We are free if we opt out of an endless regime of upgrades. Make the choice today to opt-out. I am not saying don't use and don't exploit the brilliance of mobile telephony, wi-fi, iphones and ipads and the Internet... I am talking about keeping oneself in check. Our feet are on the ground but sometimes we act as if we live in the Clouds. #getreal

Now, you can chat with Barbie®!
Using WiFi and speech recognition technology, Hello Barbie™ doll can interact uniquely with each child by holding conversations, playing games, sharing stories and even telling jokes!
It's a whole new way to interact with Barbie®.
She's ready to discuss anything in an outfit that blends trendy and techie for a cool look.
Use is simple after set up -- push the doll's belt buckle to start a conversation, and release to hear her respond.
More than 8,000 lines of recorded content means countless hours of fun!
Just like a real friend, Hello Barbie™ doll listens and remembers the user's likes and dislikes, giving everyone their own unique experience.
To get started, download the Hello Barbie™ companion app to your own smart device from your device's app store (not included). 
Parents must also set up a ToyTalk account and connect the doll to use the conversational features.
Hello Barbie™ doll can remember up to three different WiFi locations and does not require a smart device after WiFi configuration.
More here

More here

Micro-chip implants for making payments and locking doors are the next frontier, but are the pitfalls worth it?

Amal Graafstra holding a large hypodermic needle - the kind needed to inject an RFID chip into your hand. Photo: Supplied

Most tech-heads like to tinker with the inner workings of iPhones or clapped out VCRs.

But Amal Graafstra is different. For the last 10 years, he's been busy hacking into his own body.

His US company Dangerous Things specialises in manufacturing rice grain-sized computer chips designed to be implanted inside the delicate webbing between the thumb and forefinger.

[Dangerous Things founder Amal Graafstra has an RFID chip implanted in each hand.]

Dangerous Things founder Amal Graafstra has an RFID chip implanted in each hand. Photo: Supplied

"Getting an ear piercing is many times more risky," he says, reassuringly.

The bionic-grade glass chips use radio-frequency identification (RFID) to control electronic objects with the swipe of a hand - from the lock on a front door to a car ignition or a personal computer.

It's the same kind of technology used in pet ID tags; by itself, the chip doesn't do much, but when it comes into close contact with a "reader" device, it will transmit information that can then trigger commands.

[The bionic glass chips are about the size of a grain of rice.]

The bionic glass chips are about the size of a grain of rice. Photo: Supplied

The chips only cost $US99 a pop, and while their core market is a handful of dedicated geeks - including a few in Australia - Graafstra says he's increasingly noticing a new kind of customer.

"What is becoming clear is there are more individuals purchasing the chips who have less knowledge about the technology," he says.

"They're into gadgets and they're geeky but they're not necessarily building their own stuff, so the type of customer is expanding slowly."

[NFC chips are increasingly used for instant payment methods, including via smartphones.]

NFC chips are increasingly used for instant payment methods, including via smartphones. Photo: Visa

RFID chips are becoming more common elsewhere, too.

The most well-known standard of RFID is near-field communication (NFC), increasingly used in instant, digital payment transactions, which facilitate credit card payments in a matter of seconds with a simple tap.

Visa this week announced a partnership with the University of Technology Sydney to develop new wearable technologies.

Alongside the announcement came a sensational figure from its own research, purporting to show that a quarter of Australians were "at least slightly interested" in having an NFC chip implanted in their skin for payments.

Visa and UTS have since clarified they were not actively developing implant technologies themselves, but the alarm bells are already ringing.

Social futurist Mal Fletcher, who heads up the London-based think tank 2020 Plus, responded with an Op Ed warning of the potential pitfalls of "subcutaneous spending devices".

These included bodily hacking; mass surveillance from commercial parties collecting our personal data; rising instances of "digital debt" thanks to the abolition of physical money and its tangible value associations; links between implants and cancer; and even the potential to cause early-onset dementia.

Fletcher insists he's not an alarmist - just cautious.

"We have to look at not just where technology is now but the principle behind it," he says.

"I'm not trying to make payments companies into the bogyman," he says. But he points out that it is in their interests to lead the push towards a cashless society, where ease of transactions and detachment from money encourage impulse spending - and everyone's spending habits are dutifully logged.

