Stalker remotely controls family cellphones, even when they're off
By Conrad Quilty-Harper 
posted Jun 25th 2007 7:52AM
posted Jun 25th 2007 7:52AM
To use a TV news cliche, it's like a horror movie come true: three families from Fircrest in Washington State are being harassed by a unknown individual, who somehow has the power to turn cellphones on, send messages, and change ringtones. Over the last few months, the families have had calls that threaten death and violence against them, calls that tell the people what they're doing at that time, and calls that originate from the cellphones of other members of the family. In one case, the stalker changed the ringtone of a phone to say "answer your phone." According to one James M. Atkinson, an apparent expert in these matters who used to provide the CIA with advice in counterintelligence, the technical profficiency to pull off this level of stalking isn't that high: if the FBI can do it, why not some anti-social kid, right?
How is it possible to remotely switch on a mobile phone? Once a phone is off...its OFF...right?
IN COMES DOCTOR FRANK BLACK CELL-PHONE TECH SURGEON :^)...
Let’s not rush to judgment here. Now in order to diagnose the “issue” many questions need to be answered:
1. What mobile operator do these phones have service with?
2. Are they all on the same operator’s network?
3. What technology are they on (Amps, iDen, Tdma, Cdma, Gsm)?
4. What model phones are they (and how old are they)?
5. Do they have any PAN capability (Bluetooth, WiFi, NFC, etc.)?
6. Were they repaired or serviced prior to the start of these issues?
7. Have the phones been out of the user’s possession for any length of time?
8. Have the users roam with the phones to any foreign countries?
If someone can get me the answers to these questions I will solve this mystery right on this here Blog. Hit me...
"IN COMES DOCTOR FRANK BLACK CELL-PHONE TECH SURGEON :^)...
Let’s not rush to judgment here. Now in order to diagnose the “issue” many questions need to be answered:
1. What mobile operator do these phones have service with?
2. Are they all on the same operator’s network?
3. What technology are they on (Amps, iDen, Tdma, Cdma, Gsm)?
4. What model phones are they (and how old are they)?
5. Do they have any PAN capability (Bluetooth, WiFi, NFC, etc.)?
6. Were they repaired or serviced prior to the start of these issues?
7. Have the phones been out of the user’s possession for any length of time?
8. Have the users roam with the phones to any foreign countries?
If someone can get me the answers to these questions I will solve this mystery right on this here Blog. Hit me..."
Right Frankenstein Black, solve this...
(has nothing to do the case, just some random banter... :p)
1.at&t, Verizon
2.no
3.iDen
4.Nokia n73, sony ericsson w800i
5. bluetooth
6.no
7.no
8.no
^^^
P.s bluetooth is always off.
Um Slug, at&t and Verizon don't use iDen and those model phones aren't iDen capable. Next...
Not true. Look up Bluejacking. Here, I've done it for you:
http://www.bluejackq.com/
http://en.wikipedia.org/wiki/Bluejacking
Also: see BlueSnarfing.
http://en.wikipedia.org/wiki/Bluesnarfing
Both of which require the offender to be in relatively close proximity of the victim's phone. Bluetooth does really suck in that respect.
Why don't they
A: Take the battery out of the phone. Noone can turn it on if it has no juice.
B: Use a payphone or a friends cell.
C: Join the NRA.
Its bad that they are being stalked this way, but there are a few very easy steps to stop all this. Like taking out the battery.
BS! If the phone is off and the stalker turns it on, changes ringtones, and makes the calls originate from another family members phone then guess what...it's another family member.
It's someone with direct access to the phone to turn it on, direct access to change the ringtone, and direct access to use the other members phone to make the call.
"BS! If the phone is off and the stalker turns it on, changes ringtones, and makes the calls originate from another family members phone then guess what...it's another family member.
It's someone with direct access to the phone to turn it on, direct access to change the ringtone, and direct access to use the other members phone to make the call."
I'm afraid you're incorrect here. This all depends on what type of phones they have, but if they don't take the battery out.. there is still some stuff going on and some latent connection to the cell phone network at all times. Its possible, this story may be embellishing a little bit, but its not far from what is possible.
hmmm... and would joining the NRA solve it?
well, guns do solve a lot of my problems.
:)
>guns do solve a lot of my problems.
True, guns do solve a lot of problems. They could just shoot themselves, for example.
Death solves all problems-no man, no problem as our dear comrade Stalin once said.
Can we PLEASE turn this into an antigun thread, PLEASE! It was a joke, and if this person is serious about any of these threats (which I actually seriously doubt) an inexpensive pump action mossberg probably isn't a bad idea.
Why would you WANT to turn it into an anti-gun thread?
Kevin Rose had people come onto the screensavers (back in the day when it was an amazing show) (( before G4 took over)) and they showed how phones could be hacked through blue tooth with ease. One guy had a hand held satellite dish and was extracting people's contact lists from people in the audience.
If that was possible then, a few years ago, then imagine what is possible now.
Shelbz, while I tend to think the newspaper exaggerated a bit to get the story across, did you even bother to ready the article? At least read it before you go spewing off at the mouth like you are the end all be all of comments.
sounds like they work for a cell phone company, most that stuff is a no brainer with their terminals. obviously this guy knew what he was doing since changing the ringtones and remote turn on, arn't a typical thing.
who knows, they all could have had the same phone, on a family plan or something, and could be remotely turned on.
