher was introduced by law enforcement and intelligence agencies in 2003 to exploit weaknesses in the telecommunications system. An IMSI catcher is a piece of equipment that pretends to be a communication tower for the purpose of capturing and recording the information that flows through it, and it would be categorised as a man-in-the-middle attack (MITM) by security researchers.
Your phone calls, SMS messages, and internet traffic are subject to being monitored if an IMSI catcher is in the area. And, worryingly, it’s almost impossible to detect the presence of IMSI catchers if you don’t have the right equipment.
So who uses IMSI catchers, and should I be worried?
Primarily, IMSI catchers are used by law enforcement and intelligence agencies to conduct mass-surveillance of their citizens. In other words, even if you are not the subject of a criminal investigation, and don’t have a warrant against you, your information can still be stored and analysed by the government. IMSI catchers are usually placed at crowded places, near landmarks, and in planes, the latter of which are referred to as ‘flying dirt boxes’ in the security community.
Despite the UK authorities continuously refusing to comment on the use of IMSI catchers, some journalists have compiled compelling evidence that the technology is in fact being used by government agencies. This VICE documentary provides an eye-opening account on the use of IMSI catchers in the UK.
The use of IMSI catchers aren’t limited to government agencies, however. Whilst commercial products are expensive (starting at over £10,000), homemade versions can be made at a fraction of the cost. Obviously, this is a concern. It only takes one smart criminal to potentially steal the personal information of thousands of people.
Despite the risks, there’s very little that you can do mitigate the risks of having your data intercepted by an IMSI catcher. Phone networks have no authentication system – which would, in theory, ensure that your phone could only connect to a genuine mobile tower – which means that there’s little you can do to stop your phone connecting to an IMSI catcher.
It’s advisable to use encryption wherever possible. If you’re browsing the internet, only visit sites that have an SSL certificate installed, which will display a padlock at the top left hand side of your mobile phone’s browser. Mobile applications such as telegram can keep your calls and messages encrypted from hackers.
Tracking Method Two: SS7.
Your phone needs a network operator, such as Vodaphone or T Mobile, for it to work. And the network operators rely on signalling system 7, or SS7, to function.
If my phone’s carrier is Vodaphone, and your phone carrier is EE, then any communication between my device and your device will be routed through SS7. SS7 is the protocol that allows devices from different carriers to communicate with each other. Without it, communication between different carriers would be incredibly difficult, if not impossible.
Despite the importance of SS7 in modern life, it’s notoriously insecure. No authentication procedures are in place, meaning that if your adversary knows your phone number, they could potentially access all your call, SMS, and geolocation history. Darknet vendors claim to have access to the SS7 network, and for just £600 you could access an astounding amount of information about your target.
Unfortunately, there’s little you can do to mitigate the risks posed by SS7. It’s advisable to have a solid information strategy in place, which includes not disclosing any personal information over your phone calls, SMS messages, or mobile applications that have access to the internet.
Method Three: OS Vulnerabilities.
Two operating systems dominate the mobile market: IOS and android. For the most part, Apple’s iPhones are more secure than Android phones, but there are exceptions.
The operating system, or OS, is the software that runs everything on your phone. Just as computers have operating systems (such as Windows, Linux, and MacOS), your smart phone also requires an OS to function.
Apple’s IOS is a relatively secure option for most people. Apple’s app store screens the applications it publishes to prevent malware from being installed on your phone, and it’s ‘walled garden’ approach has it’s benefits.
Some mobile phones, such as Katim and Blackphone are built on a hardened version of the Android operating system and aim to be the most secure smartphones available. However, whilst these phones might be a great option for paranoid executives, journalists, and politicians, they’re probably not necessary for the average person.
Unlocking or ‘jailbreaking’ your phone can be a terrible idea if privacy concerns you. Allowing unverified applications to run on your device can open the door for malware and spyware to be executed on your device. Every new application you install on your phone increases the attack surface for your adversary. It only takes faulty code on one application to compromise your entire device.
And, government agencies are known to install spyware which exploits the OS of modern mobile phones. The most notable example would be Pegasus, which was developed by the Israeli NSO group, is powerful malware which can be installed on almost any phone without the owner’s knowledge. The NSO group claims that its spyware is being used for legitimate policing operations, however evidence has been found that the software is being used to monitor journalists, and was used to track murdered journalist Jamal Khashoggi.
Method Four: Network Operators.
This may be obvious, by it’s worth mentioning. Your network operator can monitor the calls, SMS messages, internet history, and geolocation history of your phone. If pressured by a government agency, either through a court order or a subpoena, the network operator is legally obliged to provide the government with the data they hold on you.
To some extent, using a VPN that is based outside the judiciary of your adversary can mitigate this threat. If you are living within an authoritarian regime, for example, having a VPN provider based in Panama which has loose data protection laws could be, in some cases, a lifesaver.
Going Back To Basics.
There are two primary solutions which can help you regain your privacy: having an information disclosure strategy, and using burner phones.
If you care about privacy, having an information disclosure strategy is essential. We’d advise that you create two lists of PII (personally identifiable information).
The first list of PII is information that you are happy to disclose, and would have a limited impact if your adversary tried to weaponise the information against you. Your list could include some of your hobbies, or your favourite sports team. The second list of PII is information that you shouldn’t disclose under any circumstances. This could include your address, friends & family members, history, and beliefs.
The items on your second list should never enter your phone. In other words, don’t send an SMS message which discloses information you’d rather keep private, and exercise caution when using social media applications and when browsing the internet at large.
The second, and most effective method, would be to stop using smart phones, and start using burner phones instead. However, this is impractical for most people and it’s not a fool-proof solution either.
We know from the Snowden leaks that phones that are switched on occasionally, and are used to communicate with the same phone numbers, are marked by the NSA as potential burner phones. Sophisticated algorithms can analyse thousands upon thousands of calls and identify patterns. If you are targeted, there’s little you can do to protect your privacy.
Undoubtedly, smart phones have revolutionised how our societies function. Whilst we wouldn’t want to discourage their use, it’s important that consumers understand how incredibly insecure the carrier networks are, and how they can be exploited by hackers and government agencies.