#Vodafone #EE and 3 (#ThreeUK) give police mobile call records at click of a mouse

10/10/2014
Shush!  They can hear you!

Shush! They can hear you!

Mobile phones outnumber land-lines massively. In the UK, there are 82.7m mobile subscriptions in the UK; compare that to 24.4m home landlines and a total of 33.1m fixed landlines (including landlines used for broadband connections). In the UK, 15% of people live in mobile-only households. And that’s the UK, a developed world nation where substantial land-line infrastructure already exists. Think about developing world countries where low rural population concentration and large distances make mobile networks a necessity. An awful lot of business is being carried out on these mobile networks: both private and commercial, on phones or online. You’d think all this communication would be protected by law, right? Duh! wrong answer. According to The Guardian:

Three of the UK’s four big mobile phone networks have made customers’ call records available at the click of a mouse to police forces through automated systems, a Guardian investigation has revealed.

EE, Vodafone and Three operate automated systems that hand over customer data “like a cash machine”,as one phone company employee described it.

Of the 4 big mobile networks, only O2 manually reviews Ripa requests (Ripa is the Regulation of Investigatory Powers Act, which governs who can access systems like the phone networks). EE (the UK’s largest network, consisting of Orange and T-Mobile), Vodafone, and 3, all use systems that largely bypass any need for human intervention, basically meaning that access to these sensitive records is automated. With no manual oversight, mistakes or loopholes in the automated systems will not be detected, and can be misused deliberately.

Privacy advocates are also concerned that the staff within phone companies who deal with Ripa and other requests are often in effect paid by the Home Office – a fact confirmed by several networks – and so may, in turn, be less willing to challenge use of surveillance powers.

According to the Guardian article:

Several mobile phone networks confirmed the bulk of their queries were handled without human intervention. “We do have an automated system,” said a spokesman for EE, the UK’s largest network, which also operates Orange and T-Mobile. “[T]he vast majority of Ripa requests are handled through the automated system.” The spokesman added the system was subject to oversight, with monthly reports being sent to the law enforcement agency requesting the data, and annual reports going to the interception commissioner and the Home Office.

A spokesman for Vodafone said the company processed requests in a similar way. “The overwhelming majority of the Ripa notices we receive are processed automatically in accordance with the strict framework set out by Ripa and underpinned by the code of practice,” he said. “Even with a manual process, we cannot look behind the demand to determine whether it is properly authorised.”

A spokesman for Three, which is also understood to use a largely automated system, said the company was simply complying with legal requirements. “We take both our legal obligations and customer privacy seriously,” he said. “Three works with the government and does no more or less than is required or allowed under the established legal framework.

Only O2 said it manually reviews all of its Ripa requests. “We have a request management system with which the law enforcement agencies can make their requests to us,” said the O2 spokeswoman. “All O2 responses are validated by the disclosure team to ensure that each request is lawful and the data provided is commensurate with the request.”

Mike Harris, director of the Don’t Spy On Us campaign, said the automated systems posed a serious threat to UK freedom of expression. “How do we know that the police through new Home Office systems aren’t making automated requests that reveal journalist’s sources or even the private contacts of politicians?” he said.

“Edward Snowden showed that both the NSA and GCHQ had backdoor access to our private information stored on servers. Now potentially the police have access too, when will Parliament stand up and protect our fundamental civil liberties?”

So much information goes over mobile networks nowadays. Not just phone calls and text messages – there’s also the high volume of data transfer over mobile broadband systems. All this information is available to “investigators” who can interrogate the computer systems directly, with no need to go through a middle-man.

If you use a trustworthy VPN service, and encryption, you may be able to keep the data traffic somewhat more private. But the very action of encrypting your traffic attracts investigators’ attention. And voice and text message data does not even have that limited protection.

