Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: How To Bypass Gov't Spying On Cellphones?

timothy posted about a year ago | from the excuse-me-while-I-snap-this-glove dept.

Communications 364

First time accepted submitter jarle.aase writes "It's doable today to use a mix of virtual machines, VPN, TOR, encryption (and staying away from certain places; like Google Plus, Facebook, and friends), in order to retain a reasonable degree of privacy. In recent days, even major mainstream on-line magazines have published such information. (Aftenposten, one of the largest newspapers in Norway, had an article yesterday about VPN, Tor and Freenet!) But what about the cell-phone? Technically it's not hard to design a phone that can switch off the GSM transmitter, and use VoIP for calls. VoIP could then go from the device through Wi-Fi and VPN. Some calls may be routed trough PSTN gateways — allowing the agencies to track the other party. But they will not track your location. And they will not track pure, encrypted VoIP calls that traverse trough VPN and use anonymous SIP or XMPP accounts. Android may not be the best software for such a device, as it very eagerly phones home. The same is true for iOS and Windows 8. Actually, I would prefer a non cloud-based mobile OS from a vendor that is not in the PRISM gallery. Does such a device exist yet? Something that runs a relatively safe OS, where GSM can be switched totally off? Something that will only make an outgoing network connection when I ask it to do so?" And in the absence of a perfect solution, what do you do instead? (It's still Android and using the cell network, but Red Phone — open sourced last year — seems like a good start.)

cancel ×

364 comments

Sorry! There are no comments related to the filter you selected.

I would have gogt a FROSTY POSTY (-1)

Anonymous Coward | about a year ago | (#43998113)

But the fovgernment was spuying on my sell phone

Don't play.... (5, Informative)

bobbied (2522392) | about a year ago | (#43998145)

The only way to win is not to play...

Or, buy a new handset and phone number for every call and only pay cash.

Re:Don't play.... (0)

Anonymous Coward | about a year ago | (#43998211)

I don't know, two cans and a piece of string should do nicely.

Re:Don't play.... (4, Funny)

Anonymous Coward | about a year ago | (#43998357)

NSA: "We'll have to be able to attach our own piece of string to yours if you wanna keep using that, sir"

Re:Don't play.... (2)

cold fjord (826450) | about a year ago | (#43998317)

Sign language. The US government is short of interpreters, especially for cell phone intelligence.

Re:Don't play.... (2)

SirGarlon (845873) | about a year ago | (#43998685)

Or, buy a new handset and phone number for every call and only pay cash.

And don't call anyone with, because the NSA is also monitoring all the incoming activity at the other endpoint of your call and can very likely deduce your identity that way.

Re:Don't play.... (1)

Stewie241 (1035724) | about a year ago | (#43998733)

And I could only assume that they have the technology to deduct to at least some degree of accuracy the identity of a person based on voice. If not, it will come.

Re:Don't play.... (2)

ub3r n3u7r4l1st (1388939) | about a year ago | (#43998789)

this is not what he meant.

It is very easy to analyze the identity of the caller by just nabbing the other side, unless the other side is also using a disposable cell phone.

This is how police capture thief of stolen phones.... by contacting people who have been called from those phones.

XMPP (0)

Anonymous Coward | about a year ago | (#43998151)

Is Google's dropping of XMPP purely a business decision to focus on Hangouts, or were there other reasons?

Windows mobile 6.5 (-1)

Anonymous Coward | about a year ago | (#43998159)

It sounds like you want a phone with windows mobile 6.5. It has Scype already. It also has a fairly complete win32 API so any application that doesn't exist can be created. Also it is relatively easy to remove any applications that call home. Too bad the OS has been deprecated by MS. Maybe the desires of Govt and Marketing organizations have conspired to remove all good options from the mobile arena.

 

Re:Windows mobile 6.5 (0)

Anonymous Coward | about a year ago | (#43998199)

It has Scype already.

I'm guessing you mean Skype, but thats hardly secure from govt snooping!

Re:Windows mobile 6.5 (3, Insightful)

Anonymous Coward | about a year ago | (#43998795)

It sounds like you want a phone with

No, it sounds like he doesn't know what the fuck he's talking about at all.

Example:
" Technically it's not hard to design a phone that can switch off the GSM transmitter, and use VoIP for calls"
I've never seen a phone that wouldn't let you shut off the GSM transmitter, nobody needs to "design" this it's already there.
I can't speak for iPhones or Windows devices, but with Android you can shut off everything associated with cell phone carrier use any time you want, and install any kind of VOIP client you feel like using.

"Android may not be the best software for such a device, as it very eagerly phones home."

Bullshit. There's nothing in the Android OS which phones home or anywhere else. Yes, there are some applications which do it, but you can shut those off. And if you're extra paranoid just go install a custom ROM and don't run the spyware applications.

Disposable cell phone (4, Interesting)

Skewray (896393) | about a year ago | (#43998163)

I buy a $15 cell phone at Staples. It comes with $10 in minutes. Then I chuck it.

Re:Disposable cell phone (2)

rmstar (114746) | about a year ago | (#43998287)

I buy a $15 cell phone at Staples. It comes with $10 in minutes. Then I chuck it.

That's an easy loophole to plug: just require registration to buy a phone. It is that way in Germany, I think.

