Stealthphone: Mobile phone microphone protection against unauthorized activation
The rapid growth of mobile phone sales in recent years and their enormous influence on virtually all areas of modern civilization, from politics, military, banking, corporate to private, are simply amazing. Another characteristic feature of the development of mobile phones is the release of smartphones (more than one billion by 2012) with the ability to connect to the Internet. By 2014, 80% of all calls to the World Wide Web will occur from smartphones and tablet computers. Undoubtedly, the tough competition of mobile phone manufacturers was aimed primarily at making mobile phones cheap, visually attractive and able to work with numerous applications hosted on the Internet to please consumers and increase demand. Miracles in technology and technology does not happen. In the end, the struggle for leadership in the production of mobile phones led to a significant reduction in their safety in the storage and transmission of information. This took advantage of hackers. According to the company Symantec, the damage in the world from the activities of hackers in 2011 amounted to 400 billion dollars ( According to the company Symantec ).
A large part of these revenues was obtained due to the lack of security of mobile phones, especially when they are used in the banking sector. Another reason was that lately, in connection with the global war on terrorism and other crimes related to high technologies, including information technologies, state control over the mass media and, above all, mobile communications on the Internet has increased dramatically. . Intelligence agencies began to use various ways to get the information they need from virtually any electronic device. Recently, the CIA Director D. Petraeus called the new technologies, widely distributed among ordinary citizens, “transformational” that have a huge impact on the work of intelligence officers. He said that new online devices are a treasure trove of data for his department. With the advent of “smart houses”, geolocated data (from photos on social networks, smartphones, navigators, etc.), the CIA in real time can receive a lot of useful data: from a person’s location to a secret camera shooting of a mobile phone or laptop. D. Petraeus said that home appliances "change our ideas about secrecy, personal information and secrecy." There is no doubt that such a global control of information systems will significantly weaken the information security of citizens who use them. I will give an example. German authorities admitted that they used a special program (the so-called Bundes Trojan) to spy on their citizens. The program was loaded into the computer by an unsuspecting user and allowed, to load new malicious programs, steal passwords, take pictures on the built-in camera, or remotely turn on the microphone built-in to the computer. Interestingly, this software was developed by a private German company. After the scandal that occurred, the German government decided to continue to conduct such developments only in state-owned enterprises. But who can now guarantee that this Bundes Trojan did not fall into the hands of hackers? One can cite many similar examples and make the sad conclusion that the public services of many countries, expanding the control of information of their citizens, are forced to open "loopholes" in the information protection of citizens' communication systems. Sooner or later, hackers who are currently armed with technical equipment of practically the same level as some special services can take advantage of. The fact that hackers and terrorists have in their arsenal special means for picking up and intercepting information is also explained by the fact that many dictatorial regimes purchase the most modern interception and control systems from the best world manufacturers. And then, as a result of numerous “Arab” and other similar revolutions, a significant part of these funds falls into the hands of terrorists and hackers. Not in vain, US President George W. Bush, in a statement to Congress, said that terrorists can listen on any of our phones and intercept e-mails.
Therefore, today no one doubts the fact that none of the traditional methods can guarantee the security of personal information when using the Internet. This was acknowledged by the creators of the worldwide information network Bob Kahn and Vint Cerf. In particular, in one of his interviews, Bob Kann said: “I should have paid more attention to the issues of identification and authenticity — from where the email was sent, with which device I am now in touch. These things just play a crucial role. " In his opinion, today it is no longer possible to make the Internet secure and a completely new network of information exchange is required.
Users access the Internet from smartphones based on various operating systems and platforms, which results in viruses that are distributed via the Internet. As a rule, in most cases such viruses spread under the guise of useful software applications, the installation of which is confirmed by the user.
