Your Phone May Be Smart But It’s Not Safe

While you have already guessed that your phone calls and e-mails are not free from the NSA’s prying eyes, it doesn’t stop there. The German newspaper Der Spiegel has broken a story that many other features on your iPhones, BlackBerry and Android devices are not secure. The story states:

In the internal documents, experts boast about successful access to iPhone data in instances where the NSA is able to infiltrate the computer a person uses to sync their iPhone. Mini-programs, so-called “scripts,” then enable additional access to at least 38 iPhone features.

The documents suggest the intelligence specialists have also had similar success in hacking into BlackBerrys. A 2009 NSA document states that it can “see and read SMS traffic.” It also notes there was a period in 2009 when the NSA was temporarily unable to access BlackBerry devices. After the Canadian company acquired another firm the same year, it changed the way in compresses its data. But in March 2010, the department responsible at Britain’s GCHQ intelligence agency declared in a top secret document it had regained access to BlackBerry data and celebrated with the word, “champagne!”

The documents also state that the NSA has succeeded in accessing the BlackBerry mail system, which is known to be very secure. This could mark a huge setback for the company, which has always claimed that its mail system is uncrackable.

Some of the data which can be collected from your smart phone “includes contacts, call lists, SMS traffic, notes and location information.” A report coming out of CNET provides even more disturbing details about the scope of the hacking scandal:

The allegations emerge on the heels of a report last week that the NSA had created a program to circumvent encryption intended to protect digital communications. The agency bypassed common Internet encryption methods in a number of ways, including hacking into the servers of private companies to steal encryption keys, collaborating with tech companies to build in back doors, and covertly introducing weaknesses into encryption standards, according to the New York Times.

Earlier reports have indicated that the NSA has the ability to record nearly all domestic and international phone calls — in case an analyst needed to access the recordings in the future. AWired magazine article last year disclosed that the NSA has established “listening posts” that allow the agency to collect and sift through billions of phone calls.

All this stands as a reminder that if you think any of your electronic devises are secure, you are probably wrong. If you are relying on the belief that you have taken adequate measures (or that adequate measures even exist) to protect your electronically stored information (ESI), you are probably wrong. I can make that statement with the utmost confidence. Why? Because a country with the resources of Russia has given up the idea that any ESI is truly secure. Accordingly, to keep their very top secrets safe, the Russians have placed an order for typewriters.

The lesson to be learned is that if you have extremely sensitive client information, low tech may be the only safe option and that taking smart phone security for granted can only be called dumb.