Re:Disposable cell phone (4, Insightful)

amiga3D (567632) | about a year ago | (#43998327)

Hell in the US they can't even keep non-insured non-licensed drivers off the road. Registering phones? Hah!

Re:Disposable cell phone (5, Insightful)

HWguy (147772) | about a year ago | (#43998333)

Brian, I assume you paid in cash.

Do you know how much information the Staples inventory system has? Does it store things like the phone's Mobile Identification Number? It certainly logged the time the phone was sold and the location, perhaps flagging your cash transaction. Hopefully you smiled at the various cameras in-store and in the parking lot that recorded you driving up and buying the phone. ;-)

Re:Disposable cell phone (2)

hawguy (1600213) | about a year ago | (#43998455)

Brian, I assume you paid in cash.

Do you know how much information the Staples inventory system has? Does it store things like the phone's Mobile Identification Number? It certainly logged the time the phone was sold and the location, perhaps flagging your cash transaction. Hopefully you smiled at the various cameras in-store and in the parking lot that recorded you driving up and buying the phone. ;-)

Buying with cash is definitely important.

I almost brought up the same point about the cameras, but then I realized that if the goal is to keep broad surveillance from tracking him, cycling through disposable phones will do this unless Staples is turning over security camera footage to the NSA for facial recognition.

If the phone was used to commit a crime, the government could probably track it back to him through security camera footage, but they aren't going to be able to track his past few years of movement based on his cell phone records.

Re:Disposable cell phone (1)

HWguy (147772) | about a year ago | (#43998665)

I almost brought up the same point about the cameras, but then I realized that if the goal is to keep broad surveillance from tracking him, cycling through disposable phones will do this unless Staples is turning over security camera footage to the NSA for facial recognition.

That's true. He's going through some amount of pain and expense to do so though.

We don't really know how much information is being correlated together from what sources. We do know that technology is getting ever more capable and even commercial companies are experimenting with facial recognition. Though there probably aren't large scale facial recognition projects running today, the spook agencies are filled with some pretty smart people who spend all day with big budgets thinking about how to get useful data. I wouldn't be surprised at some future revelation along those lines.

I'm not sure there are easy technical solutions to this Ask Slashdot question.

Re:Disposable cell phone (2)

Nutria (679911) | about a year ago | (#43998457)

Hopefully you smiled at the various cameras in-store

Or wear a baseball cap and hoodie. Preferably with a full beard. And an a heavy foreign accent.

Re:Disposable cell phone (1)

FictionPimp (712802) | about a year ago | (#43998511)

So you pay 5 extra bucks to get the illegal immigrant hanging out at the home depot next to staples to buy it for you, or send in a kid.

Re:Disposable cell phone (0)

Anonymous Coward | about a year ago | (#43998411)

I buy a $15 cell phone at Staples. It comes with $10 in minutes. Then I chuck it.

That's nice, but if you were looking for anonymity with that action, good luck hiding it from the 75 surveillance cameras that picked up your activity the moment you pulled into the parking lot.

Not to mention Staples inventory likely records each batch of phones like this, and anyone researching it can narrow it down to the store you purchased it from, and likely the time it was sold.

Re:Disposable cell phone (5, Insightful)

tnk1 (899206) | about a year ago | (#43998657)

Yes. The idea of a burn phone is a very old one now. If you think that the NSA doesn't have contingencies to deal with that, you are mistaken.

Honestly, unless you really do expect to be doing something illegal, the NSA doesn't have the resources to actually analyze the material they get from everyone for all possible illegal permutations. Unless you have reason to believe you are being targeted, the very fact that you use a burn phone regularly is probably more likely to set off red flags than just your normal use of a possibly monitored phone.

Think about it this way. The use of burn phones is an inconvenience that most people won't bother with. If you are willing to put up with that inconvenience, you are in a relatively small group of people who are either refusers, or people doing illegal stuff. If I were the NSA, I'd be more interested in you as an evader, rather than less. And if they do happen to be able to track burn phones, you've just promoted yourself from Potential Terrorist, Second Class to Potential Terrorist, First Class.

When it comes to panopticons, what you really need to do is learn how to hide in plain sight. The U.S. government is more like Sauron than God. They see everything, but only if they're looking at it.

Re:Disposable cell phone (0)

Anonymous Coward | about a year ago | (#43998595)

Buy a $0.41 stamp and use the mail. They need a warrant to open an envelope, one of the few rights left.

Re:Disposable cell phone (0)

localman57 (1340533) | about a year ago | (#43998611)

I buy a $15 cell phone at Staples. It comes with $10 in minutes. Then I chuck it.

I buy a $10 Obamaphone from a drug dealer that got one in trade for crack. He uses it a few times, then doesn't want it any more. The nice thing is that the crackhead can remember, maybe on a good day, who he gave the phone to. But the drug dealer deals through enough of the Obamaphones that he won't have any idea who he sold that particular Obamaphone to. So the government ends up with two criminals with clear possession of the thing. Assuming I don't do anything stupid like turn the thing on in my own neighborhood, they'll have a hard time making the third jump to me, but are gonna spend a shitload of time checking out dealer and his friends.

Disclaimer: I haven't actually done this, but it seems a lot better than buying phones from staples if you're truly up to something nefarious.