')
In particular, according to a survey by Juniper Networks, installing free applications for the Android operating system, so popular in Russia, often carries a serious risk to the safety and security of personal information. Being installed on a smartphone, many mobile applications can perform functions that the user may not guess: location tracking, access to the user's contact list, secretly initiating sending SMS messages, turning on the video camera and phone call. Juniper Networks specialists found that in the case of the Android OS only 1 of 40 (2.64%) free applications request permission to send text messages without notifying the user, 5.53% of free applications have permission to access the device’s camera, 6 4% of free apps have permission to secretly make calls ( “Free Android apps often secretly make calls, use the camera” according to “The Register” dated 11/01/2012 ). In the case of embedding into the memory of a mobile phone the possibility of making a secret outgoing call, the microphone of the mobile device becomes a “bug” used for covert listening to conversations near the mobile phone. The possibility of visual detection by the user of this process without special equipment is excluded, since the device may, for example, be turned off or in standby mode.
As a typical example reflecting the vulnerability of personal information of citizens when they use a mobile phone, the following can be cited.
The US FBI began using a new method of spying on suspects, remotely turning on a mobile phone’s microphone and turning it into a portable device for listening to conversations that are being led by its owner or people around him. This technology, known as the “roving bug,” will soon receive the widest application, because any recently produced phone has a built-in tracking device that allows you to eavesdrop and locate someone's location with an accuracy of a few feet ( “The FBI will through the switched off mobile phone "source Utro.ru ).
Currently, the fact of listening to mobile phones and intercepting SMS becomes a decisive factor for the court to issue an indictment. In the USA, the hedge fund founder Galleon Group, Raj Rajaratnam, who was found guilty of illegal exchange trading, was sentenced to seven years. The case of Galleon was the first insider crime investigation, for the disclosure of which prosecutors recorded telephone conversations. “Successful use of the recordings of conversations by Raj Rajaratnam in court will change the rules of the game on Wall Street. Investigators will now begin to more actively apply this method to other white-collar workers, the company will take measures to protect it,” said lawyer Kenneth Herzinger.
It is not surprising that hackers or criminals can take advantage of the “hole” in protecting a mobile phone’s microphone to collect dirt on the people they need, especially law enforcement officers, who are fighting with them. Moreover, to technically implement such an “event” is not so difficult and inexpensive.
All the above facts confirm the need to protect the microphone of a mobile phone from unauthorized activation.
Technological solutions that are on the market and which aim to ensure the confidentiality of negotiations and protect against secret removal of information from a mobile phone microphone, do not fully or completely comply with information security requirements.
Users are offered hardware solutions that create acoustic noise to hide the information signal. These are acoustic generators and acoustic safes for a mobile phone.
In the case of using the acoustic noise generator to protect the mobile phone microphone from unauthorized activation, it should be understood that the acoustic noise generator only protects from external voice recorders and cannot protect the mobile phone microphone when the user speaks into it. That is, the acoustic noise generator can be used only if the phone is not used for a call. In addition, the noise produced by such generators is also not conducive to the comfort of negotiations, and its incorrect configuration may lead to a breach of confidentiality and, as a result, hacker receiving information.
Acoustic safes, offered to ensure the security of information, also have serious drawbacks. Their cost is often very high, besides, they, like acoustic noise generators, can protect their owner only if his mobile phone is in this acoustic safe.
In connection with the above, the use of noise generators and acoustic safes is unacceptable.
o to protect against unauthorized removal of information from a mobile phone microphone during a conversation on it.
The method of protecting a mobile phone microphone from unauthorized activation, developed by Ankort, is a unique technology that has no analogues in the world.
Unlike acoustic noise generators and acoustic safes, Ankort specialists have created a solution that guarantees the safety of voice information and confidentiality when conducting negotiations while using a mobile phone.
The indisputable advantage of the technology solution “Stealthphone” created by “Anchort” is the reliable protection of the microphone of a mobile phone from unauthorized removal of information when it is in the call mode. In addition, the microphone security of a mobile phone that is in standby mode is ensured. The “Stealthphone” solution is based on the fact that the conversation is carried out through a microphone located directly in the “Stealthphone” device, which is connected via Bluetooth with a mobile phone. In this case, the mobile phone performs the function of transmitting the encrypted voice signal in the form of a digital signal sequence. At the same time, the mobile phone performs the functions of a speech-like noise generator and an acoustic safe, which can be used as a regular case from a mobile phone, which allows you to extend the frequency range of the noise generated by the built-in speaker.