Graafstra counters that chip implants are not too far removed from where we are today, where day-to-day living depends on the binary transactions of bank cards, swipe cards and serial numbers - all traceable back to our ID.

"We're already in a position where we have no real control over our digital assets," he says.

At least chip implants can eliminate the stress of being mugged - or can they?

The threat of hacking RFID chips is real, says Linus Information Security Solutions director Mike Thompson, and the upsides may not be worth it.

The assumption that NFC chips can only be read at very short distances is misplaced, he says, citing "plenty of examples" where people have accessed them over distances of several metres using specialised antennas.

These security flaws can be mitigated with the addition of passcodes or PINs - which can be added to smartphones or wearables, but not to the palm of your hand (yet).

An aluminium shield also works; for instance, a special aluminium wallet to protect your NFC-enabled credit card from would-be hackers.

Thompson is sceptical of the advantages of embedding chips into one's body over, say, clothing or other wearable devices.

"Is opening a door automatically when you are naked that important?"

 Source: dangerousthings.com

Source: dangerousthings.com

Thanks KP and KMA

Source: http://www.kauppalehti.fi/uutiset/maailman-ensimmainen-rahansiirto-ihmiseen-tehdaan-suomessa/3zPgTZRy

 

Tulevaisuudessa käteen voi syöttää vaikkapa bussikortin, passin, ajokortin, avaimet ja luottokortin.

Myymälä 2015 -tapahtumassa on luvassa huomenna historian havinaa, kun Bittiraha.fi:n toimitusjohtaja Henry Brade lähettää matkapuhelimella rahaa Digital Health Solutionsintoimitusjohtajan Pekko Vehviläisen käteen. Kyseessä on ensimmäinen kerta maailmassa, kun ihmisessä olevaan mikrosiruun siirretään rahaa.

Vehviläisen käteen joulukuussa asennettuun mikrosiruun on tallennettu hänen bitcoin-lompakkonsa tiedot.

Maksuteknologia perustuu BitPay-yrityksen teknologiaan ja palveluun, jota Suomessa edustaa Bitcoinkaupat.com. Maksamiseen soveltuvan teknologian toimittaa Bittiraha.fi.

Mihin käsirahaa ja käsisiruja sitten tarvitaan?

Vehviläinen muistuttaa, että lemmikeillä on ollut tunnistesiruja ihon alla jo parikymmentä vuotta.

”Tämä on muistisiru, johon voi kirjoittaa tai lähettää dataa, kuten tässä tapauksessa nfc-teknologialla. Tulevaisuudessa käteen voi periaatteessa syöttää vaikkapa bussikortin, passin, ajokortin, avaimet ja vaikka luottokortin”, hän visioi.

”Sirun käyttö yleistynee vasta kymmenen vuoden kuluttua, mutta olisi todella mielenkiintoista testata sirua jo nyt esimerkiksi juuri bussiliikenteessä.”

Vehviläinen muistuttaa, että kyse on myös turvallisuudesta: biohakkerointi yleistyy ja toisaalta kädessä oleva virtuaalilompakko kulkee aina mukana. Siitä ei käyttäjän huomaamatta voi viedä rahaa tai tietoja.

Vielä Vehviläinen ei voi käyttää kättään maksamiseen, mutta sirulle voi jo lähettää rahaa ja sitä voi käyttää netin kautta.

”Yhdysvalloissa Dangerous Thingsin perustaja säilöö sirussa kotiavaimiaan ja avaa kädellään myös tietokoneen. Noin tuhannella ihmisellä on tiettävästi siruja, ja valtaosa heistä käyttää sitä esimerkiksi juuri avaimina”, Vehviläinen kertoo.

”Muu käyttö on lähinnä jonkun sovelluksen avaamista matkapuhelimessa. Kun kosketat kättä, haluttu sovellus matkapuhelimessa aukeaa. Näin voi helposti esimerkiksi soittaa tiettyyn numeroon. Kun autossa koskettaa telineessä olevaa matkapuhelinta, soitto käynnistyy ja puhut suoraan hands-freehen.”

Siru on noin 12 millimetriä pitkä, kaksi millimetriä paksu ja se maksaa noin sata dollaria.

”Asennus tuntui pieneltä nipistykseltä eikä siru ole haitannut mitenkään edes kamppailulajien harrastusta”, Vehviläinen kertoo.

 

ENGLISH translated version using Google translate:

In the future, the hand can enter, say, a bus card, passport, driving license, keys and credit card.

Shop 2015 event will be like tomorrow of history, when Bittiraha.fi:n CEO Henry Brade to send money to a mobile phone Digital Healthcare Solutions' CEO Pekko Vehviläinen hand. This is the first time in the world, the man the money is transferred to the microchip.

Vehviläinen hand in December installed on the microchip is stored in his bitcoin-wallet information.

Payment technology is based on BitPay company in technology and service, which is represented in Finland Bitcoinkaupat.com. The payment of appropriate technology to provide Bittiraha.fi.

What is a down payment and then hand the chips are needed?

Vehviläinen points out that pets have been identified chips under the skin for twenty years.

"This is a memory chip, which you can write or send data, such as in this case, the NFC technology. In the future, the hand can, in principle, to enter, say, a bus card, passport, driving license, keys, and even if the credit card, "he says.

"The use of the chip set to spread only after ten years, but it would be really interesting to test the chip already, for example, just a bus in traffic."

Vehviläinen points out that it is also about safety: Biohacking widespread and on the other hand, the virtual wallet is always with you. It is not the user noticing can take money or information.

Vehviläinen still can not be used for payment of his hand, but the chip may send money already and can be used via the internet.

"Dangerous Things in the United States the founder of storing chip kotiavaimiaan and opens his hand to the computer. Around a thousand people have reportedly chips, and the majority of them use it, for example, just as the keys ", she says.

"Any other use is essentially any application for opening mobile phone. When you touch the hand, the desired application from the mobile phone is opened. Thus, for example, can easily call a specific number. When the car touches the rack of the mobile phone, the call will start and you're talking directly to the hands-freehen. "

The chip is about 12 mm long, two millimeters thick, and it costs about a hundred dollars.

"The installation seemed small and pinches the chip is not hindered in any way, even martial arts hobby", she says.

“From the privacy perspective, we are of course pleased to see Google drop this product,” Marc Rotenberg, president of the Electronic Privacy Information Center, wrote in an email. “And it is a very big deal when Google backs down, particularly after its big push.”

He continued: “But it is also speaks to a larger issue in tech design about privacy. Eyeglass-mounted web display and phone for those who wanted it? Not really a problem. Surveillance and recording of those around the user? Yeah, that’s a problem.”

More here

More here

"The technology titan is putting brakes on an "explorer" program that let people interested in dabbling with Glass buy eyewear for $1,500 apiece.

"Glass was in its infancy, and you took those very first steps and taught us how to walk," the team said of its "explorer" clients in a post on the Google+ social network.

"Well, we still have some work to do, but now we're ready to put on our big kid shoes and learn how to run."

The last day to buy Glass as part of the Explorer program will be Monday and Google did not indicate when a general consumer version of the eyewear might debut.

"Google Glass hasn't truly been released as a product yet -- it's been in long-term beta for over two years," said Forrester analyst J.P. Gownder.

"This organizational move will help to clarify the go to market strategy for both consumer and for enterprise customers."

The Glass test, or beta, program was later expanded to Britain.

During the Explorer testing phase, developers are creating apps for Google Glass, which can range from getting weather reports to sharing videos to playing games.

Glass connects to the Internet using Wi-Fi hot spots or, more typically, by being wirelessly tethered to mobile phones. Pictures or video may be shared through the Google+ social network.

- Outgrown the lab -

"As we look to the road ahead, we realize that we've outgrown the lab and so we're officially graduating from Google X to be our own team," the Glass post said.

"We're thrilled to be moving even more from concept to reality."

Instead of being part of the Google X lab working on innovations such as self-driving cars, the Glass team will become a separate unit answering to Tony Fadell, co-founder of Nest.

Google bought the smart thermostat maker early last year in a multi-billion-dollar deal and brought the former Apple executive on board in the process.

Google has announced alliances with the frame giant behind Ray-Ban and other high-end brands to create and sell Glass eyewear in the United States.

