Advice Goddess Blog
Home  •  Columns  •  Blog  •  Features  •  Rude People  •  Amy's Books  •  Bio/Contact  •  Private Sessions  •  Radio Show  •  Speaking Engagements

Amy Alkon

Amy Alkon


SEARCH BLOG


SEARCH AMAZON

'We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites. As an Amazon Associate I earn from qualifying purchases."

Archives



Amy on Twitter

MAIN MENU
Home
Columns
Blog
Features
Rude People
Amy's Books
Bio/Contact
Advice Goddess Radio
Private Sessions


Masthead by
Little Shiva





Goddess' Dog (Aida) aida

Lucy (1998-2013)lucy


4.37
« Previous | Home | Next »
August 12, 2019

It's The Adult, Wireless Version Of Believing In Santa And The Easter Bunny
Sadly, that would be the belief that the phone company is protecting the security, privacy and integrity of your mobile phone.

Krebs on Security writes:

If you are somehow under the impression that you -- the customer -- are in control over the security, privacy and integrity of your mobile phone service, think again. And you'd be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel.

No, a series of recent court cases and unfortunate developments highlight the sad reality that the wireless industry today has all but ceded control over this vital national resource to cybercriminals, scammers, corrupt employees and plain old corporate greed.

For example:

On Monday, the U.S. Justice Department revealed that a Pakistani man was arrested and extradited to the United States to face charges of bribing numerous AT&T call-center employees to install malicious software and unauthorized hardware as part of a scheme to fraudulently unlock cell phones.

Ars Technica reports the scam resulted in millions of phones being removed from AT&T service and/or payment plans, and that the accused allegedly paid insiders hundreds of thousands of dollars to assist in the process.

We should all probably be thankful that the defendant in this case wasn't using his considerable access to aid criminals who specialize in conducting unauthorized SIM swaps, an extraordinarily invasive form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target's phone number and diverting all texts and phone calls to the attacker's mobile device.

Late last month, a federal judge in New York rejected a request by AT&T to dismiss a $224 million lawsuit over a SIM-swapping incident that led to $24 million in stolen cryptocurrency.

Regulation? Regulation, you say?

What about the prospects of any kind of major overhaul to the privacy laws in this country that might give consumers more say over who can access their private data and what recourse they may have when companies entrusted with that information screw up?

"It's way past time we had a federal privacy bill," Sohn said. "Companies like Facebook and others are practically begging for some type of regulatory framework on consumer privacy, yet this congress can't manage to put something together. To me it's incredible we don't even have a discussion draft yet. There's not even a bill that's being discussed and debated. That is really pitiful, and the closer we get to elections, the less likely it becomes because nobody wants to do anything that upsets their corporate contributions. And, frankly, that's shameful."

In short...

"We're from the government (and the phone company) and we're here to earn a bunch of money while letting fraudsters violate the shit out of you."

Share | Comments (10)



*

Comments

"Ars Technica reports the scam resulted in millions of phones being removed from AT&T service and/or payment plans, and that the accused allegedly paid insiders hundreds of thousands of dollars to assist in the process."

Millions?

Do you know anyone who has had this happen to them?

Do you know how to tell which carrier is handling your connection?

Radwaste at August 12, 2019 1:06 AM

"Companies like Facebook and others are practically begging for some type of regulatory framework on consumer privacy, yet this congress can't manage to put something together. To me it's incredible we don't even have a discussion draft yet. There's not even a bill that's being discussed and debated. That is really pitiful, and the closer we get to elections, the less likely it becomes because nobody wants to do anything that upsets their corporate contributions. And, frankly, that's shameful."

So, Facebook and Twitter can't protect your privacy until the government tells it to?

That the Congress has no privacy bill for social media is to blame for social media's privacy woes?

The same Congress that brought Bill Gates, CEO of Microsoft, in front of it to testify about the company's alleged monopolistic practices and instead spent several hours asking him questions that should have been asked of first-level technical support?

The same Congress that be-clowned itself the last time it called social media executives in for questioning about privacy and "net neutrality" and then applied on an outdated 1930s telecommunications law to address the issue?

This is why we don't have privacy on our cell phones and social media?

This is how you end up being Venezuela. Someone says "there oughta be a law" and then there is one. And then another. And another.

What does the author of this piece think social media companies do? They aggregate information about their own users, package it, and sell it. As a social media user, you're not the customer, you're the product. Adjust your expectations accordingly.

Conan the Grammarian at August 12, 2019 5:03 AM

It is hard to believe that there are still users who don't understand that everything they do with their electronics (phone, email, social media postings, etc.) is out there in the ether and available to the world!

How one feels about this or whether or not it is "right, fair, or legal," is immaterial and irrelevant to that fact.

Jay at August 12, 2019 8:18 AM

Question: How vulnerable are non-Smartphones? Or, how likely are they to be targeted?

(Believe me, I don't use my phone to send any sensitive information - like credit card numbers.)

lenona at August 12, 2019 10:04 AM

Lenona,

In the US without a court order your phone is unlikely to be tapped. I.e. have your calls recorded or heard by a third party. Your call metadata (who you called and when) may be for sale. Your texts may be available to third parties but I don't think they would be for sale.

Ben at August 12, 2019 12:11 PM

"Question: How vulnerable are non-Smartphones? Or, how likely are they to be targeted?"

All phones in use now in the U.S., whether smart phones or old flip phones, use CDMA encoding. You can't listen to that with an ordinary shortwave receiver, the way you could with the old AMPS phones; the receiver can't decode it. However, law enforcement can get devices that emulate cell towers and can decode calls. They are supposed to get a warrant to do that, but I know of more than one instance where they didn't, and there's nothing technologically to stop them. Lawmakers and law enforcement in the U.S. these days don't have much respect for warrants in general.

Cousin Dave at August 12, 2019 12:22 PM

The Ars Technica article is about the sales of stolen American smartphones -flagship Android phones and iPhones- outside the USA.

When you report to your carrier that your phone is stolen --and provide the IMEI serical number, the carrier is supposed to lock it, effectively blocking it from accesing any mobile phone network.

That should be the end of the story. Buuuut, if you know someone who knows someone who knows someone working inside the telcos, you could get that phone unlocked -usually it involves assigning the stolen phone a different IMEI serial number- for a fee.

And this is a problem that is endemic on all mobile phone carriers.

The people who want to steal your personal info would rather let you keep your phone so they can keep on stealing moar from you.

Sixclaws at August 12, 2019 12:47 PM

Remember the 60's Film "In Like Flint?" The villain was TPC (The Phone Company).

mmmwright at August 12, 2019 6:19 PM

mpetrie, I believe the movie was The President's Analyst.

Conan the Grammarian at August 12, 2019 7:17 PM

Sorry, that was mmmwright, not mpetrie.

The President's Analyst

Conan the Grammarian at August 12, 2019 8:00 PM

Leave a comment