A story in the Grauniad about the ability of the authorities to monitor cell phones even when switched off has been traveling the blogosphere and picked up by Michael Totten and since he's sitting in for the Instapundit it appears there too.
The main means of tracking terrorist suspects down has been the monitoring of mobile phone conversations. Not only can operators pinpoint users to within yards of their location by "triangulating" the signals from three base stations, but - according to a report in the Financial Times - the operators (under instructions from the authorities) can remotely install software onto a handset to activate the microphone even when the user is not making a call.
I'm sorry to pour water and scorn over this but the bolded bit is almost certainly untrue, easy to detect if true, and the sort of thing that could be spread purely to try and get suspects to avoid using cell phones. Given the first statement's sweepingness I'm tempted to go for deliberate misinformation because that statement is not completely true.
As for the triangulation claim, in a non-CDMA environment, i.e. any one using a digital handset outside of Japan, Korea or the US, that statement is true only under certain circumstances so long as you define "yards" as less than about 100 because the triangulation only really works for CDMA. GSM cell phones (as used by about 80% of all mobile subscribers in the world) can be tracked between cells and in urban areas cells can be spread as close as 100-200 yard apart, but while you can identify which base station the subscriber/suspect is using that is about it. Handover protocols will hint as to which other base station it is also near in other words roughly which direction from the current base station and some vague estimate of signal strength but not much more, hence the ~100 yards measure. It won't do any more because much of the choice to roam from one base station to the next is performed at the handset not at the base station and until a handset requests to join a new base station the process is in fact mostly passive to the new base station. Even if the precise power levels were available detailed tiangulation is tricky under typical urban conditions because buildings tend to reflect and refract radio waves and thus modify coverage in unexpected ways. If it were easy we wouldn't see software like this or the requirement for drive testing solutions.
However the second bolded statement really fails the smell test.
Firstly if it were possible to easily download such software on to arbitrary cell phones then I have absolutely no doubt that some virus writer/hacker somewhere would have tried it. It probably wouldn't have worked reliably the first few times so the result would have been a lot of cell phones that crashed with "corrupted" code. We haven't seen this so I doubt strongly that the capability is possible. I'm not even going to get into the problem of what code image you would download. Recall that there are about a dozen different GSM vendors and each vendor releases numerous new phone models each year. I'm going to guess that in any cell phone network today at least 100 different phone types are present and quite possibly it is going to be many times that. In order to identify a cell phone's type you need to do quite a bit of cross referencing of ID numbers and since phone software for one model won't work for another you have to have created in advance the hacked software for the target phone. Creating 100+ different images and making them available for download is a code management nightmare and would be highly prone to error resulting in your suspect suddenly finding that his phone keeps on crashing.
Secondly there is the ease of detection by the subscriber/suspect. Assuming that you get past the wrong code issue there will be a lot of hints that this is happening. For example if your phone suddenly starts needing to be recharged every eight hours instead of every week then that would be a hint that it is powered on. Another hint would be if you were always able to make a call but many of your associates found that when they were near you they couldn't. This would be because in oirder to monitor your cell phone a voice timeslot needs to be reserved for it and there are only a limited number of those available in a cell. Again this is a GSM only "feature" but it is a known problem - for example at one point the original UK networks (O2 and Vodafone) were notorious for "network busy" errors when subscribers were in the centre of London because there were too many people subscribed to thise networks and trying to make calls.
I rest my case. Save your paranoia for other areas such as Cisco routers which definitely can be hacked to eavesdrop on passing traffic.
I despise l'Escroc and Vile
Pin