The stalker in your pocketMike Elgan / Computerworld
Excerpts:
Enter the camera phone, a dream come true for not just spies but a new breed of “cell phone stalkers.”
Camera phones contain all the necessary ingredients for completely invasive stalking: a microphone, camera, personal data on the user, location information, a chat and call history — you name it.
And victims carry them everywhere they go.
All that’s missing is the software that lets stalkers take control.
This new software, called snoopware, does just that. Snoopware — both legal and illegal — enables stalkers to secretly seize control of a phone’s electronics to listen, watch and spy on their victims.
Welcome to the creepy new world of cell phone stalking.
Although cell phone stalking is new, there’s already plenty of bad information, urban legends and false beliefs about it in circulation.
I’m going to sort all this out for you, tell you about what’s possible and how to protect yourself (it’s easier than you think).
But first, let’s look at the first and most celebrated case to date of this new world of cell phone stalking.
Meet the KuykendallsI told you in a previous column about a family in Washington state called the Kuykendalls, who say that a hacker was stalking them through three of their cell phones for more than four months.
The stalker seemed to perform unprecedented cell phone superhacks, according to press reports.
For example, he watched them through their phones’ cameras and listened through the microphones. When they turned off the phones, the hacker turned them back on remotely, seized control of the phones and sent text messages from them.
When they got new phones, the hacking continued.
Even scarier, they received almost daily threats of violence from an anonymous caller, who seemed to be calling from a family member’s own phone, even when that phone was turned off, and provided details about what they were doing and even what they were wearing.
In addition to the Kuykendalls, the family’s neighbor and Mrs. Kuykendall’s sister were also harassed by the anonymous caller.
Although the mainstream press played up these events as some kind of terrifying superhack, I think something much more ordinary is going on.
The most likely explanation, based on the limited information publicly available, is that some malicious script kiddie, who knows the family personally, pulled off one or two simple hacks, then “socially engineered” the family into thinking he’d done something more impressive.
For example, a combination of spoofing one of the family’s cell phone’s Caller ID, which is easy to do, and using that trick to retrieve voice mail, plus possibly hacking the carrier’s Web site to change ringtones and cause other mischief.
These steps, combined with old-fashioned spying on the family in person, could explain nearly all the superhacking claims.
Hacked? Yes. Disturbing? Very. Illegal? Absolutely.
(snip)
How to beat cell phone stalkersThe best cure is prevention.
Don’t allow strangers or people you don't feel comfortable with, to gain access to your phone.
Like any other kind of software, snoopware doesn’t install itself.
The leading methods for installation are physical access installation, where the user installs by clicking on an attachment or link; or via Bluetooth.
By preventing potential stalkers from touching your phone, never clicking on e-mail attachments or links from strangers, and turning off Bluetooth autodiscovery, you’ll keep snoopware off your phone.
more at:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9027438&source=rss_news10