A partnership with Luxottica was portrayed as Google's "biggest step yet into the emerging smart eyewear market."

Luxottica brands include Oakley, Alain Mikli, Ray-Ban and Vogue-Eyewear.

The first smart glasses by Luxottica for Google Glass will go on sale this year, the Italian eyewear group has forecast.

Google has been working to burnish the image of Glass, which has triggered concerns about privacy since the devices are capable of capturing pictures and video.

Forrester data shows that while 43 percent of consumers are interested in Glass, even more have worries about privacy problems caused by the eyewear.

"Google needs to construct a consumer image for the product, and deal with privacy concerns if they want it to be mass market," Gownder said.

  Rebecca Kay:   "You don't understand the pressure cooker we're in and the interference that the AFP and ASIO have, and the fear that they create, and how they stalk – and I can say stalk with confidence – members of our community and instil fear in their families and ostracise them from their workplace and the people they know, so they become paranoid and they don't interact with anyone."    

Rebecca Kay: "You don't understand the pressure cooker we're in and the interference that the AFP and ASIO have, and the fear that they create, and how they stalk – and I can say stalk with confidence – members of our community and instil fear in their families and ostracise them from their workplace and the people they know, so they become paranoid and they don't interact with anyone."

 

About 2pm on Monday, December 15, Rebecca Kay took a phone call from NSW Police Counter-Terrorism.

The officer wondered if she could help police find an Islamic State flag. This was one of the demands of Man Haron Monis, the gunman holding 18 hostages at the Lindt cafe in Martin Place.

”And if they give him a flag he was going to exchange it for a hostage,” says Ms Kay, a convert to Islam who has become a prominent community member in western Sydney.
A variant of the IS flag.

A variant of the IS flag.

Ms Kay was one of several people contacted that afternoon, and she was only too willing to help.

”A lot of people in the Muslim community were devastated,” she says. “We were ready to jump – ‘just say how high’ – to help police prevent a tragedy.”

Ms Kay believes she called as many as 50 people, but finding an IS flag – or anyone willing to admit they had one – proved no easy task.

And soon her contacts started asking: “Are we being set up?”

”They were very suspicious,” she says. “Some accused me of being an informant.”

But she counselled that they should try to help.

And the officer kept calling back, “three or four times over the next hour to see if I had got an Islamic State flag or not. There was a sense of urgency that I get it and that I take it down to Bankstown police station, and they were going to put it in a patrol car, with the lights [flashing], and bring it to the city.”

Monis’s hostages recited his demands on Facebook and YouTube, as police worked to have them taken down. Hostage Julie Taylor, a barrister, said he would free five hostages if Prime Minister Tony Abbott called him to record a short conversation to be played on air. He would release two if the politicians told “the truth, which is that this is an attack by Islamic State against Australia”. And he would allow one to go if the flag were delivered.
In the end, Ms Kay says, police sourced their own flag. But then they told her it had been decided there would be no trade with Monis in any case.

By now she had burnt many bridges in her own community.

It got worse. About 2am the next morning – about the time of the deadly final shootout inside the Lindt cafe – NSW police searched the western Sydney home of one of the young men she had contacted. He had considered handing over his flag to Ms Kay but then thought, no, it was a trap.

”And so he then believed I did try to set him up,” she says.

The next morning, she was told, the Australian Federal Police raided the homes of another two men who had been contacted during the community’s urgent attempt to help save hostages.

“Obviously, they were listening to all our phone calls,” Ms Kay says.

“I want to be able to have dealings with police … but when it gets thrown back in your face, it sets us back two steps.”

Lawyer Zali Burrows, who represents some of the people who tried to help police, wonders: “Why didn’t they just print one out.” A laser printer could have produced the flag on cloth and they could have delivered it in half an hour, she says.

Lydia Shelly, a solicitor from the Muslim Legal Network, says: “Our overriding concern was with the safety of those innocent Australians being held against their will.”

Police would not respond to questions about the flag or whether they intended to allow Monis to display it to the world’s televisions and risk him winning the support of other extremists.

Ms Kay says there is nothing sinister about the flag that Islamic State has misappropriated. It depicts the prophet’s seal and “it’s a flag that Muslims should have. It’s not our fault that these barbarians have taken it as their flag.”