A solution, so far as computer and smart phone data is concerned, is available, at least in theory. If we all opted for mobile mesh networking, we could cut out the mobile networks entirely. And it wouldn’t be hard to include traditional speech (and sms) in such a system. And the software is already out there – for example Open Garden. These enmeshed systems are probably the future of mobile connectivity. The only question is: when will mobile users take to it by default? Most people don’t think the government snooping into our communications is a major problem (The “if you’ve done nothing wrong you have nothing to worry about” min-set). Will this apathy win out? I hope not. When I use a 3G modem or tethered smartphone I generally use a VPN. But I haven’t fully checked out the various solutions available – or their pitfalls. And I’m more aware of these issues than average. There’s a good chance we’re trying to tackle a problem that’s already out of control. Do yourself – andf everyone else – a favour. Do a web search for “mesh networks” and the other subjects I’ve mentioned here. Did you know that when you send an email, the message is only as secure as what you might write on a postcard? And things can only get worse.

Locations of visitors to this page


free web stat


Bloody mobile broadband dongles! I hate them!

27/03/2014

I’ve been using mobile broadband for some time. I live in the UK. First of all I used Vodafone’s network, but soon got rid of that as Vodafone charged £10 per GB of data transferred (note: that’s per GB transferred, not per GB downloaded)… it worked out as very expensive. Eventually I switched to 3 (another UK mobile phone/mobile broadband service provider) that charged £15 per GB transferred. Still pricey, but a lot cheaper than Vodafone.

Problem with the dongles is, they are plastic sticks that stick some 7cm out the side of your laptop, and are held in place by the vulnerable USB plug. Laptops are portable devices, often moved around etc, and if the dongle hits something that vulnerable USB plug can easily break. A while ago I suggested to 3’s Twitter account (@ThreeUKSupport) that they should use a different design; eg. a “L” shaped dongle that wouldn’t involve 7cm of plastic sticking out the side of a device putting undue stress on the USB plug (after all the USB plug is designed as a plug, not a strong physical connection). But 3 weren’t at all helpful on this, stating that they had no plans to use a redesigned dongle. Of course, 3 aren’t the only culprits – as far as I can tell all the mobile broadband providers use the stupid vulnerable design. But does that make it right? Of course not! (There are less vulnerable devices available, such as the MiFi routers, but they are not so mainstream and are more expensive than the dongles.)

Anyway, my 3 dongle got damaged – it hit something, the weak USB plug got bent, and now the dongle doesn’t work. I have prepaid credit on the dongle which I can’t use! What to do? I’ve got in touch with 3 on Twitter again, and am still waiting for a response. And what are they going to do? I hate to think. It’d be nice if they gave me a new dongle, maybe with extra credit to make up for my trouble (after all I did warn them about this possibility). But what do you think? Will @ThreeUKSupport be nice? Or will it be a case of TSB (Tough Sh*t Baby)? I hope for the best but expect the worst.

So, what should you do if you need mobile broadband? One solution is to wirelessly tether a smartphone (or tether by wire a 3G “dumbphone”, something I did for a while when I owned a 3G dumbphone). But to tether a smartphone you have to jail-break it. Which voids warranties. Or buy a MiFi router… not as affordable as a dongle. You could creep about with your laptop, taking extra care not to knock the dongle into anything… but is that paranoia how you want to live? No, me neither.  And now they’re rolling out 4G mobile internet devices, they have to take care of their customers better.

We all need to contact our service providers, demanding redesigned, possibly L-shaped dongles (I did that, but my lone voice had no effect… maybe if we all hassled them, maybe they would do something). 3’s Twitter account for customer services is @ThreeUKSupport. Get onto them! We need redesigned dongles or more affordable MiFis. Come on, let’s tell ’em what we think! Surely I’m not the only user to have accidentally trashed his dongle. Am I?

UPDATE 18:37 UST: Well whaddaya know! I was right to expect the worst!  Customer goodwill is worthless as far as 3 are concerned.  I broke their idiotically-designed dongle, with £15 credit on it.  Their answer? “Tough Sh*t Baby”.  They want me to buy a new one!  Bastards…

Locations of visitors to this page


free web stat


Mobile Broadband on Linux

11/10/2009

Note: There’s more info on this subject here. So take a look if this post doesn’t do it for you.

