Your phone got hacked by a ‘Nosey Smurf’.
Not so long ago, iPhone users all over the world were exposed to a bug able to shut down their phone by one simple text message. I too received such a message as a prank, but did not consider the security implications that come with phones reaction on text commands. Later this year an android vulnerability “Stagefright” came to light, allowing hackers access full access to every Android phone with just a phone number. Luckily both bugs have been fixed by the companies right after, but the security risk remains. There is no guarantee every bug has been revealed instead of being exploited by hobbyists, hackers, or governments.
The latter is now expected to be the case. Edward Snowden explains in an interview by the BBC how UK intelligence agency GCHQ is able to control your phone by text messages, completely hidden from the knowledge of the owner. It does so by sending an encrypted text message to gain access.
Snowden talks about a “Smurf Suite”, a collection of phone control tools of GCHQ named after various smurfs. “Dreamy Smurf” is able to shut down and boot up the phone, “Nosey Smurf” can turn on your microphone and listen to your conversations, and “Tracker Smurf” is a tool able to track your geo-location with greater precision than normal triangulation of cellphone towers. And they can do even more, like taking pictures without your knowing, viewing your mails, texts and browsing history, and even
Snowden explains how NSA is understood to have a similar program, and are suspected of providing the technology. “GCHQ is to all intents and purposes a subsidiary of the NSA.” he tells the BBC, where GCHQ receives tasking and directions to go after. These projects are aimed to catch suspected involvement in terrorism, pedophilia or other serious crimes, but in order to do so, they have to collect mass data. Your data.
Snowden makes a valid point by stating you don’t own your phone, but “whoever controls the software owns the phone”. We see this increasing risk in software and privacy issues, and users are becoming more aware of this. The Windows 10 release has been highly critiqued by its security statement and Europe’s highest court just rejected the ‘safe harbor’ agreement after Max Schrems started a case against Facebook. It is clear that the battle for privacy has just begun.