Friday, February 13, 2009

What is Your Phone Saying About You Behind Your Back?

As everyone knows, President Obama still has his Blackberry. I assume all the hoopla that was raised about retaining his BB was really much more about creating an image than it was about communications. However, all that ballyhoo may have served to raise public consciousness about the security risks of our cell phones.

Those risks aren't just to privacy, or to our personal information. C-NET has a very nice article illustrating the physical risks that could be created by carrying a Blackberry (or any cell phone).

The news coverage and analysis by armchair security experts thus far has failed to focus on the real threat: attacks against President Obama's location privacy, and the potential physical security risks that come with someone knowing the president's real-time physical location.

The author illustrates those threats with lots of good detail and speculation. Now, those threats are probably taken care of in the case of the U.S. President. As one commenter on the article noted:

The author is uninformed about the subject and is purely speculating. The president is not carrying off-the-shelf hardware. It is likely relaying through a proxy before communicating with the standard mobile networks, so will not be broadcasting a predictable, unique IMEI. The device may also be using frequency hopping, UWB, or other technologies that make it difficult for intelligence agencies, much less amateurs, to track a signal.

That's all very well for Obama, but what about those of us who do carry off-the-shelf cell phone hardware? Do we mind that pretty much anyone, official or otherwise, could track our locations pretty much any time? There is food for thought here.

What's more, the same risks of location tracking apply to users of access-control cards, those objects that hang around the necks of about half the U.S. workforce. Those cards have unique identifiers, as do cell phones, and intelligible data is emanated electromagnetically when they are swiped through a reader. That data can be captured at surprisingly long ranges, allowing a high-tech miscreant to track the card user's movements from controlled door to controlled door, or even to forge a card that would work as well as the genuine one. If that is a concern for you, take a look at the countermeasures the article discusses.

While in the private sector, I once worked on a problem for a client where the solution was to rotate multiple access control cards among all the client's employees in the same manner the article mentions. In that situation, when employees entered the client's work location through the front door using their coded cards, a hostile observer could match the unique identifier of each card - whose emanations could be read from hundreds of feet away - to the individual employee, and then could track each employee as he used the same card to move around inside that secure work location. Being tracked that way was a problem since some of the employees had to hide their association with a particular work space within the location. So, each employee was issued a deck of access cards, each one uniquely coded, to use on a random basis once inside the front door, thus creating enough confusion to hide their movements.

Location tracking is so very easy to do in this age of ubiquitous cell phones, laptops, PDAs, Bluetooth accessories, and access control cards, that we just might want to start thinking about ways to counter it.

No comments: