Thursday, October 15, 2009

the pocket spy: will your smartphone rat you out?

New Scientist | THERE are certain things you do not want to share with strangers. In my case it was a stream of highly personal text messages from my husband, sent during the early days of our relationship. Etched on my phone's SIM card - but invisible on my current handset and thus forgotten - here they now are, displayed in all their brazen glory on a stranger's computer screen.

I've just walked into a windowless room on an industrial estate in Tamworth, UK, where three cellphone analysts in blue shirts sit at their terminals, scrutinising the contents of my phone and smirking. "If it's any consolation, we would have found them even if you had deleted them," says one.

Worse, it seems embarrassing text messages aren't the only thing I have to worry about: "Is this a photo of your office?" another asks (the answer is yes). "And did you enjoy your pizza on Monday night? And why did you divert from your normal route to work to visit this address in Camberwell, London, on Saturday?"

I'm at DiskLabs, a company that handles cellphone forensic analysis for UK police forces, but also for private companies and individuals snooping on suspect employees or wayward spouses. Armed with four cellphones, which I have begged, borrowed and bought off friends and strangers, I'm curious to know just how much personal information can be gleaned from our used handsets and SIM cards.

A decade ago, our phones' memories could just about handle text messages and a contacts book. These days, the latest smartphones incorporate GPS, Wi-Fi connectivity and motion sensors. They automatically download your emails and appointments from your office computer, and come with the ability to track other individuals in your immediate vicinity. And there's a lot more to come. Among other things, you could be using the next generation of phones to keep tabs on your health, store cash and make small transactions - something that's already happening in east Asia (see "Future phones").

Gone phishing
These changes could well be exploited in much the same way that email and the internet can be used to "phish" for personal information such as bank details. Indeed, some phone-related scams are already emerging, including one that uses reprogrammed cellphones to intercept passwords for other people's online bank accounts. "Mobile phones are becoming a bigger part of our lives," says Andy Jones, head of information security research at British Telecommunications. "We trust and rely on them more. And as we rely on them more, the potential for fraud has got to increase."

3 comments:

Quetchess said...

Take a look at the  spybubble scam for a new and innovative way to give some peace of mine.

Gotcha said...

Don't click on "spybubble" link--it's a scam!!

CNu said...

lol,

C'mon dood - don't you realize that I allow certain instances of SPAM/SCAM if they exemplify really laserlike spider acuity in their targeting? I look at it as "machines full of love and grace" interacting with "machines full of it as christmas geese" and consider it Darwinian threshing at its finest.