t’s It’s Not Paranoia if Your Phone is Really Watching You

Malware exists that lets Bad Guys hijack webcams and microphones. The U.S. government can’t even do that yet, at least not legally, but it is working on it. Remember: It’s not paranoia if they’re actually after you.

James Jesus Angleton, former chief of the CIA’s counterintelligence staff, and science-fiction writer Philip K. Dick might at first seem like an unlikely pair. And they are[1]. As far as I know all they had in common was a paranoid-but-not-always-unreasonably-so vision of the world. However, news of malware that hijacks webcams and microphones and other recent happenings have reminded me that it’s not paranoia if they’re really out to get you.
Neither of these two men are household names, so let me start by introducing them.
Angleton was Langley’s associate deputy director of operations for counterintelligence for almost two-decades. He saw double agents and secret plots in everything because he believed “the KGB was capable of manipulating the CIA to believe what it desired, and that the CIA could neither identify nor defend itself from this manipulation.” He called this a “wilderness of mirrors,” a phrase borrowed from T.S. Eliot’s poem Gerontion. His years of pursuing these elusive moles did far more harm than good.[2]
Philip Dick, who led an astoundingly odd life, was a writer with such startlingly original ideas that they caused many people who should know better to overlook his limited writing skills.[3] If he is known at all beyond the realms of science fiction[4] it is for the movies based on his work: Blade Runner[5]Total Recall, Minority Report, PaycheckNextScreamers, The Adjustment Bureau and A Scanner Darkly.
Meanwhile, back to the topic at hand…
We live in a world in which 24-hour electronic surveillance “for our own protection” is becoming the norm. So the news that recently-discovered malware lets bad guys follow us via our own devices should hardly come as a surprise. As my colleague Lucian Constantin writes, this new malware is built on SpyEye, which specifically targets online banking users.

Under normal circumstances, users get prompted to manually allow websites to control their computers’ webcam and microphone via Flash. However, the SpyEye plug-in silently whitelists a list of online banking websites by directly modifying Flash Player configuration files.

If you can’t help but wonder, “Well, what’s stopping the government from doing the same?” you are not a conspiracy nut, and you’re not alone. Unfortunately. The FBI has renewed its push for a new Internet wiretapping law. This law would force Internet communications providers (and the definition of communications providers is every bit as vague as it sounds) to provide “back doors” for eavesdropping. The U.K. (“George Orwell? Never heard of him.”) is pushing for the same thing as is Canada (“We have ‘free’ health insurance and you don’t.”).
Think of what the CIA’s Angleton could have done with all these fancy toys and laws. It doesn’t take much to convince a bureaucracy it has enemies everywhere and, once it believes that, it always seems to find them.
This brings us to Philip K. Dick’s novel A Scanner Darkly which tells the story of an undercover narcotics cop who falls victim to the drug he is supposed to be suppressing. When he uses the drug he develops a different personality that he knows nothing about when he isn’t under the influence. As a result, he conducts a lengthy investigation without knowing (spoiler) he is his own prime suspect.
When I read it for the first time, shortly after the invention of the printing press[6], I thought Dick did a great job of using exaggeration to look at interesting issues about police states and the risks of submerging yourself in another identity. What I didn’t realize was that it was 35 years ahead of its time.
Consider the following story from February of this year: A Sussex police officer was looking for robbery suspects when he got a call from his boss. Because the UK is basically a giant TV studio at this point, the folks at headquarters were watching live feeds from where the cop was. They spotted someone suspicious and sent him after the suspect. It took 20 minutes for them to figure out that he was chasing himself.
People almost always see exactly what they want to see. Some folks looked at the Yugo and saw a car worth buying. Some others found weapons of mass destruction in Iraq.  What will they find if they’re able to look through your smartphone?


1 Philip K. Dick by himself was an unlikely pair.

2 And, if Aldrich Ames is any example, turncoats working at the CIA tended to be pretty obvious.
3 For some reason The Library of America, whose mission is to keep classics in print and permanently preserve America’s literary heritage, has found him worthy of republishing. This was only slightly less odd than their decision to republish horror writer H.P. Lovecraft. I’ve read both of them and I like both of them so I can say with some certainty that they are at best minor writers.
4 That’s where I grew up.
5 It is based on the book Do Androids Dream of Electric Sheep, a terrible title for a good novel.
6 By mastodons.  

Constantine von Hoffman writes CIO.com’s IT Security Hack blog. Follow Constantine on Twitter @CurseYouKhan. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Constantine at cvon@areporter.com.
Read Constantine ‘s bio

Print


Shopping Cart
Scroll to Top