6 March 2004
The cell phone is being demonized like the Internet for being able to track and threaten users. In the message below the two addictions are conjoined. Easy privacy invasion of the two are based on inherent insecurity resulting from service providers devising technology for their own purposes not that of protecting users. As if nothing can be done to prevent cellphone insecurity, and that it is always the drug users fault, never the drug makers and pushers abiding national security requirements to assure access to the systems (weak privacy protection a feature of worldwide). The cell phone has become a leading competitior with the Internet for surveilling and data collecting of unwary users. No wonder the body bugs are being given away. You see a cell phone user, pity their gullibility for trusting the seemingly private gadget, same for an Internet addict, like this one pecking a rant.
To: email@example.com Date: Fri, 5 Mar 2004 17:32:33 -0800 (PST) Subject: [TSCM-L] Nextel Exploit Advisory NEXTEL ALERT Be advised that yesterday we learned a very disturbing feature about our Nextels. An SFPD undercover officer, who was doing some buys in one of our cases, was compromised for the following reason. He provided the crook with his Nextel cell phone as a UC contact number. He changed his voicemail and left a message using his UC name (matching his UC cover). The crook called the # and when it rang over to voicemail he pushed Option 1. Option 1, identifies the owner/operator of the phone. If you recall when you first activated your Nextel you had to call in and leave your name (or something to like that) on a Nextel recording. Anyway, that original voice recording is in EVERYONE's Nextel memory and can easily be accessed. In our case, the crook got the UCs real name and entered it into Google. Within minutes the crook learned that the UC was in an SFPD Officer who was in an officer involved shooting several years ago. The incident made the paper and is forever memorialized on the internet. It probably took all of five minutes to figure this out. As a side-note, I entered my name in Google last night and it immediately gave links to, among other things, DEA watch ("evaluations" are posted), the results of every road race I have run as well as my wife's alumni records, church newsletters that get posted on their website. DEA Tech took the time to figure out how to disable this function (refer below) on our Nextels. I advise anyone who does UC work to do the same. He sent it to a few people in the division who do UC work but you all should be advised of the same. -----Original Message----- CALL YOUR CELL # ONCE YOUR VOICE MAIL KICK'S IN PRESS #1, THIS WILL VERIFY IF YOUR NAME IS RECORDED FROM THE INTIAL ACTIVATION. IF THIS IS THE CASE, DO THE FOLLOWING; 1. CALL YOUR VOICE MAIL AND ENTER CODE, AS IF RETRIEVING MESSAGE 2. HIT OPTION #4 - PERSONAL OPTIONS 3. HIT OPTION #4 - PERSONAL PREFERENCES 4. THEN HIT DELETE KEY #3? TO DELETE NAME DO A RE-TEST USING ABOVE VOICEMAIL RETREIVAL TO VERIFY YOUR NAME IS DELETED. =====