And talk to who? (3)

ugen (93902) | about a year ago | (#43998165)

Once you jump through all those loops, who will you be talking to? And if such a person exists, he probably already knows what you are going to say, so why bother calling? :)

Re:And talk to who? (0)

Anonymous Coward | about a year ago | (#43998219)

Once you jump through all those loops, who will you be talking to? And if such a person exists, he probably already knows what you are going to say, so why bother calling? :)

that was awesome

Re:And talk to who? (1)

gl4ss (559668) | about a year ago | (#43998445)

Once you jump through all those loops, who will you be talking to? And if such a person exists, he probably already knows what you are going to say, so why bother calling? :)

that's the thing. if everyone else is already tapped, what's the point. in fact this is how the prez and congress are justifying tapping everyone, because everyone might be called or might call someone or be somehow part of someone elses call network who might be aiding the enemy(so yeah if someone on your call network ever called someone who might have made a call to somali, yemen, iran or whatever country they label as suspicious this week then you're on the metadata list!).

otherwise just getting some end to end voip encryption would do the trick. but there's more since they would have metadata on your direct connection between those two devices, you would also need to bounce the connection from somewhere - through tor or whatever - and that would get laggy. but if you don't care about that, then it's relatively simple, you could just use some android phones for it too(it's possible to know that you're not sending extra data). the phone itself might get bugged while in your possession or the room you're talking from though - but if you're under personal surveillance at that level there's not that much that you can do - however in that case you might find comfort in that there's not enough people in the world to arrange 3+ persons surveying every person(though they sort of tried that in ddr).

No easy solution (0)

Anonymous Coward | about a year ago | (#43998167)

I use Android and have a personal email server set up on hardware within my house. OwnCloud set up for calendar/contacts and eJabberd rather than Google Talk/Hangouts. I use RedPhone/TextSecure (both by Whisper Systems), but so far as I'm aware none of those would prevent metadata snooping. I guess RedPhone would if you initiate the call through it directly since its VoIP, but only if you are also connected through a VPN.

Re:No easy solution (-1)

amiga3D (567632) | about a year ago | (#43998359)

I just can't stop myself. If you don't have anything to hide you have nothing to worry about.

There, I said it. Here come the downmodders.

Re:No easy solution (1)

CanHasDIY (1672858) | about a year ago | (#43998497)

I just can't stop myself. If you don't have anything to hide you have nothing to worry about.

Do the windows in your house have curtains or blinds, sir? The door to your bathroom - is there no lock on it?

Sometimes (read: most of the time) the desire for privacy has nothing to do with obscuring bad behaviour.

Re:No easy solution (1)

hawguy (1600213) | about a year ago | (#43998537)

I just can't stop myself. If you don't have anything to hide you have nothing to worry about.

There, I said it. Here come the downmodders.

Since once the NSA has the data it likely never gets deleted, how do you know if you have something you want to hide from a government 10, 15, 20 years into the future? Are you sure that none of the people or groups that you associate with now won't be deemed an enemy of the state at any point in the future? Maybe some ordinary every day activity you do today will bring you under suspicion in the future, like going to church (or one particular church), or the gun range, or spending time in a Makerspace.

Being "spied" on, or drawing attention, choose. (0)

Anonymous Coward | about a year ago | (#43998175)

Which is better, drawing attention to your activity by hiding your communication, which likely triggers a red flag but won't hide metadata, or choosing your words carefully when communicating in any way, shape, or form?

Re:Being "spied" on, or drawing attention, choose. (0)

Anonymous Coward | about a year ago | (#43998269)

If everybody's doing it it's hard to single one out.

Re:Being "spied" on, or drawing attention, choose. (4, Insightful)

amiga3D (567632) | about a year ago | (#43998381)

The trick is to hide in plain sight. Most of the time if you seem legit and do nothing obvious you're flying below the radar.

Re:Being "spied" on, or drawing attention, choose. (1)

CanHasDIY (1672858) | about a year ago | (#43998573)

Which is better, drawing attention to your activity by hiding your communication, which likely triggers a red flag but won't hide metadata, or choosing your words carefully when communicating in any way, shape, or form?

In my case, the first one - My communications really aren't all that interesting, unless you consider "Hey, Honey, need me to stop by the store on my way home?" vital to national security interests. However, if I hide them, it makes the Powers That Be think they are interesting, and thus they will want to spend resources to investigate further. Upon said further investigation, they'll discover that they not only completely wasted their time and resources, but also inadvertently helped me achieve my goal of poisoning the holy living fuck out of their well.

Nokia N900 (1)

stormesj (701697) | about a year ago | (#43998181)

I have two Nokia N900s and I think it would be possible to make these devices "secure". http://en.wikipedia.org/wiki/Nokia_N900 [wikipedia.org]

Re:Nokia N900 (1)

amiga3D (567632) | about a year ago | (#43998393)

Viva Maemo!

Another option (0)

Anonymous Coward | about a year ago | (#43998185)

Another secure open source VOIP software wolld be https://www.discretio.com

If you have android (0)

Anonymous Coward | about a year ago | (#43998215)

Custom ROM is your friend.* I use customized Cyanogenmod, that has not Google Apps (Gmail, Maps, Play..) installed.

* Well well known custom roms that have lot of users, there are malicious around as well.

