24/7 audio spying of Android Phones - How to Prevent It..?

[KingNeil]

Although this is not specific to Android phones, it indeed does happen on Android phones. I am talking about the use of "diagnostic mode" in order to spy on all the background audio around your phone. Here is some more information:

As early as 1997, the National Reconnaissance Organization warned that any mobile phone can be turned into a microphone and transmitter for the purpose of listening to conversations in the vicinity of the phone. This is basically done by transmitting to the mobile phone a maintenance command on the control channel. This command places the mobile telephone in 'diagnostic mode'. When this is done, conversations in the immediate area of the telephone can be monitored over the voice channel.

So.... my question to Android Forums, is whether or not there is a way to prevent this. All the articles I have read on it mention a "maintenance command"... the "control channel" ... and "diagnostic mode"... So.. is it possible, using Android software, or hardware, or some method... is it possible to disable any of these things, in order to prevent this from happening... For example, could you disable remote activation of "diagnostic mode", in order to prevent this spying.

This is separate from Carrier IQ, which can be removed by using a custom ROM, or an OS without Carrier IQ.... This is something, which, according to my quote above, has been known about since at least 1997, when everyone was using old-style mobile phones...

So, what does everyone think? Is anyone an expert on this subject? Is there any way to prevent this method of spying?

 

[KENNECTED]

Although this is not specific to Android phones, it indeed does happen on Android phones. I am talking about the use of "diagnostic mode" in order to spy on all the background audio around your phone. Here is some more information:

As early as 1997, the National Reconnaissance Organization warned that any mobile phone can be turned into a microphone and transmitter for the purpose of listening to conversations in the vicinity of the phone. This is basically done by transmitting to the mobile phone a maintenance command on the control channel. This command places the mobile telephone in 'diagnostic mode'. When this is done, conversations in the immediate area of the telephone can be monitored over the voice channel.

So.... my question to Android Forums, is whether or not there is a way to prevent this. All the articles I have read on it mention a "maintenance command"... the "control channel" ... and "diagnostic mode"... So.. is it possible, using Android software, or hardware, or some method... is it possible to disable any of these things, in order to prevent this from happening... For example, could you disable remote activation of "diagnostic mode", in order to prevent this spying.

This is separate from Carrier IQ, which can be removed by using a custom ROM, or an OS without Carrier IQ.... This is something, which, according to my quote above, has been known about since at least 1997, when everyone was using old-style mobile phones...

So, what does everyone think? Is anyone an expert on this subject? Is there any way to prevent this method of spying?

Are you serious? Who does this? It sounds like a bit of paranoia to me.

 

[1bigguy]

I bet it goes on more than we think. Just like those who can walk by use with electronic devices and steal your bank info and crap. I'm not an expert at all. I just thought I would point that out.

 

[KENNECTED]

I bet it goes on more than we think. Just like those who can walk by use with electronic devices and steal your bank info and crap. I'm not an expert at all. I just thought I would point that out.

How often does that happen? I'm sure it happens, because people aren't cautious about their devices.

 

[Mostly Harmless]

I suggest a tin foil hat, its the best protection from the government.

 

[lightsleeper23]

Government agencies have had this ability for a long time. Along with others. The thing to keep in mind is, other than in the case of a very big criminal investigation, i doubt they would have the manpower, the time, or even the urge to listen to every regular persons boring everyday conversations. Not to mention a warrant. I think you're safe.

 

[EarlyMon]

Eavesdropping on GSM isn't terribly difficult. It's all but impossible on CDMA.

The NSA has computers listening to everything. No news there.

 

[OverByter]

See this for more information on how this service is utilized and beneficial to the user : http://en.m.wikipedia.org/wiki/Mobile_device_management

 

[mikedt]

eavesdropping on gsm isn't terribly difficult. It's all but impossible on cdma.

the nsa has computers listening to everything. no news there.

Echelon.

Also listening in on everything...
GCHQ, UK.
CSE, Canada.
DSD, Australia.
GCSB, New Zealand.

 

[KingNeil]

OK. It's the OP here. Let me clarify some things.

No, I am not talking about GSM interception, or interception of any calls at all.

Instead, I am talking about, recording all the audio 24/7, whether you're in a call or not. They just turn the phone into a bug, so, unless you switch the phone off and take out the battery, it's going to be recorded and sent to them.

It doesn't even matter if you use lead shielding, or some sort of device that shields signals from leaving your phone-- because, your phone just stores the recordings in memory, and then sends it the next time you switch it on.

As for the people saying the government wouldn't have the manpower to do this, unless in very special cases, that's simply not true. There was an interview in which NSA whistleblower William Binney said that the NSA literally records everything, regardless of who you are, and then, if you become a "person of interest", they go back through everything they've recorded, and analyse it all.

Also, you have to consider, this doesn't necessarily have to involve the government.

The way it works, is by the mobile phone ISP (eg T-Mobile) having an encryption code which allows the network to dial into your phone and record stuff 24/7.. And so... T-Mobile would give the government that encryption code, but also... who else might they give it to..? It might not just be governments spying on you, but also media outlets, and big corporations.... Note, how News International (Rupert Murdoch) in the UK was able to bribe British police into giving up personal information on people....

I know for a fact that this is done to people who are not terrorists or criminals, because it was done to me. I won't go into any further detail on my particular case... because this isn't about me.... This is about me asking the question... does anyone know a way to disable this "diagnostic mode"...

I know that when you start up your phone, it uses diagnostic mode, and the control channel, in order to connect to your network, and the phone uses these things to connect to the network.... But.. once it's connected, it doesn't need to be sending your audio 24/7.... so... perhaps somewhere in the Android kernel.... or perhaps somewhere in the firmware for the hardware... there is some kind of setting where you can switch this off.... I'm just lost as to whether this is hardware-based spying, or built into Android, or whether someone could create some kind of custom ROM to remove this functionality.... Do any Android developers know anything about this? This is really quite serious, because it can be used for serious stalking... let me tell you from experience.

 

[!on]

Interesting thread. It is probable that you'd need to be someone of interest (or have connections with) for the security services to bother. Makes you wonder if they also do this on random people who might vaguely fit certain profiles?

 

[Davdi]

ASSUME that each time a phone connects to a carrier, this audio listening & recording is universally enabled. Recording at 8K mono MP3 = 1K BYTES per second per phone. How many billions of phones are there worldwide? According to Wikipwdia there were 327,577,529 mobiles in use in the USA in June 2012 (List of countries by number of mobile phones in use - Wikipedia, the free encyclopedia)

that's 1024 * 327,577,529 BYTES (Approx 3.3Gb) per second
Let's do a little math:
3.3 Gb/sec * 60 = 198 Gb per Min
3.3Gb * 3600 = 11880 Gb (11.88Tb) per Hour
11.88 * 24 = 285.12 Tb per day
285.12 * 365 = 104 Peta Bytes per year

Even when you know what you're looking for, and with the best data mining software, there will be many false-positives to screen out. Unless you're of a particularly paranoid turn of mind, it's just not cost-effective to do simply on general principles.

 

[OverByter]

And don't forget that Carnivore is monitoring every post to this thread.

 

[KingNeil]

Well, first of all, 104 Peta Bytes per year-- if that is what it is, and they can't compress/store it more efficiently-- really isn't that much at all... You can buy a 1TB hard drive for $100, and that's just at consumer level, not taking into account economies of scale, government mass purchasing for discounts etc.... So... the storage isn't even vaguely an issue. The Internet itself uses more bandwidth every day than it would be to send 24/7 audio from phones. Hell, YouTube alone does. Imagine Google's bandwidth bill.

Now... I just want to re-iterate, that I'm really not looking for a debate, as to how many people they use this on, or whatever. I just know that they've used it on me, and that I'm basically a nobody, so that is enough for me to know that this is a huge problem. They have caused enormous inconvenience and stress in my life, despite me doing nothing wrong-- and even if I had done anything "wrong" (according to who's definition? Ruling elite?), it still wouldn't justify this kind of abuse.

So... again, I really don't want to turn this into a debate. I want this to be a technical discussion, if I can get any Android/phone developers to say how this works-- whether it's hardware, software, Android kernel etc. I want to know how to disable unauthorised data leaving or entering the phone-- whether that's diagnostic mode, voice channel, control channel, maintenance command, some secret WiFi network, some secret government satellite/using the phone's GPS... However they use it... I KNOW that there MUST be a way, using software alone, to prevent unauthorised data from leaving the phone.

A computer/phone is nothing but a piece of metal and silicone... unless there is software telling it what to do... so we know that this kind of spying CAN be prevented, by modifying the software in some kind of way, and it's just a question of whether that software exists as firmware built into hardware, and non-rewritable, in which case, the hardware must be replaced... or whether it's as simple as being a part of the Android OS, or a re-writable WiFi chip, in which case, we can simply hack and modify the software-- in the same way that many people on this forum are creating Android ROMs.

 

[OverByter]

The ota technology is both firmware based with a software component for the configuration of the stack. The only way around it would be to remove your battery.

 

[KingNeil]

The ota technology is both firmware based with a software component for the configuration of the stack. The only way around it would be to remove your battery.

But why does that mean that the only way to remove it is removing the battery?

Why couldn't you alter the software component, and alter the firmware? Are these read-only systems? Surely not... Why couldn't one re-program them?

 

[EarlyMon]

You mentioned that this has been used against you.

I think we're all interested in hearing by whom, and how you found this out.

 

[OverByter]

But why does that mean that the only way to remove it is removing the battery?

Why couldn't you alter the software component, and alter the firmware? Are these read-only systems? Surely not... Why couldn't one re-program them?

