Google, Nokia, Ericsson, Samsung clueless on NSA's phone stalking

Although NSA's elite joint special operations command brags that they've been able to track switched off mobile phones for almost a decade, no one quite knows how they did it.
Written by Michael Lee, Contributor

According to the Washington Post, the US National Security Agency has had the ability to track mobile phones even when they are switched off. It's not new news, with the Post's article published July 22 and its source, troops from the NSA's Joint Special Operations Command (JSOC), stating they've been able to do this since 2004. The problem is, almost a decade later, no one knows how it was done.

Concerned with the NSA's capability to use a system dubbed "The Find", Privacy International research officer Dr Richard Tynan reached out to a number of handset manufacturers to determine if it was at all possible to track down a mobile phone, even if it was switched off. Tynan asked Apple, Ericsson, Google, HTC, Microsoft, Nokia, RIM, and Samsung. He received replies from four.

Google's reply was fairly brief, as one might expect considering its mobile operating system Android only began in beta form in November 2007, was only commercially available in September 2008, and didn't even exist in 2004.

Its reply was that once a device is powered off, there's no part of the operating system that can remain on, and that it has no way of turning on a device.

Samsung was pretty convinced it was impossible. Its vice president Hyunjoon Kim wrote back stating that once turned off, all the transceivers additionally turn off and that there is no such way to emit a signal.

While Nokia believed that its handsets could not be tracked while switched off, it admitted that there are some components inside devices that could continue to operate even once the device has been switched off.

"One example would be the real time clock, which ensures that when the device is switched on again the user does not have to re-enter the correct time. Another example would be the phone’s charging circuits. Depending on the model, connecting or disconnecting chargers including USB cables, or placing the phone on a wireless charging plate, may cause the device to register the change in charging state and display that to the user, for example by showing a charging symbol on the screen."

However, it stood by its position that the radio components in the device would not be able to transmit any signal to give away its location.

Ericsson was unable to comment on the specifics of its handsets since it is no longer in the business of manufacturing them, but said that in general, mobile phones shouldn't be able to transmit any signals that could identify itself. It said that only the crystal oscillator that helps keep track of the time and minimal functionality for sensing charger connections and when the users presses the power button would be operational at most.

Here we have four companies telling us it can't be done, and the best tin foil hat theory I can summon revolves around the crystal oscillator. In the presence of an electromagnetic field, crystal oscillators' physically distort, and then when that field is no longer present, they generate a corresponding voltage as they return to their original state. Whether it is powerful enough to activate the radio components in a device (even if it makes sense electronically), is beyond my engineering experience and perhaps not even necessary, but it could signal the start of using differential analysis to perhaps fingerprint a device in some general area. Like I said, tin foil.

Either way, it doesn't look like we're going to get a response from the US government. Michael Morisy of open government news site MuckRock submitted two freedom of information (FOI) requests to the government. One was to the NSA, which refused to disclose whether or not The Find existed, as it is a classified in the interests of national defense and that if any such information was available, it would be an operational matter and thus not subject to US FOI laws.

The second still sits with the US Special Operations Command, which had to reconfirm with Morisy that his request was in fact for devices that were switched off.

Honestly? If the US could track phones that are switched off, why wouldn't we have tracked down Edward Snowden, Bradley Manning or Julian Assange earlier? The counter argument to this is typically that the US would only use it where it deems it completely necessary — an ultimate weapon of sorts — but we have loud-mouths boasting about capabilities.

For the truly paranoid, though, perhaps it's time to start having those conversations without anything around, switched on or not.

Editorial standards