Be aware that all my experience of this subject is based on Ubuntu. If you use another Linux distro, YMMV. If you’re using Windows or OSX… you’ll probably be better off looking elsewhere.

Some time ago I bought a new phone – Sony Ericsson K800i. It’s a 3G phone, so I was pretty stoked: at last I’d be able to get a decent connection speed when linking my PC to the internet through this baby. And I was right: I get between 40 and 100 Kps (320-800 Kbps). Maybe those of you with wired broadband connections think this is dead slow. It probably is, to you. But to someone who’s previously had to depend on a sluggish GPRS connection, my new phone is like amphetamine on crack.

And it is so much easier to connect via this phone than it was through my previous handsets. All I need to do with my K800i is:

1. Press Menu > Settings > Connectivity > USB > USB Internet;

2. Select USB Internet On;

3. Connect phone to PC with USB datacable (the K800i also has bluetooth and infrared, but my computer is not equipped for such things);

4. Select Phone Mode;

and that’s it! The Ubuntu network manager detects the phone and automagically sets up the connection. Sweet or what! (Remember, this is with the Sony Ericsson K800i. Other phones will be different.

Unfortunately, it isn’t always like that. I don’t know if it’s just my phone or what, but connection is very unreliable. It cuts out erratically, and I haven’t found a fix yet. So on bad days I find I have to use wvdial to connect. I’ve described this in detail before – I’m not going to go into it again. Click here to go to the wvdial tutorial.

Thing is, mobile phone service providers have got something against their customers using their cellphones this way. It’s called “tethering”, and it is generally banned in the Terms and Conditions they make you agree to when you get your phone. And some providers actively block tethering. My provider obviously doesn’t block it. But that might change any day.

Why do they dislike tethering? Because they want you to buy a Mobile Broadband USB modem, and pay an inflated rate for mobile internet connection. Rip-off merchants!

Because I wanted another way to connect to the internet other than my phone, I bought one of these USB modems – a Vodafone K3565, aka the Huawei E160X. To connect via this device, Vodafone (UK) charge me £15 per GB of data transferred. This is shockingly expensive compared to what I pay for connection through my cellphone (£2.50 for 5 days’ “unlimited” browsing). But it is a better connection much of the time, when I get Vodafone’s HSDPA signal. Transfer speeds over HSDPA can get as highh as 160 Kps (1280 Kbps). But if I’m in an area with no HSDPA or 3G signal, I get snail’s rate GPRS. Which hurts when you’re paying the con men so much.

It’s also extremely easy to connect an Ubuntu PC to the internet via a Huawei dongle. Similar to the phone: plug it in, wait a short while, and the network manager detects the device and connects. The first time you connect the dongle to the computer, network manager throws up a mobile broadband wizard, which asks you a few questions about your service provider etc. And that’s it. Well, usually that’s it. Sometimes you have to manually edit the settings before it’ll work. But that will depend on whose service you’re using.

Also, I understand that although Huawei devices play nice with Ubuntu, some other manufacturers’ models don’t. If that’s the case for you, wvdial is probably the answer. Again, click here to find out how to use wvdial.

There’s another solution, if you’re having problems: an app called Vodafone Mobile Connect. Don’t let the word “Vodafone” in the name put you off – it actually works with devices on any provider’s networks. I used it for a while very successfully. I can’t give you any real advice about it, as it’s in constant “beta” development. But the only reason I stopped using it was the fact that Ubuntu’s network manager does the job just fine. It’s certainly worth checking out if you’re having problems. There are binaries available for many Linux distros.

Well, I think that’s about it. So, let me just wish you the best of luck in connecting to the internet with your device. And I’ll bid you farewell!

_gos=’c4.gostats.com’;_goa=354450;
_got=2;_goi=2;_goz=0;_gol=’Free hit counter’;_GoStatsRun();
Free hit counter
Free hit counter


%d bloggers like this: