cell-phones – Page 2 – WindowsTechs.com

Large-Scale Collection of Cell Phone Data at US Borders

Posted on September 19, 2022 by Bruce Schneier

The Washington Post is reporting that the US Customs and Border Protection agency is seizing and copying cell phone, tablet, and computer data from “as many as” 10,000 phones per year, including an unspecified number of American citizens. This is done without a warrant, because “…courts have long granted an exception to border authorities, allowing them to search people’s devices without a warrant or suspicion of a crime.”

CBP’s inspection of people’s phones, laptops, tablets and other electronic devices as they enter the country has long been a controversial practice that the agency has defended as a low-impact way to pursue possible security threats and determine an individual’s “intentions upon entry” into the U.S. But the revelation that thousands of agents have access to a searchable database without public oversight is a new development in what privacy advocates and some lawmakers warn could be an infringement of Americans’ Fourth Amendment rights against unreasonable searches and seizures…

Continue reading Large-Scale Collection of Cell Phone Data at US Borders→

Signal Phone Numbers Exposed in Twilio Hack

Posted on August 23, 2022 by Bruce Schneier

Twilio was hacked earlier this month, and the phone numbers of 1,900 Signal users were exposed:

Here’s what our users need to know:

All users can rest assured that their message history, contact lists, profile information, whom they’d blocked, and other personal data remain private and secure and were not affected.

For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. This attack has since been shut down by Twilio. 1,900 users is a very small percentage of Signal’s total users, meaning that most were not affected…

Continue reading Signal Phone Numbers Exposed in Twilio Hack→

China’s Olympics App Is Horribly Insecure

Posted on January 21, 2022 by Bruce Schneier

China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes.

Key Findings:

MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. Server responses can also be spoofed, allowing an attacker to display fake instructions to users.
…

Continue reading China’s Olympics App Is Horribly Insecure→

Law Enforcement Access to Chat Data and Metadata

Posted on December 10, 2021 by Bruce Schneier

A January 2021 FBI document outlines what types of data and metadata can be lawfully obtained by the FBI from messaging apps. Rolling Stone broke the story and it’s been written about elsewhere.

I don’t see a lot of surprises in the document. Lots of apps leak all sorts of metadata: iMessage and WhatsApp seem to be the worst. Signal protects the most metadata. End-to-end encrypted message content can be available if the user uploads it to an unencrypted backup server.

EDITED TO ADD (12/13): Here’s a more legible copy of the text.

… Continue reading Law Enforcement Access to Chat Data and Metadata→

Isracard used a single cell phone to communicate with credit card clients, and receive documents via WhatsApp. An employee stole the phone. He reformatted the phone and replaced the SIM card, which was oddly the best possible outcome, given the circums… Continue reading Security Risks of Relying on a Single Smartphone→

Details of the Recent T-Mobile Breach

Posted on August 27, 2021 by Bruce Schneier

Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security.
I’ve lost count of how many times T-Mobile has been hacked.
Continue reading Details of the Recent T-Mobile Breach→

Commercial Location Data Used to Out Priest

Posted on July 23, 2021 by Bruce Schneier

A Catholic priest was outed through commercially available surveillance data. Vice has a good analysis:

The news starkly demonstrates not only the inherent power of location data, but how the chance to wield that power has trickled down from corporations and intelligence agencies to essentially any sort of disgruntled, unscrupulous, or dangerous individual. A growing market of data brokers that collect and sell data from countless apps has made it so that anyone with a bit of cash and effort can figure out which phone in a so-called anonymized dataset belongs to a target, and abuse that information…

Continue reading Commercial Location Data Used to Out Priest→

Analysis of the FBI’s Anom Phone

Posted on July 12, 2021 by Bruce Schneier

Motherboard got its hands on one of those Anom phones that were really FBI honeypots.
The details are interesting.
Continue reading Analysis of the FBI’s Anom Phone→

Category Archives: cell-phones