FBI Taps Mobile Phone Mic's for Surveillance

U.S. District Judge Lewis Kaplan issued an opinion on the use of "roving bugs" for criminal investigations, confirming suspicions that the FBI was employing the technique of listening to nearby conversations via a suspect's cell phone mic.

Judge Kaplan stated that he believed that current U.S. wiretapping laws were broad enough to include the practice of eavesdropping by enabling the microphone in a mobile device even when the device was not being used.

According to an article in Cnet:

The U.S. Commerce Department's security office warns that "a cellular telephone can be turned into a microphone and transmitter for the purpose of listening to conversations in the vicinity of the phone."

An article in the Financial Times last year said mobile providers can "remotely install a piece of software on to any handset, without the owner's knowledge, which will activate the microphone even when its owner is not making a call."

The opinion issued by Judge Kaplan was in regards to several active investigations of organized crime activities, but the use of "roving bugs" is not limited to those cases.

The only way to prevent audio monitoring via a mobile phone is to remove the battery, as the microphones in some units can be activated even when the device is powered down.

Exactly how the "roving bug" technique is employed is still unclear, and experts disagree on whether the microphone is enabled remotely or by way of physical tampering, according to the Cnet article:

Court documents, including an affidavit (p1) and (p2) prepared by Assistant U.S. Attorney Jonathan Kolodner in September 2003, refer to them as a "listening device placed in the cellular telephone." That phrase could refer to software or hardware.

If the microphone on the cell phone of a criminal suspect can be activated remotely, then it is more than likely they can be enabled on any cell phone, and not necessarily by law enforcement officials.

Security and due diligence expert Greg George of GTI Advisors believes the microphones can indeed be enabled remotely, and has long warned that executives should remove the battery from their mobile devices when in meetings where sensitive and confidential details are discussed.

"The first recommendation I make to anyone about to discuss sensitive information, remove the battery from your cell phone at every meeting, or leave the damn phone in the car – The protections you think you have doesn’t matter, anything, ANYTHING wireless, can be hacked and monitored, and quite easily," says George.

via Infosec Island