Flooding (4, Interesting)

Phoenix666 (184391) | about a year ago | (#43998237)

The NSA needs to be flooded with false positives. They need to have so many false positives generated that their illegal, unconstitutional spying is rendered moot.

On the other side, we need to surveille every member of Congress and the Executive and have their every move published on a publicly available site. After all, if they have nothing to hide then they shouldn't worry, right?

In a perfect world the President and every member of Congress who signed off on this unconstitutional behavior would be impeached. But I know this is not a perfect world. So instead I will advocate a world where we turn the panopticon on itself and make them suffer three times for what they make us suffer.

Tyrants must always be hoisted on their own petards.

Rebirth (1)

Etherwalk (681268) | about a year ago | (#43998405)

The NSA needs to be flooded with false positives.

Undead Osama, is that you? Phoenix666 was a bit obvious...

Re:Flooding (2)

Grave (8234) | about a year ago | (#43998675)

Flood them with too much data? They can't sort what they have now, but they sure can store a lot And if they start to run low on space, they'll just make Congress fund another yottabyte of storage.

RedPhone (0)

Anonymous Coward | about a year ago | (#43998241)

The most amazing Android app developed by our beloved Moxie.
https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en

what makes you worth tracking? (1, Interesting)

alen (225700) | about a year ago | (#43998247)

say the NSA is tracking 500 million people worldwide
do you really think that there is a guy sitting in the NSA tracking you for no reason? out of all the tens of millions of people? what makes you so important?

its like the idiots who think the supermarkets are tracking them personally with the loyalty cards. stores want aggregate data and purchase bundles to do loss leader promotions. they really couldn't care what you buy personally

it was already said the NSA does the same. they think some muslim street vendor or cab driver is sending money to fund the jihad, they see who he is calling and so on. to build data on possible people in a network.

Re:what makes you worth tracking? (1)

Richy_T (111409) | about a year ago | (#43998299)

No, there is (probably) not a guy who is tracking you personally. But if/when they decide you're a "person of interest", for whatever reason, they can go digging.

And the supermarket thing doesn't bother me myself but it could result in some embarrassing and/or problematic invasions of privacy if implemented carelessly

Re:what makes you worth tracking? (0)

Anonymous Coward | about a year ago | (#43998391)

But if/when they decide you're a "person of interest", for whatever reason, they can go digging.

Digging for what? If "they" want to "get" you, they aren't going to bother digging for anything. They will just frame you.

If you are this paranoid, consider that a person using an untraceable phone would be very interesting to them. Determining that you are using a phone, but leaving no trace, would be trivial.

Re:what makes you worth tracking? (1)

hawguy (1600213) | about a year ago | (#43998373)

say the NSA is tracking 500 million people worldwide
do you really think that there is a guy sitting in the NSA tracking you for no reason? out of all the tens of millions of people? what makes you so important?

Since they won't reveal exactly what they are tracking or what behaviors might warrant further scrutiny and investigation, how would I know if a guy at the NSA is tracking me? Maybe my purchase history will set off some "terrorist warning" alert and now they are digging through my past history records. Maybe they are going to send the guys in black SUV's to bring me in for questioning to ask me why I made a trip overseas, then made repeated purchases at Radio Shack and Home Depot *and* I turned my cell phone off for 3 days so I must be up to something nefarious.

If you think that wouldn't happen, then why are the combing through the data if they aren't going to scrutinize and/or question people who have suspicious behavior. And if they *are* doing that, then they are also going to find innocent users who did nothing wrong, yet are forced to explain themselves to the government and maybe even prove that they did nothing wrong.

Re:what makes you worth tracking? (1)

alen (225700) | about a year ago | (#43998475)

say you do buy something that sets off a terrorist warning. chances are lots of other people are buying the exact same thing and setting off the same warning. its impossible for people to manually go through all the data and question everyone. even if they wanted to, they can't just question you for no reason. they just pass the info to the FBI. and they don't have enough people to question tens of thousands of people a year over what they buy. if they really did this it would be all over the internet

that's why in 2013 we have software that scans this data to find patterns

Re:what makes you worth tracking? (1)

hawguy (1600213) | about a year ago | (#43998707)

say you do buy something that sets off a terrorist warning. chances are lots of other people are buying the exact same thing and setting off the same warning. its impossible for people to manually go through all the data and question everyone. even if they wanted to, they can't just question you for no reason. they just pass the info to the FBI. and they don't have enough people to question tens of thousands of people a year over what they buy. if they really did this it would be all over the internet

that's why in 2013 we have software that scans this data to find patterns

Right - they use datamining software to look for patterns, They can use very loose criteria that flags a million people, or they can tune the algorithms to tighten the criteria of what is flagged as "suspicious" until only 1000, or 100, or 10 people are flagged, and they'll keep tuning until they have a reasonable number of people to scrutinize and/or question.

Datamining works, but it's not exact - it can pick 1000 people out of 100 million that are likely going to do something, but not with 100% certainty. Especially since real terrorists know that they may be observed, so they take great pains to anonymize their behavior or make it conform to "normal".

The big question is - how many innocent Americans are scrutinized (wiretaps, email disclosure, sneak-and-peek warrants, etc) or questioned without having done anything wrong at all? No one can tell you since all of these activities are authorized by a secret court and it's illegal for a provider to disclose that a warrant has been served. Maybe it's 10 americans, maybe it's 1000, maybe it's a million, only the FISA court knows and they aren't telling anyone.

Re:what makes you worth tracking? (0)

Anonymous Coward | about a year ago | (#43998781)

Since they won't reveal exactly what they are tracking or what behaviors might warrant further scrutiny and investigation, how would I know if a guy at the NSA is tracking me? Maybe my purchase history will set off some "terrorist warning" alert and now they are digging through my past history records. Maybe they are going to send the guys in black SUV's to bring me in for questioning to ask me why I made a trip overseas, then made repeated purchases at Radio Shack and Home Depot *and* I turned my cell phone off for 3 days so I must be up to something nefarious.

So someone asks you some questions. So what? If you went overseas, you were clearly fine with not only being questioned by the TSA, but having your personal property searched (without a warrant!) and even having your person scanned or physically scrutinized.

If the NSA can flag your purchases, it also knows enough about you to know what you are doing with said purchases. So just ignore them (like they are ignoring you).

Re:what makes you worth tracking? (0)

Anonymous Coward | about a year ago | (#43998375)

Narcissism. Such flavors of paranoia are, at their core, an extension of narcissistic tendencies. Even if no one in your natural surroundings would spend a modern mostly-zinc penny to learn about you, you are important enough that someone must be watching you. And the only reason the people watching you would not come by to tell you how great you are is if they had an evil motive!

I'm not a fan of spying on civilians (especially your own), but this kind of response is not a healthy 'how do we stop this?' it is a sign of an unstable psyche that is a few bad stimuli away from become a danger worth watching. (and the extra irony part, taking this kind of mass paranoia precaution will get you on watch lists)

Re:what makes you worth tracking? (4, Insightful)

Qzukk (229616) | about a year ago | (#43998409)

"What makes you worth tracking?"

As the cost of this approaches $0, it's pretty easy to make tracking any given person's life worth more than it costs to do it.

Re:what makes you worth tracking? (1)

alen (225700) | about a year ago | (#43998521)

and what would be the point?

you really think there is some guy tracking you as you walk into a starbucks and yells out to the office, "qzukk is going into the starbucks, we got him"

Re:what makes you worth tracking? (2)

localman57 (1340533) | about a year ago | (#43998785)

No. Not in real time. The point is that they can go back in time and see what you did after they've identified you as a person of interest. The government has pretty much said as much. A lot of this apparatus is designed around the idea that the more information they collect, the more they can use one incident (whether it is successful or not) to prevent future incidents by tracking the person back in time and see who else might be connected. Then prevent them from doing anything.

Re:what makes you worth tracking? (1)

Etherwalk (681268) | about a year ago | (#43998429)

Some of us just think it's a bad idea when the NSA can pick a random person on the street and know whether they're cheating on their spouse within two minutes.

Re:what makes you worth tracking? (1)

alen (225700) | about a year ago | (#43998507)

that's assuming there is a guy in Maryland clicking names on a list tens of thousands long to see who is cheating on their spouse, which is impossible and a stupid waste of time.

Did Lindsay Mills think she was important? (4, Insightful)

ZeroPly (881915) | about a year ago | (#43998461)

I mean, come on, she was just a ballerina/dancer in Hawaii, what did she have to hide from the NSA? Sure, her boyfriend Edward Snowden was involved in government affairs, but just one of a gazillion contractors.

Re:what makes you worth tracking? (1)

NinePenny (856053) | about a year ago | (#43998527)

Two words - Fishing Expedition.

Re:what makes you worth tracking? (1)

tapspace (2368622) | about a year ago | (#43998555)

Come on /., we can't mod up such a blatant misunderstanding of a technical issue.

Since it's algorithmic filtering, we are all being tracked, just not in a personal, hands on way. Plus, if the data is retained, hey can examine your life with increasing levels of detail in the future. Building a huge database of all this data is even WORSE than tracking, because it enables all sorts of later analysis with increasingly powerful computers and increasingly sophisticated algorithms.

Re:what makes you worth tracking? (0)

alen (225700) | about a year ago | (#43998641)

yep, i can see it now

the NSA is going to sell data on anyone who has ever been within 5 feet of a McDonalds to the health insurance companies so they can jack our rates

Re:what makes you worth tracking? (1)

sfm (195458) | about a year ago | (#43998613)

> its like the idiots who think the supermarkets are tracking them personally with the loyalty cards. stores want aggregate data and
> purchase bundles to do loss leader promotions. they really couldn't care what you buy personally

Agreed, the supermarkets are interested in aggregate data. But they also keep the individual purchase data. This came out recently in a food poisoning case where the authorities used loyalty card data to narrow down what food was contaminated and the source (Medscape.com) [medscape.com] .

Just because aggregate data is the current stated goal, new data uses could easily appear. Then what?

Re:what makes you worth tracking? (5, Informative)

immaterial (1520413) | about a year ago | (#43998623)

its like the idiots who think the supermarkets are tracking them personally with the loyalty cards. stores want aggregate data and purchase bundles to do loss leader promotions. they really couldn't care what you buy personally

Bullshit. [forbes.com] Careful who you call idiot, lest you look even more the fool.

