Unsurprisingly, it’s not just the NSA that can hack iPhones and other mobile devices in order to retrieve data that may be relevant to an investigation. New documentation provided to The Guardian by former NSA contractor turned whistleblower Edward Snowden shows that the British GCHQ agency is also rather skilled in the art of remotely obtaining data from iOS devices and Android smartphones.
Interestingly enough, the mobile surveillance operation, which is described in slides from a presentation dating back to late May 2010, reveal that GCHQ has relied on the popular TV show The Smurfs to come up with codenames for the various spying apps that can be run on the iPhone and Android devices. Dreamy Smurf describes a way of stealthily activating a phone that’s turned off, Nosey Smurf would turn on the microphone, Tracker Smurf would geolocate a device, while Paranoid Smurf would take care of all the other Smurfs, making sure the spying tools aren’t discovered by the user. A Porus program would also deal with securing the spy software, by providing undisclosed “kernel stealth” features.
In addition to these capable Smurfs, the presentation said GCHQ could basically retrieve any file from an iPhone, including “SMS, MMS, e-mails, web history, call records, videos, photos, address book, notes, calendar,” concluding that “if [something] is on the phone, we can get it.”
The Smurf program – actually part of a Warrior Pride tool – has been ported to the iPhone sometime before the presentation, the slides seem to indicate, suggesting that even spies choose iPhone development first. A second slide from the same presentation says that Warrior Pride will have been ported to Android by Q3 2010.
In addition to dedicated tools to capture data directly from iPhone and Android devices, the NSA and QCHQ have found a way to tap the data provided by various popular mobile apps including Angry Birds, but also services such as YouTube, Facebook or Google Maps. “A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information,” The Guardian writes. “So successful was this effort that one 2008 document noted that ‘[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.’”
Furthermore, by accessing EXIF data of photo uploads from mobile devices – a popular feature for social network users including Facebook and others – the agencies would be able to collect “almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.”
While the slides offered by Snowden date back to mid-2010 describing then-sophisticated attacks, it may be logical to assume that the NSA’s and GCHQ’s spying efforts targeting mobile device users have kept up with the times and adapted their tools to match the evolution of these mobile platforms, and that the Smurfs are still in action – after all, the GCHQ presentation’s cover slide reveals that the agency wanted more, faster and better spying of mobile devices.
Slides from the NSA and GCHQ presentations detailed by The Guardian follow below.