Posted by Admin on May 18, 2015
We now know that boosting signal to our smart phones with our various signal booster kits makes life easier thanks to clearer voice quality and faster wireless data transfer speeds. However, what if that better connection only helped others snoop into our personal space to gather our private information?
We have all seen those movies where people being hunted are caught because of their cell-phones: we see the criminal smashing his expensive smartphone or dropping it in the river to avoid capture.
We really hope this is not your situation, but if it is, the question remains: Do you really need to go this far? What information is your cell-phone really broadcasting about you and your whereabouts, and what do you need to do to take it off the grid?
Simple Options Don’t Work
If you were trying to cover your tracks because you suspected you were being tracked, your first thought might be to just put it on Airplane Mode: that wouldn’t work! We have to understand that each and every phone has two operating systems: one that interfaces with the consumer and one that connects to cellular networks. Putting it in Airplane Mode would disable certain features in the consumer’s operating system, for iOS or Android, but it wouldn’t in the OS used between the carrier network and the phone itself. Your phone could be emitting a ‘ping’ and there’s no way you’d even know. Regardless of whether it was sending GPS coordinates, you’d still be exposed by any communication because the cell tower would expose you.
Someone searching for you can approximate your situation with triangulation by comparing your cell phone’s signal strength on multiple towers. This means that your data can be accessed from your mobile network and carriers can be forced to provide that data to law-enforcement agencies.
What If I Remove The SIM Card?
You can stop most cyber criminals by removing the SIM, however each phone has its own built-in set of identifiers that can easily be detected using tools such as Stingray devices - currently being used by the military and the police; in addition to fake 2G cell towers erected by the NSA. When you force a phone to 2G there’s no encryption so it’s easy to detect and track.
How To Track a Cell-Phone
Stingrays are also called IMSI catchers or cell-site simulators: they work by mimicking cell-phone towers and emit signals that trick your phone into responding with your location and specific data that can be used to identify you. They’re quite widely used! Some of the federal agencies using sell-site simulators include the Secret Service, the DEA, the FBI, the US Army, NSA, Marshals Service, Navy, National Guard, Marine Corps, and there would be many more.
Can I Be Tracked By Wi-Fi?
Yes, you can - at short range. When you turn Wi-Fi on, your phone sends a signal that contains your MAC address: this is like your fingerprint for digital devices. You may not be aware of this, but this technology is currently being used to track your movements in stores. Because of the limited range it’s not ideal for surveillance, however if someone has your MAC address it can be used to determine things like when you enter and leave a certain building.
There is an easy solution to this, and that’s to avoid un-encrypted public Wi-Fi. On some phones you can spoof or change your MAC address – there are Android apps to help you achieve this but your phone might have to be rooted. Apple introduced more security with iOS 8 by randomizing your MAC address, although we’re not convinced this feature works very well in practice.
Further reasons to avoid public Wi-Fi networks are fake ‘trusted’ routers and the so-called ‘man-in-the-middle’ attacks. Wi-Fi access points that are fake are also known as ‘evil twins’ because they appear to be a legitimate Wi-Fi network but they’re actually being operated by an attacker. When you connect they can then eavesdrop or alternatively direct you to a fake website where they’re able to obtain sensitive information, such as passwords.
However, more common are the ‘man-in-the-middle’ attacks because all the attacker has to do is just be in range of an un-encrypted W-Fi access point: they then have the potential to interject new messages or intercept messages between two parties.
Using SSL, TLS or HTTPS makes it harder to eavesdrop on public Wi-Fi; however, the SSL Heartbleed attack is an example of one such exploit. SSL and TLS standards should ensure your communications are encrypted, and that explains why the Heartbleed situation was a big deal. An OpenSSL bug enabled cyber criminals to obtain sensitive data, such as encryption keys, to enable them to create undetectable man-in-the-middle attacks.
The Threat May Be Within!
Some people are concerned about infringements on our privacy from threats such as Stingray; however there are much easier ways to track us. Perhaps the biggest threat for spying and tracking, used by most criminals, is malware. Public Wi-Fi poses a much smaller risk than those trusted apps turning out to be creepware and spying on us. Today, on the market, there are many commercial, mobile spyware products that make it easy for someone to intercept your calls, text messages, and your emails. It may be possible in some cases for hackers to remotely access your camera or smartphone microphone, and indeed you may have an already installed app on your phone that can do this. Just go to Apple iTunes or Google Play Store and check the permissions of the more popular apps, such as Bibles, Flashlights, QR Readers, Battery Maximizers, Password Managers, and other games and utilities.
If anything good can be said about malware it’s that you first have to install a malicious app: so, avoid apps from unknown sources; avoid opening SMS attachments, and check your installed app list. Ideally you’ll delete all apps that you’re not using. Then, with the apps you decide you do need, try checking the following –
If you’re not happy with what you discover, dump the app and look for a less privacy-invasive alternative. Sometimes it’s best to purchase an app to ensure you’ve got one that doesn’t have creepware behaviours and doesn’t use ad networks: it’s worth the money you have to pay to maintain your privacy.
How Can I Avoid Being Tracked?
By using our common sense we can mostly avoid any problems. Do you have lock-screen security? This ensures no-one is able to physically install an app without your knowledge; avoid public Wi-Fi as much as possible, and follow the above advice regarding installing new apps. Just these few simple steps will protect you from most criminal threats.
Of course if you’re being tracked by a hostile foreign government, a rogue FBI agent, or a well-equipped criminal gang, then that’s a different story. If it is really that serious, then there are a couple of foolproof solutions to safeguarding your privacy.
If you’re determined to not be tracked then you should remove the battery or put the phone in a PrivacyCase. With the PrivacyCase your phone is wrapped in shielding which stops signals from being either received or transmitted. And the reason why turning your phone off is not enough is because of malware: malware like PowerOffHijack. It’s not available in the Play Store and you need a rooted device for it to work, but according to AVG there were over 10,000 installations, and these were mostly in China. It works by playing your normal shutdown animation and the screen goes blank, when in fact the device stays on so you can be monitored.
So, the answer to the question is: remove the battery if you want to go off-grid in a hurry. But, the problem is that some of the new smartphones like the Galaxy S6 and the iPhone 6 won’t allow you to do that, so that means if you want to entirely evade surveillance you’ll have to ditch or smash your smartphone!