Your own personal bug?
While driving home yesterday through the awful Washington traffic, I found myself swearing up a storm at a maniac driver ahead of me swerving lanes without signaling. After he had zoomed off I realized it was a good thing nobody could hear me inside my car, because I would have been embarassed by what I had said. But then I glanced over to what was sitting on the seat next to me, and suddenly I wasn't so sure.
Take out your cell phone and put it down in front of you. (Yes, you have one.) It looks inert -- no ringing, flashing, or anything like that -- and since you're not making a call, it's not transmitting or receiving, right? Don't be so sure. In order to receive incoming calls, your phone is constantly listening to the control frequencies of your cellular network. When it gets a call, it rings to get your attention, and then switches on the speaker and microphone when you flip open the phone or push the answer button. But it seems to me that it would be nothing more than a software tweak on the part of the cell company to instruct your phone that upon receipt of a special control signal, it should (a) not ring, (b) switch on the microphone only, and (c) transmit anything the mike picks up. Voila -- instant bug.
Would this work? In running this by Scotto he objected that if the phone is in your pocket the mike couldn't pick up anything you say. While we were talking by cell phone, he put his phone in his pocket inside his shirt and sweater, and kept talking. He was perfectly audible, if a little quiet. Would this be the case for a phone in a jeans pocket? Clipped to a belt? Inside a purse or backpack? I don't know, but obviously it's not impossible for some carrying positions. Scotto also raised the objection that for clamshell phones the mike may be blocked when in the closed position. Unfortunately, we can't test this, but in looking at my phone I'm not convinced.
A further technical objection to this scenario is that you would know if your phone were being used to eavesdrop on you when it was ostensibly not connected, because if you ever tried to place a call there would be a lag or delay, or the phone in some other way would behave oddly. But my phone behaves oddly all the time. I frequently try to place a call and wait for 60 seconds for it to ring, then give up and redial. If the reprogramming were done well, the phone display would not change during the eavesdropping, and in no other way would it be detectable in the normal course of use.
If someone subject to this kind of non-calling wireless eavesdropping were to monitor their phone battery life or even -- for the truly technically sophisticated -- the actual RF signals emitted by their phone antenna, they might notice something amiss. But ask yourself how many people would either think to do this or be able to.
Why would cell companies want to eavesdrop on their customers? Couldn't they just wait for them to place a call and listen in on them in the regular way? Imagine the following scenario: the FBI/DHS/whoever is tracking a mobster/terrorist/bank robber and wants to listen in on an important meeting. The suspect is paranoid about electronic eavesdropping, so he conducts meetings in person. But he carries a cell phone, and has it clipped to his belt everywhere he goes. One night he meets with an accomplice in the back room of a restaurant that has been screened for bugs and has no windows. The Feds are locked out of the conversation, until they place a call to Verizon with a special request: remotely turn on the mike in cell phone number X, without ringing or changing the display, and let us know what you hear.
In sniffing around the web for traces of this idea I've come up completely empty. I can't be the first person to have thought of this, and I was expecting to find page after page explaining either why it's technically impossible and will never happen, or how it's already happening all the time. But there's nothing. Can anybody help me on this one? Tell me why this idea is crazy, or otherwise why it's already old news?
There is a related issue to all this about the transmission of location information to the cell phone company, as part of the E911
wireless emergency services program. This is not the same issue, although it's interesting. Declan McCullagh has an older article
on cell phone tracking as part of the E911 program. In the UK, it's well established