Thus, the technology solution “Stealthphone” allows the user to ensure the security of the microphone of his mobile phone from unauthorized activation, both in standby mode and during a call. In addition, a number of additional features are offered, a description of which can be found on the company's website www.stealthphone.ru .
A large part of these revenues was obtained due to the lack of security of mobile phones, especially when they are used in the banking sector. Another reason was that lately, in connection with the global war on terrorism and other crimes related to high technologies, including information technologies, state control over the mass media and, above all, mobile communications on the Internet has increased dramatically. . Intelligence agencies began to use various ways to get the information they need from virtually any electronic device. Recently, the CIA Director D. Petraeus called the new technologies, widely distributed among ordinary citizens, “transformational” that have a huge impact on the work of intelligence officers. He said that new online devices are a treasure trove of data for his department. With the advent of “smart houses”, geolocated data (from photos on social networks, smartphones, navigators, etc.), the CIA in real time can receive a lot of useful data: from a person’s location to a secret camera shooting of a mobile phone or laptop. D. Petraeus said that home appliances "change our ideas about secrecy, personal information and secrecy." There is no doubt that such a global control of information systems will significantly weaken the information security of citizens who use them. I will give an example. German authorities admitted that they used a special program (the so-called Bundes Trojan) to spy on their citizens. The program was loaded into the computer by an unsuspecting user and allowed, to load new malicious programs, steal passwords, take pictures on the built-in camera, or remotely turn on the microphone built-in to the computer. Interestingly, this software was developed by a private German company. After the scandal that occurred, the German government decided to continue to conduct such developments only in state-owned enterprises. But who can now guarantee that this Bundes Trojan did not fall into the hands of hackers? One can cite many similar examples and make the sad conclusion that the public services of many countries, expanding the control of information of their citizens, are forced to open "loopholes" in the information protection of citizens' communication systems. Sooner or later, hackers who are currently armed with technical equipment of practically the same level as some special services can take advantage of. The fact that hackers and terrorists have in their arsenal special means for picking up and intercepting information is also explained by the fact that many dictatorial regimes purchase the most modern interception and control systems from the best world manufacturers. And then, as a result of numerous “Arab” and other similar revolutions, a significant part of these funds falls into the hands of terrorists and hackers. Not in vain, US President George W. Bush, in a statement to Congress, said that terrorists can listen on any of our phones and intercept e-mails.
Therefore, today no one doubts the fact that none of the traditional methods can guarantee the security of personal information when using the Internet. This was acknowledged by the creators of the worldwide information network Bob Kahn and Vint Cerf. In particular, in one of his interviews, Bob Kann said: “I should have paid more attention to the issues of identification and authenticity — from where the email was sent, with which device I am now in touch. These things just play a crucial role. " In his opinion, today it is no longer possible to make the Internet secure and a completely new network of information exchange is required.
Users access the Internet from smartphones based on various operating systems and platforms, which results in viruses that are distributed via the Internet. As a rule, in most cases such viruses spread under the guise of useful software applications, the installation of which is confirmed by the user.
')
In particular, according to a survey by Juniper Networks, installing free applications for the Android operating system, so popular in Russia, often carries a serious risk to the safety and security of personal information. Being installed on a smartphone, many mobile applications can perform functions that the user may not guess: location tracking, access to the user's contact list, secretly initiating sending SMS messages, turning on the video camera and phone call. Juniper Networks specialists found that in the case of the Android OS only 1 of 40 (2.64%) free applications request permission to send text messages without notifying the user, 5.53% of free applications have permission to access the device’s camera, 6 4% of free apps have permission to secretly make calls ( “Free Android apps often secretly make calls, use the camera” according to “The Register” dated 11/01/2012 ). In the case of embedding into the memory of a mobile phone the possibility of making a secret outgoing call, the microphone of the mobile device becomes a “bug” used for covert listening to conversations near the mobile phone. The possibility of visual detection by the user of this process without special equipment is excluded, since the device may, for example, be turned off or in standby mode.