She says she would want to help police in another such crisis, but: “They’re not building trust. With this incident they have not built trust at all.

”You don’t understand the pressure cooker we’re in and the interference that the AFP and ASIO have, and the fear that they create, and how they stalk – and I can say stalk with confidence – members of our community and instil fear in their families and ostracise them from their workplace and the people they know, so they become paranoid and they don’t interact with anyone.”

”This is the kind of norm they’ve created here, where no one trusts anyone anymore.”
Source: http://www.theage.com.au/national/sydney-s...

What an impressive suite of services BMW drivers can enjoy with their new car! Imagine the data being collected by private car companies today and wait till the IOT makes all of this data collection standardised through related ITS policies. BMW's suite of apps include:

1. BMW ConnectedDrive basic features

a. ConnectedDrive Services (SA6AK)

b. Intelligent Emergency Call (SA6AC)

c. BMW TeleServices (SA6AE)

2. Real Time Traffic Information (SA6AM)

3. Remote Services (SA6AP)

4. Concierge Services (SA6AN)

5. Internet (SA6AR)

6. Online Entertainment (SA6FV)

More here.

Thanks for the link KMA.

An article from the Journal of Exercise Rehabilitation. Definitely worth a look if you feel you are addicted to your device.

Full citation is: Hyunna Kim* (2013), "Exercise rehabilitation for smartphone addiction", J Exerc Rehabil. Dec, 9(6): pp. 500–505. Published online Dec 31, doi:  10.12965/jer.130080 PMCID: PMC3884868

"Internet addiction after launching smartphone is becoming serious. Therefore this paper has attempted to sketch out the diverse addiction treatment and then check the feasibility of exercise rehabilitation. The reason to addict the internet or smartphone is personalized individual characters related personal psychological and emotional factors and social environmental factors around them. We have shown that 2 discernible approaches due to 2 different addiction causes: that is behavioral treatment and complementary treatment. In the behavioral treatment, cognitive behavioral approach (CBT) is representative methods for changing additive thoughts and behaviors. Motivational interviewing (MI) is also the brief approach for persons not ready to change their behavior. Mindfulness behavioral cognitive treatment (MBCT) also the adapted treatment based on CBT. There are different types following the emphatic point, mindfulness-based relapse prevention (MBRP) or mindfulness oriented recovery enhancement (MORE). It is apparent that therapeutic recreation, music therapy using drumming activity, and art therapy are useful complementary treatment. Exercise rehabilitation contained the systematic procedures and comprehensive activities compared to previous addiction treatments by contents and techniques. Exercise rehabilitation can treat both physical symptoms at first and mental problems in the next step. So more evidence-based exercise rehabilitation researches need to do, but it is highly probable that exercise rehab can apply for smartphone addiction.
Keywords: Smartphone addiction, Exercise rehabilitation, Cognitive behavioral therapy, Complementary treatment"

Now worth comparing the claims made by Michael and Michael in their research about a new 'breed' of Obsessive Compulsive Disorders (OCD) that will need to be defined with respect to new emerging technologies acting as triggers toward these behaviours. See for instance this media article in the Illawarra Mercury summarising the concerns.

 

 

Thanks for the link KMA.

"Ladies and gents, put down your technology and have more sex.
That's the advice from a team of scientists who found people are becoming so enveloped by their phone and tablets that their love lives are being put on the back burner. 
So if you are one of those reading this on your smartphone in bed, a glance across the sheets is likely to reveal your partner is engrossed in theirs too.
The researchers discovered 70 per cent of women said smartphones were interfering in their romantic relationship. 
The study said technology and the screens that consume us are creating 'technoference' in couples."

More here

Compare to declining birth rate in Japan in this article here. Could there be a link?

"Various reasons have been cited for the population decline, including:
  • The rising cost of childbirth and child-raising
  • The increasing number of women in the workforce
  • The later average age of marriage
  • The increasing number of unmarried people
  • Changes in the housing environment and in social customs."
German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available.

The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.

The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.

Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say.

These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into cellular networks in the United States, Europe or anywhere else.

“It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers.

Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs, separately discovered these security weaknesses as they studied SS7 networks in recent months, after The Washington Post reported the widespread marketing of surveillance systems that use SS7 networks to locate callers anywhere in the world. The Post reported that dozens of nations had bought such systems to track surveillance targets and that skilled hackers or criminals could do the same using functions built into SS7. (The term is short for Signaling System 7 and replaced previous networks called SS6, SS5, etc.)

The researchers did not find evidence that their latest discoveries, which allow for the interception of calls and texts, have been marketed to governments on a widespread basis. But vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the National Security Agency or Britain’s GCHQ, but not revealed to the public.

“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

The GSMA, a global cellular industry group based in London, did not respond to queries seeking comment about the vulnerabilities that Nohl and Engel have found. For the Post’s article in August on location tracking systems that use SS7, GSMA officials acknowledged problems with the network and said it was due to be replaced over the next decade because of a growing list of security and technical issues.

The German researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a cell phone’s “forwarding” function — a service offered by many carriers. Hackers would redirect calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.

The second technique requires physical proximity but could be deployed on a much wider scale. Hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area. For calls or texts transmitted using strong encryption, such as is commonly used for advanced 3G connections, hackers could request through SS7 that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.

Nohl on Wednesday demonstrated the ability to collect and decrypt a text message using the phone of a German senator, who cooperated in the experiment. But Nohl said the process could be automated to allow massive decryption of calls and texts collected across an entire city or a large section of a country, using multiple antennas.

“It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network… Any network we have tested, it works.”

Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major U.S. carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional cellular text systems and likely would defeat the technique described by Nohl and Engel.)
In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.”

The issue of cell phone interception is particularly sensitive in Germany because of news reports last year, based on documents provided by former NSA contractor Edward Snowden, that a phone belonging to Chancellor Angela Merkel was the subject of NSA surveillance. The techniques of that surveillance have not become public, though Nohl said that the SS7 hacking method that he and Engel discovered is one of several possibilities.

U.S. embassies and consulates in dozens of foreign cities, including Berlin, are outfitted with antennas for collecting cellular signals, according to reports by German magazine Der Spiegel, based on documents released by Snowden. Many cell phone conversations worldwide happen with either no encryption or weak encryption.

The move to 3G networks offers far better encryption and the prospect of private communications, but the hacking techniques revealed by Nohl and Engel undermine that possibility. Carriers can potentially guard their networks against efforts by hackers to collect encryption keys, but it’s unclear how many have done so. One network that operates in Germany, Vodafone, recently began blocking such requests after Nohl reported the problem to the company two weeks ago.

Nohl and Engel also have discovered new ways to track the locations of cell phone users through SS7. The Post story, in August, reported that several companies were offering governments worldwide the ability to find virtually any cell phone user, virtually anywhere in the world, by learning the location of their cell phones through an SS7 function called an “Any Time Interrogation” query.

Some carriers block such requests, and several began doing so after the Post’s report. But the researchers in recent months have found several other techniques that hackers could use to find the locations of callers by using different SS7 queries. All networks must track their customers in order to route calls to the nearest cellular towers, but they are not required to share that information with other networks or foreign governments.

Carriers everywhere must turn over location information and allow eavesdropping of calls when ordered to by government officials in whatever country they are operating in. But the techniques discovered by Nohl and Engel offer the possibility of much broader collection of caller locations and conversations, by anyone with access to SS7 and the required technical skills to send the appropriate queries.

“I doubt we are the first ones in the world who realize how open the SS7 network is,” Engel said.

Secretly eavesdropping on calls and texts would violate laws in many countries, including the United States, except when done with explicit court or other government authorization. Such restrictions likely do little to deter criminals or foreign spies, say surveillance experts, who say that embassies based in Washington likely collect cellular signals.

The researchers also found that it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices. The calls transmit a temporary identification number which, by sending SS7 queries, can lead to the discovery of the phone number. That allows location tracking within a certain area, such as near government buildings.

The German senator who cooperated in Nohl’s demonstration of the technology, Thomas Jarzombek of Merkel’s Christian Democratic Union party, said that while many in that nation have been deeply angered by revelations about NSA spying, few are surprised that such intrusions are possible.

“After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line” phone.
Source: http://www.washingtonpost.com/blogs/the-sw...