Re:what makes you worth tracking? (1, Insightful)

alen (225700) | about a year ago | (#43998751)

that's still aggregate data. they find out who bought a basket of goods and market to them based on the predictions of past purchases of previous of these items. they don't care what you personally buy, the computer looks at the aggregate purchasing history and automatically creates coupons based on research of what you are likely to buy

its all done by computer. not like there is some guy sitting around and checking out hot pics of your pregnant daughter.

50 years ago they would have blindly mailed out coupons to anyone 18-49 or pay money for a TV ad. 90% of it would have been ignored. 2013 they can better target the right coupons to people more likely to use them.

not like they are going to have a custom profile of you accessible to anyone on the internet so they can laugh at you and know everything about you

Re:what makes you worth tracking? (1)

roman_mir (125474) | about a year ago | (#43998635)

Money.

Don't worry for now about the government system itself, until they can readily and reliably convert sound to text and index every word, they won't be tracking you specifically (statistically unlikely). However DO worry about people proposing individual government agents to sell information about individuals and their meta and actual data.

If they offer, say, 20,000,000 for a dump of every 1000th or 100th or 10th (or every ones) person's data, so that the data can be mined and used to build up commercial database that would be used to to steal from you, to sell to you, to sell you to other parties, then you should worry.

Does that mean that every word and every phone conversation is equally important? I think not. But there will be plenty of interesting stuff there.

Your address and SIN are nothing. How about all of your bank accounts and passwords you use online or over phone, your credit cards, your medical insurance information, your taxes, details of your private business, your kids schedules (blackmail, kidnapping) etc.?

I think that is a more likely problem FOR NOW than government using the data specifically against you to throw you into GITMO, it's statistically unlikely to happen. It is much more statistically likely that your data will be sold to data aggregators or just thieves.

Re:what makes you worth tracking? (0)

Anonymous Coward | about a year ago | (#43998637)

say the NSA is tracking 500 million people worldwide
do you really think that there is a guy sitting in the NSA tracking you for no reason? out of all the tens of millions of people? what makes you so important?

Quite simply put, the right for privacy.

Re:what makes you worth tracking? (2)

LF11 (18760) | about a year ago | (#43998773)

I'm just waiting for the next pin to drop: DEA gets access to help assist the war on drugs.

Re:what makes you worth tracking? (1)

Bob9113 (14996) | about a year ago | (#43998801)

what makes you worth tracking? ... do you really think that there is a guy sitting in the NSA tracking you for no reason?

What makes you think collaborative filtering [wikipedia.org] and similar analyses are done one person at a time? The state of the art is done with linear algebra [wikipedia.org] and similar maths, and solves simultaneously for each individual in the sample set.

Umm (3, Interesting)

wbr1 (2538558) | about a year ago | (#43998249)

How about Ubuntu Touch? Linux core, can run VPN, TOR all the other goodies, and being OSS and linux you are free to investigate code and roll you own solutions on top of it.

Temporary Measure (0)

Anonymous Coward | about a year ago | (#43998267)

From one paranoid person to another: at most, all you are going to get is a temporary measure, and not a fix to your problem. The problem isn't that phones are tracked, or that some phones are more easily tracked than others, the problem is that you've got "someone" who apparently has carte blanche (or thinks they do, unless they are forced to stop, the distinction is academic) to do all the tracking they want, with no repercussions. You can do what you want to hide, if they want to find you, they will.

Now go hide under your tin-foil rock, if it makes you feel any better.

Re:Temporary Measure (0)

Anonymous Coward | about a year ago | (#43998669)

Smells like defeatist bullshiit...."The easiest day to defeat an enemy is to convince them they cannot win. ". Do what you can dude,

Hello NSA (0)

Anonymous Coward | about a year ago | (#43998275)

Use some obvious circumvention posted on slashdot, so the NSA can flag me for the no fly list.
Meanwhile my friends still call me so they can get on the no fly list too.

Seriously it is traffic analysis. The solution is fly causal, pretend that your IQ is normal and that you aren't paranoid.

Satellite Phones (0)

Anonymous Coward | about a year ago | (#43998285)

Always VoIP.

Silent Circle? (0)

Anonymous Coward | about a year ago | (#43998293)

Seriously, has the poster simply not heard of this yet or what? Encrypted cell phones are not new. Neither are freeware encrypted communications.

Just kills me with all of this "oh noes!" going on like no one has ever heard of solutions available today, especially when reading it here. Damn, RTFA every once in a while already...

Won't work (0)

Anonymous Coward | about a year ago | (#43998315)

Intelligence agencies have and end-to-end view and real-time packets are susceptable to timing attacks. Further, both WIFI and GSM can be clearly listened to and the encryption broken in near-real-time.

TOR is not safe either, in fact, its probably the worst system of all given the visibility.

If you want secure comms, you will need to create a ground based mesh system with a path loss that exceeds the minimum orbital distance. That's expensive and requires a lot of cryo.

Even then, what's the point? The agencies have the abilty to hit you with RF and decode the electrical activity of the brain into words, images, etc.

Privacy is a delusion of the misinformed.

Re:Won't work (0)

Anonymous Coward | about a year ago | (#43998547)

"The agencies have the abilty to hit you with RF and decode the electrical activity of the brain into words, images, etc."

This is Louis Farrakhan Muhammad, Sr. right?

Good grief.