As a typical example reflecting the vulnerability of personal information of citizens when they use a mobile phone, the following can be cited.
The US FBI began using a new method of spying on suspects, remotely turning on a mobile phone’s microphone and turning it into a portable device for listening to conversations that are being led by its owner or people around him. This technology, known as the “roving bug,” will soon receive the widest application, because any recently produced phone has a built-in tracking device that allows you to eavesdrop and locate someone's location with an accuracy of a few feet ( “The FBI will through the switched off mobile phone "source Utro.ru ).
Currently, the fact of listening to mobile phones and intercepting SMS becomes a decisive factor for the court to issue an indictment. In the USA, the hedge fund founder Galleon Group, Raj Rajaratnam, who was found guilty of illegal exchange trading, was sentenced to seven years. The case of Galleon was the first insider crime investigation, for the disclosure of which prosecutors recorded telephone conversations. “Successful use of the recordings of conversations by Raj Rajaratnam in court will change the rules of the game on Wall Street. Investigators will now begin to more actively apply this method to other white-collar workers, the company will take measures to protect it,” said lawyer Kenneth Herzinger.
It is not surprising that hackers or criminals can take advantage of the “hole” in protecting a mobile phone’s microphone to collect dirt on the people they need, especially law enforcement officers, who are fighting with them. Moreover, to technically implement such an “event” is not so difficult and inexpensive.
All the above facts confirm the need to protect the microphone of a mobile phone from unauthorized activation.
Technological solutions that are on the market and which aim to ensure the confidentiality of negotiations and protect against secret removal of information from a mobile phone microphone, do not fully or completely comply with information security requirements.
Users are offered hardware solutions that create acoustic noise to hide the information signal. These are acoustic generators and acoustic safes for a mobile phone.
In the case of using the acoustic noise generator to protect the mobile phone microphone from unauthorized activation, it should be understood that the acoustic noise generator only protects from external voice recorders and cannot protect the mobile phone microphone when the user speaks into it. That is, the acoustic noise generator can be used only if the phone is not used for a call. In addition, the noise produced by such generators is also not conducive to the comfort of negotiations, and its incorrect configuration may lead to a breach of confidentiality and, as a result, hacker receiving information.
Acoustic safes, offered to ensure the security of information, also have serious drawbacks. Their cost is often very high, besides, they, like acoustic noise generators, can protect their owner only if his mobile phone is in this acoustic safe.
In connection with the above, the use of noise generators and acoustic safes is unacceptable.
o to protect against unauthorized removal of information from a mobile phone microphone during a conversation on it.
The method of protecting a mobile phone microphone from unauthorized activation, developed by Ankort, is a unique technology that has no analogues in the world.
Unlike acoustic noise generators and acoustic safes, Ankort specialists have created a solution that guarantees the safety of voice information and confidentiality when conducting negotiations while using a mobile phone.
The indisputable advantage of the technology solution “Stealthphone” created by “Anchort” is the reliable protection of the microphone of a mobile phone from unauthorized removal of information when it is in the call mode. In addition, the microphone security of a mobile phone that is in standby mode is ensured. The “Stealthphone” solution is based on the fact that the conversation is carried out through a microphone located directly in the “Stealthphone” device, which is connected via Bluetooth with a mobile phone. In this case, the mobile phone performs the function of transmitting the encrypted voice signal in the form of a digital signal sequence. At the same time, the mobile phone performs the functions of a speech-like noise generator and an acoustic safe, which can be used as a regular case from a mobile phone, which allows you to extend the frequency range of the noise generated by the built-in speaker.
Thus, the technology solution “Stealthphone” allows the user to ensure the security of the microphone of his mobile phone from unauthorized activation, both in standby mode and during a call. In addition, a number of additional features are offered, a description of which can be found on the company's website www.stealthphone.ru .
Source: https://habr.com/ru/post/160215/
All Articles