Because it's the same as RSA encryption on your device, any attempt to alter it will leave you with a brick. If it fails it's checksums it refuses to run. Everything is digitally signed. I suppose as a theoretical exercise it would be possible once someone figured out how to crack 256 bit AES.

 

[KingNeil]

You mentioned that this has been used against you.

I think we're all interested in hearing by whom, and how you found this out.

I'm not going to say who is involved. Let's just leave it at that. However, I will say that I found out, because they would send me emails repeating things I had said during the course of the day... Like, I would be sitting at the dinner table, saying, "mmm.. I'm hungry", and they bleep my phone with an email, from a YouTube account, saying, "mmm I'm hungry".... Like, they would do this day after day, for months, and even up until today, and yesterday.. They've been doing this on a daily basis for over a year.... It got so bad, that I had to sign out of my Google account on my phone, just to stop being bleeped with these demented repetitions of things that I said...

Now... what I will say is... I ran tests on my phone, to determine what kind of spying it was... I installed TCPDUMP on my phone, which is a packet sniffing software, and which is the foundation of the popular network tool, Wireshark.... So.... I found a version of TCPDUMP for Android, and even checked the MD5sum to make sure it wasn't a modified version... and indeed, it wasn't..

And so... I left my phone on all day, without using the Internet or anything, and TCPDUMP showed no data packets... And, when I would use the Android browser, sure enough, TCPDUMP would show data going to the websites I would visit, e.g. Google.com, Reddit.com etc.

Also... the people doing this are spying on my entire family... and I know that at least one of my family members doesn't even have an Android phone....

So.. in other words, this isn't some kind of malicious app that was downloaded from the Android marketplace, or a third-party marketplace or website... or anything like this.... This is no piece of software on my phone, because TCPDUMP shows absolutely NO Internet data leaving the phone whatsoever...

Now... I do know that TCPDUMP references various external libraries in order to do what it does... so it's possible that somebody modified those external libraries, anticipating that TCPDUMP might be used to measure these things... but I seriously doubt it... I've actually been meaning to enquire with the TCPDUMP developers on precisely which external libraries the source code references, and if I can then check the MD5 Sums of those files.... As you can tell, I am a programmer, so, feel free to bombard me with any technical information, and I'll try my best to understand it...

So... from all of these tests, I can 99% confirm that this has nothing to do with a piece of Android software, but rather.... it's some other network being used altogether... whether that's a secret government satellite... or, more likely, the regular phone network... but either way, this is some kind of secret network.....

Plus... I've actually used this phone in multiple countries, and so have family members, and it's spied on no matter which country... which may even suggest some kind of satellite, or maybe this group has some agreement with the mobile providers in multiple countries-- which would suggest that it is someone very powerful and well-connected indeed.

Because it's the same as RSA encryption on your device, any attempt to alter it will leave you with a brick. If it fails it's checksums it refuses to run. Everything is digitally signed. I suppose as a theoretical exercise it would be possible once someone figured out how to crack 256 bit AES.

Right... so... is there any way to replace this? Is there any way to replace any of these components? I actually saw a website which was selling a phone which they claim is resistant to spying... I mean... I'm just failing to believe that every single phone that has ever been developed... has some kind of secret hardware in it, which can do this kind of spying... Surely, someone must have the technical knowledge to create hardware and software which doesn't allow 24/7 spying? No?

I mean... as far as we know, your laptop computer WiFi chip doesn't have a secret thing in it which can turn it into a microphone recording 24/7... surely, every single hardware manufacturer in existence hasn't conspired to do such a thing...

Regardless, you really don't think there is any way to create a piece of hardware that doesn't allow this? I mean... you could definitely connect to a mobile phone network, without your phone being a spy device... It's not like T-Mobile is going to kick you off the network based on what type of phone you have, so long as you have an appropriate SIM card... It just feels so helpless, and I know that there has to be a way to prevent this spying capability... There absolutely has to be... I'm just not well-versed on precisely how this could be technically achieved...

 

[OverByter]

T-Mobile probably does care because the implementation is required for any modern mobile operator to configure devices ota on their network and also for QoS, and after the Patriot Act we don't know what is legally required for vendors to be able to sell devices. It's somewhat analogous to color laser printers, Xerox invented the technology over 20 years ago that embeds a yellow dot across any document printed that contains information directly tied to that particular printer and is included in every color laser printer manufactured. This allows any document to be directly tied to a particular printer including metadata on when it was printed and there's no way of removing that capability without destroying the device. There's tons of stuff that's been embedded in our devices for decades that we're still not aware of.

 

[EarlyMon]

Ok.

I'm sure that you won't believe me based on your tcpdumps, but you're describing the behavior of a known class of spyware. There's even speak and text apps that trigger on keywords, no spyware required.

And the teaser messages would NEVER come from any government-related surveillance group on the planet.

I'd recommend resetting your gmail password first, then wiping your device clean, but I think that you have your mind made up.

Best luck with that problem you're having.