You're not thinking this through. (0)

Anonymous Coward | about a year ago | (#43998335)

The phone has to be in government-trackable-mode to receive calls, so two approaches:

  * leave the phone off and use skytel to replace the ring. they have much larger cells.
  * fon.com-like system where nearby celfones tether to each other and trade the duty of having the radio on.

The zeroth approach, "let the phone be tracked, but government doesn't know whose phone it is," won't work. Even without call traffic analysis, the phone can be uniquely associated with a human by where they sleep at night plus the boolean fact that they use Tor, or the fixed-IP fact of the static VPN they connect to. Also I think static VPN's will have no value in protecting anonymity if the packets coming in and out of the VPN are tapped.

Bullshit! NSA horseshit! (0)

Anonymous Coward | about a year ago | (#43998347)

This "article" is a fucking NSA plant!!!

Slashdot is being PAID by the NSA!

Fuckyou!

Or. I'm an NSA officer spreading FUD, to fool you dumb fuckers into complacency.

Hmmmm.

FUD indeed.

God! I wish I could get paid for this shit and pay off my student loans!

I'm a slave to the bankers like the rest of you - and the NSA.

Re:Bullshit! NSA horseshit! (0)

Anonymous Coward | about a year ago | (#43998485)

Holy crap AC, have you forgotten to take your meds today or something?

Re:Bullshit! NSA horseshit! (1)

HornWumpus (783565) | about a year ago | (#43998575)

I kind of feel like I've forgotten my meds this week.

Good Signatures (0)

Anonymous Coward | about a year ago | (#43998351)

Everyone add bomb terrorism plane etc etc to all their greetings and signatures :)

Not a god damned thing (4, Insightful)

onyxruby (118189) | about a year ago | (#43998365)

There is absolutely nothing you can do because the government has root for any given phone (if nothing else through a warrant). Own the network and you own anything going through it. Your encryption means jack when their are appliances that do nothing but decrypt and re-encrypt traffic at very high rates of speed. You could get a separate phone just for having private conversations (ala drug dealer). You would quickly find out that they can determine that number (doesn't matter how you got that phone). Once they know that number they can just tap that through the same phone system.

Want some level of privacy and to ensure that the government at least has to get a warrant to read your supposed to be private conversations? Go old school, visit this antique shop called a Post Office and buy a roll of stamps and envelopes. There is well established legal doctrine that says snooping on your mail can only be done with a warrant.

Don't like my answer? Call your congress critter and demand change.

Re:Not a god damned thing (1)

Nickodeimus (1263214) | about a year ago | (#43998743)

Wish i had points to mod you up. Pretty much dead on on every item. No encryption that is available at this point is unbreakable for the kind of resources the NSA can leverage. Every other item people are listing here use various encryption means and methods that frequently revolve around AES256... which can be broken with brute force.

HAM Radio? (3, Funny)

littlewink (996298) | about a year ago | (#43998389)

It's waiting for you.

Re:HAM Radio? (2)

red_dragon (1761) | about a year ago | (#43998499)

Encrypted communication on amateur radio bands is prohibited by law in the US, so transmitting an encrypted signal just invites spooks to triangulate your transmitter's position.

There's an app for that (1)

Dramacrat (1052126) | about a year ago | (#43998397)

Free, OSS Redphone [whispersystems.org] , or a commercial solution such as PrivateGSM [privatewave.com] .

Re:There's an app for that (1)

Dramacrat (1052126) | about a year ago | (#43998415)

Free, OSS Redphone [whispersystems.org] , or a commercial solution such as PrivateGSM [privatewave.com] .

... as for avoiding the collection of 'metadata', such as who called whom and when, well... roll your own GSM network. ;)

Eh (1)

Impy the Impiuos Imp (442658) | about a year ago | (#43998417)

This type of phone would be much more useful for politicians and businesspeople than the average joe, since they're the real target of rogue agents working for someone else (and not just illicitely for those in power, either, keep in mind. Planted leftovers for previous administrations could be too.)

Snowden showed he could listen in on conversations of powerful people, and no alarm bells went off anywhere.

Openmoko (0)

Anonymous Coward | about a year ago | (#43998443)

My Openmoko Neo Freerunner matches all the requirements. But it may be a bit slow and outdated (a bit... haha) for today standards, so maybe take a look at its spiritual successor - GTA04 from Golden Delicious.

Use T-Mobile (0)

Anonymous Coward | about a year ago | (#43998463)

T-Mobile USA and CenturyLink are the only two major telecom companies that refused to work with the NSA back when the warrantless wiretapping scandal first broke. They're a German company, so you can be pretty sure they care about your privacy.

Make the Feds Work for their Data (0)

Anonymous Coward | about a year ago | (#43998479)

Use Ham Radio. Set up autopatch systems all over the place. As long as you're not conducting business or speaking in codes, they'll never know exactly where you are.

What can we do? Not much. (1)

_UnderTow_ (86073) | about a year ago | (#43998535)

This country is doomed. I'm not sure anything can be done at this point other than put your head between your legs and wait for the wreckage to come to a complete stop.

What to do? Don't worry about it (0)

Zontar_Thing_From_Ve (949321) | about a year ago | (#43998545)

Personally, I really do not care if the government is listening to my phone calls. I seriously doubt that they are, but I have nothing to hide. Frankly my phone calls are just not all that exciting to outside parties. The only "danger" from someone listening to them is that they might get bored into a slumber.

