Is There Anyone Listening In? A Primer on Mobile and Internet Security

188525-nsaseal_original

The media revelations of former NSA contractor Edward Snowden and others have been highly publicized over the past month. Unfortunately often times the media is more concerned with ratings and readership than with accurate and detailed information. This article will serve as part one of a three part exploration of phone use and data transfer, the ability of agencies to intercept and record these activities, and the likely future of the technology involved.

Many people are now concerned that their private calls or emails may in fact have been intercepted or tracked by government agencies. This concern seems on the surface to be valid, as Verizon and other phone providers went public with the fact that the NSA had requested call logs and subscriber data on thousands of phones. However, a cursory exploration of cell phone technology can remind us that these devices are not really secure or private in the traditional sense that a land line phone is.

A cell phone works through a cellular network. A cellular network is actually a radio network covering a specific and fairly well designated area with a central transceiver. These transceivers are the cell towers which we are all familiar with, even though some are now disguised as trees. While there are specific security protocols so that any phone call or data transfer reaches its particular target, no human designed and operated system is perfect. A phone call or data transfer on a smart phone sends a radio signal to the nearest tower and then onwards.

It is vital to note here that radio signals are not ever totally secure. Just a few years ago it was a common experience for anyone with a cordless home phone to accidentally intercept cell phone conversations. While cell phone signal encoding has gotten much better over the years, the device is still just a portable radio. Anyone with the time and interest could build a radio transceiver with parts from any Radio Shack and simple instructions from the internet which would operate on the same frequencies as a cell phone and use it to intercept calls. This goes for data transfer as well. If I am using a smart phone to connect to the internet, the data I transfer could be intercepted as well. This is one way that criminals have been able to steal banking and credit card information. CBS ran this story about how easy it actually is for a criminal to use a free WiFi access point to steal credit card information from unwary users.

Increasingly, WiFi is the preferred method of internet connection for individuals using any device, whether phone, tablet, or home computer. WiFi, just like cellular technology, operates on radio signals. This means that it also is easily intercepted. The most common way in which an individuals private WiFi network may be compromised is by simple piggybacking. Piggybacking is when a device not intended to be part of a network intercepts the signal. This is not necessarily for nefarious purposes; many devices have automatic detect and connect features, so just turning on a tablet may cause it to connect to the strongest nearby WiFi signal, even if it the access point belongs to someone else. Though there are various levels of security which can and should be implemented on ostensibly private networks, it is important to remember that radio signals sent from any device spread out into the universe like any other wave, and with some work can be intercepted and decoded.

These are the very basic facts of phone and data transfer. If you are concerned about your specific network and data security needs I absolutely encourage you to seek qualified professional advice, such as that found at Silverleaf computers services. This is definitely the case of an ounce of prevention being worth a pound of cure.

Next week I’ll explore PRISM, the NSA program of data tracking and the ways in which it may effect the everyday internet or phone user.

Leave a Reply

Your email address will not be published. Required fields are marked *