June 21, 2023 | Becoming Invisible, Part 5: Your Phone Is A Surveillance Machine

This started as a post on how our phones are spying on us and what we can do about it. But it turns out that the first part — how they’re spying on us — is so big and complex that it needs its own post. So the “what we can do” part will come next week.

A dictator’s dream machine

If an evil genius wannabe dictator set out to design the perfect tool for controlling his subjects, that device would be so useful that everyone would voluntarily carry it around. It would constantly add new capabilities, becoming even more addictive with time. And both the device and the programs that run on it would record everything they observe and send that information to the dictator to be mined for fun, profit, and power.

That perfect surveillance machine has arrived, and it is, of course, the smartphone. We take it everywhere and use it for everything, while it tracks where we go, what we say, and what we buy. And it reports all of this to people who want to influence, control, or steal from us. A few examples:

• Apps from TikTok, ABC, the New York Times, NPR, Reuters, and Fox — among others — can read phone clipboard data. Other apps record phone screens. Air Canada and Expedia record every tap and swipe on iPhones.
• Apple was sued for breaking its own terms of service by using unique identifiers to track users’ keystrokes.
• Some apps listen through phone mics to track an owner’s TV viewing, even if the phone is turned off.
• Google, one of the biggest law enforcement/defense tech contractors, tracks location data on Android phones regardless of settings. It’s now being sued by the state of Washington over this practice.
• Ireland’s Trinity College tested smartphones and found that they connect to the mothership and send back user data every 5 minutes.
• France just gave its police the right to remotely activate cameras and mics on phones and tablets in order to surveil the devices’ owners. This apparently includes discussions between lawyers and their clients. But don’t worry, says justice minister Eric Dupond-Moretti, “Every surveillance operation would have to be approved by a judge.”

But isn’t this unconstitutional?

In the America of our youth, a search warrant was required to get at most citizens’ personal data. So how is it that virtually everyone in tech and government suddenly has this kind of seemingly unconstitutional access?

Marc Nestmann, a consultant on things like offshoring wealth and obtaining second passports, recently posted a succinct explanation of what happened. Here’s an excerpt:

The Surveillance Beacon in Your Pocket

The root of the problem is a legal concept called the “expectation of privacy.”

Back in 1967, when the only electronic communication device to which most Americans had access was a fixed location landline phone, the Supreme Court defined the expectation of privacy as a two-part test.

• Whether a person “exhibited an actual (subjective) expectation of privacy.”
• Whether “the expectation [was] one that society is prepared to recognize as ‘reasonable.’”

Based on those tests, the court ruled that before convicting a man named Charles Katz of illegally transmitting wagering information by wire (in this case, from a phone booth), prosecutors should have obtained a search warrant.

At the time, the decision was widely praised by civil liberties advocates as protecting the privacy of phone calls.

But this legal definition underpinning it was a moving target because the expectation of privacy that society is prepared to accept as “reasonable” inevitably evolves.

Thus, over the decades since Katz was decided, the Supreme Court has ruled that police, without a warrant, can:

• Eavesdrop on your private conversations if at least one  participant is an informant.
• Acquire data that you “voluntarily” turn over to someone else. The case involved telephone calling records but is equally relevant to email messages, web postings, bank account records, and much more.
• Obtain copies of deposits, payments, and other records from your bank account.
• Plant a tracking device on your property to follow your movements.
• Sneak onto your property, even if it’s fenced and contains no trespassing signs and look into the buildings on it.
• Search the contents of garbage placed out for collection.
• Use drug-sniffing dogs to sniff your personal belongings for the presence of narcotics or cash.

Fast forward to the present time, when virtually every American today carries an electronic communications device with them everywhere they go – their smartphone.

And far from using the device as a means to protect our privacy, we instead use it to post photos and videos on social media, alert loved ones to our whereabouts, and follow online maps to our desired destination.

Then there are the non-government criminals

So far we’ve covered the “creeping fascism” side of the story. But there’s also the criminal part, where putting our lives on our phones makes us vulnerable to hackers and other thieves.

Let’s start with the fact that there are just two main phone platforms — iPhone and Android — and once we choose, we become enmeshed in the phone’s ecosystem of apps and services. If we have an iPhone, we probably use iCloud, Safari search, Keychain, and Apple Pay. These apps have access to our passwords, credit cards, bank accounts, photo libraries, travel history, everything.

Consider the opportunity this presents for thieves who gain access to such a phone. They’ve got your PayPal and Venmo accounts, your online banking passwords, and the ability to evade two-factor authentication. As one phone safety analyst recently warned, “They can wipe you out within hours, before you can stop them.”

Anti-virus software maker McAfee recently published a summary of what hackers can do. Here’s an edited excerpt:

The thing is that our phones are like little treasure chests. They’re loaded with plenty of personal data, and we use them to shop, bank, and take care of other personal and financial matters—all of which are of high value to identity thieves.

Types of Smartphone Hacks and Attacks 

Hacking software
Whether hackers sneak it onto your phone by physically accessing your phone or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, hacking software can create problems for you in a couple of ways:

Keylogging: In the hands of a hacker, keylogging works like a stalker by snooping information as you type, tap, and even talk on your phone.

Trojans: Trojans are types of malware that can be disguised in your phone to extract important data, such as credit card account details or personal information.

Phishing attacks
Phishing is where hackers impersonate a company or trusted individual to get access to your accounts or personal info or both. These attacks take many forms, like emails, texts, instant messages, and so forth, some of which can look really legitimate. Common to them are links to bogus sites that attempt to trick you into handing over that info or that install malware to wreak havoc on your device or likewise steal information.

Bluetooth hacking
Professional hackers can use dedicated technologies that search for vulnerable mobile devices with an open Bluetooth connection. Hackers can pull off these attacks when they are range of your phone, up to 30 feet away, usually in a populated area. When hackers make a Bluetooth connection to your phone, they can possibly access your data and info.

SIM card swapping
SIM card swapping occurs when a hacker contacts your phone provider, pretends to be you, and then asks for a replacement SIM card. Once the provider sends the new SIM to the hacker, the old SIM card will be deactivated, and your phone number will be effectively stolen. This means the hacker has taken control of your phone calls, messages, and so forth.

Now that we’re suitably scared…

This just scratches the surface, but you get the idea. Walking around with a smartphone makes us vulnerable to a variety of government surveillance and criminal hacks. Next week: Solutions!

John Rubino June 21st, 2023

Posted In: John Rubino Substack

Next: Kennedy Gains Traction »