I love how some people think that they are personally so important that the government has nothing better to do than pay attention to everything that they do. A few years ago during the "We're going to have a flu pandemic!" scare that was recommending special flu vaccinations for children, a guy I know who works for the US government (he is a low ranking employee perhaps somewhat equivalent to a computer operator) was convinced that Uncle Sam was literally going to send armed troops to his house to force him to agree to getting a flu shot. I love how logic never figures into this. If the NSA has about 40,000 employees as Wikipedia claims and all of them are forced to monitor the entire US population, that is about 7875 people per NSA employee to monitor. Yes, I'm sure that the NSA can keep up with that.

Different approach (0)

Anonymous Coward | about a year ago | (#43998571)

I don't see the point in going to all that work to try to maintain privacy. If I really want to hide who I'm talking to or what we're saying then I won't use a phone. I'll use something lower tech and/or with a code. Encrypted calls, VPNs, specialized phones, etc seems a bit overkill for hiding the fact you're calling home to see if you should pick up something at the store.

Kind of pointless question (0)

Anonymous Coward | about a year ago | (#43998585)

On the one hand, for targetted attacks there is spy software openly available for purchase by government agencies for all brands of phones (not just smartphones). For example, FinFisher is used by agencies of smaller countries. These kind of companies will usually offer the service to break any kind of device for enough money, if there is no known exploit yet they'll find one and use it.

Regarding untargetted snooping by programs like PRISM, on the other hand, the question makes even less sense. How do you want to protect yourself against something whose extent you don't know? Not just US companies, but companies all over the world participate in such programs. For example, Siemens is known to have installed loopholes into Telco equipment.

Encrypted phones (4, Informative)

Animats (122034) | about a year ago | (#43998651)

There are encrypted GSM phones [cryptophone.de] with end-to-end encryption when talking to a similar phone. They're overpriced and hard to buy, but available. The source code is available so you can see how it works. It's classic Diffie-Hellman 4096-bit key exchange to establish a session key, followed by 256-bit AES encryption for the data.

It's too bad OpenMoko tanked. That was a totally open source phone down to the hardware level. That plus Cryptophone-compatible code would have been trustworthy.

Re:Encrypted phones (3, Informative)

Anonymous Coward | about a year ago | (#43998731)

Openmoko is not tanked.

OpenPhoenux project, coming from Openmoko community, may be the answer for all those needs. It has less resources than Openmoko had, as it's done by a small german company Golden Delicious, but thanks to that it makes small moves rather than big and crazy that Openmoko did, so it's less likely that it'll completely fail like Openmoko did.

Old Openmoko Neo Freerunner already was perfect for such purpose, but it's a bit unusable for anyone who's not hardcore geek always being ready to use terminal on his phone to do simple tasks in case something breaks. Fortunately, new GTA04, together with QtMoko or SHR systems, should be quite good choice.

http://www.openphoenux.org/

"What OpenPhoenux stands for:
* participation by everyone
* extensible hard- and software - DIY
* allows to inspect what the system is doing (as far as achievable)
* can be repaired using standard parts (as good as possible)
* long-term support (e.g. software upgrades for an 2007 Neo 1973)
* no planned obsolescence through open hard- and software
* no central, intransparent, stock exchange listed instance that gives directions
* hardware development and production near to users (Europe) under fair labour conditions
* independent from the "modern mainframe" and back to the networked, decentralized web
* everybody plays client and server roles and keeps control over his/her participation
* makes the technical system transparent, not the user"

Don't bother (1)

anyaristow (1448609) | about a year ago | (#43998661)

If you're going to fight for privacy and rights and puppies and things, then do things toward that goal. Securing your own phone doesn't do that. It just makes work for you. Unless you really do have something of interest to them. Which you probably don't.

Use your efforts to write letters, keep informed so you can vote intelligently, educate people, publish something, or whatever. Securing your own phone is just "I got mine." Worse, it's probably wasted effort.

Speak Klingon or Navajo (0)

Anonymous Coward | about a year ago | (#43998677)

It won't stop the NSA from spying on you, but it'll force them to retain Klingon experts and/or Klingon translation systems. In other words, baffle them with bullshit. Any jargon or obscure language will do. Remember the Navajo code talkers? Of course you can't actually use Navajo if you're serious about getting things through. They're on to that. A better way is something like Cockney rhyming slang. This is a kind of code that evolves on a regular basis. If you haven't been hanging out in town for a few months, you no longer know the lingo. This requires agents to infiltrate your network. What? You're not a terrorist and you're not willing to go through all this trouble?

OK. I give up. Just don't use the phone, or hack up a one-time-pad system with your friends. Really though, the only solution is to hold the agency's feet to the fire somehow and actually get them to respect our rights...

Possibilities (0)

Anonymous Coward | about a year ago | (#43998737)

Carrier Pigeon
Satellite phone
U.S. postal service (they may know where you're sending, but as far as I know it's impossible to actually read the contents without altering something, so the envelope itself acts as an intrusion detector. Also - encrypt the messages using some code. Yes, anything can be broken given sufficient time and samples, but if you stop receiving letters or they are tampered with, you know the line is unsecure)

Use a land line (1)

alphaminus (1809974) | about a year ago | (#43998757)

At least they need a warrant for that.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>