I'm not sure what phones they are using, but for most phones, once it's off, it's off. They don't maintain any external connection to the network, everything is shutdown. Otherwise, it would be pointless to turn off a phone on an airplane.
It's doing something while off, though- otherwise how could I set my phone to power on automatically (weekday mornings, 6:00AM, alarm so that I wake up for school)?
Exactly, Jamar. When a phone is off, it is not fully off at all. It uses a small amount of current to maintain some temporary information such as alarms, and to keep the time correct. If you've ever taken your battery out of your phone for an extended period of time you will know that you have to set the time again.
So in theory, it's not that hard to turn it on once it is off. However in practice, you would need to be able to modify the phone to keep the wireless modules on. So, I'm guessing this whole affair is an inside job.
Yes, you can. I do it everyday with my blackberry. I set it to shutdown and turn at at specific times
@Grant: Not necessarily. There are tons of Cell phone CSR support sites out there and this type of techno babble is spewed all over the place. It doesn't take a take genius to figure it out.
Ok, I worked in tech support( only level 2) for cingular (now the new at&t) and although you can remotely program a phone and preform very general settings adjustments I gave never heard of being able to either remotely turn on or change a phones ringtone. Rinback tones would be different howvere. Correct if I'm wrong current techs, its been a few monthgs since i did this, but i only remeber being able to do a few things even with complete legitimate backend access. I remember updating basic sim card setting, PLMN lists (a list of local cell sites and orders of which networks to attempt to access first in order to avoid roaming charges and have the best network compatibility and interoperability.) Voice mial and call forwarding settings, International roaming and text messining.Data connection settings, Push to Talk and blackberry connect settings, Call barring and restricting, and master restets on a few models. All this was done using manufacturer back end websites and a network maintence diagnostic tool called snooper. our billing system, telegence was also capable of resetting some setting. I can only see someone being capable of changing ringtones if they installed a trojan on a smartphone platform. Most oof the time when there was an issue with a phone after doing a few basic troubleshooting exercises on my side I would resort to manuals and simply tell the customer what to do. If it wasn'nt a problem with our network I would often have to consult with the manufacturers tech suppport thru 3 way calls or cy researching the issue and calling the cust back. It was alot easrier often just to ship out a new phone.
sorry abt the horrible spelling error i just woke up to pick up my gf frum work. im now goin back to bed. i can still catch a few zzs b4 im off
So maybe the family is doing this to themselves or they aren't. How hard would it be for someone to come up with a wake on lan function for a cell phone, or even figure out how to utilize something like subseven for cellphones. (I deny any and all implications that I may have or may have not used said program on computers) For someone that understands the programming language of a cell phone it cant be that much different than todays pc, strike that, yesterdays pc. I mean, todays cellphones rival some peoples computers, take the latest Palm Treo for example, 128mb memory, 300mhz processor. The thing can run excel. I know that many of you that read this will piss and moan that the cell phones in the picture are not a Treo, thats fine, just remember that is one example out of however many types of cell phones there are today.
"although you can remotely program a phone and preform very general settings adjustments I gave never heard of being able to either remotely turn on or change a phones ringtone."
That is actually incorrect. Some phones are vulnerable through their Bluetooth connection, and it is possible to change ringtones this way.
The phone switching on auto-magically could be done via a timer on the phone. I remember that the old (pager) blackberries had this feature, I don't have my 7290 handy to see if it has it too, but that's possible. what I can't figure out is, how they could remotely send a txt message unless the phone has some kind of hacked firmware or a j2me/brew app installed on it.
havent any of you heard of ... bluejacking, bluesnarfing, bluebugging, etc ... I bet if they replaced their phones with older models that are not as technically advanced all would be well.
Most phones can turn on via an internal clock and timer, but that is not a remotely programmable feature, unless you can trick a phone that syncs its clock with the cell network clock into thinking that its a different time than it really is and Ive never heard of neone doing that ever. Even employees who liked to check up on girlfriend etc... could really do that much. The only abuses iv ebver run into on the employee side is browsing old deleted text messages and checking the customers voicemail, call times and records, and location( on cingular/at&t this isnt to much of an issue bcuz they stil use triangulation. this is much more of a problem, i imagine on sprint and verizon) Looking up credit checks, ss #s etc.. Never remoptely changing ringtones or powering on or off a phone.
They should get an alarm system with cellular backup and panic buttons, remote panic buttons for their key chains, and use email and skype possibly for communicating. If one kind of technology is causing you terror, then get rid of it and utilize some of the OTHER technology out there. Odds are someone who can hack a cell phone wouldn't know as much about the rest.
@ reeve you generally have to be within a 50 ft range to take adavantage of a bluetooth vunerability. Form what I read inthe story it sounds like this dude was quite a bit further away than that. Also MOST of the time you have to accept being paired with the device so its often more like phioishing and tricking a user tahn truly hacking in to a phone.
ALSo in cases of Stalking I was always more tahn happy to send out a nwe sim card and assign a new # free of charge to the victim if i felt the case was even remopteley serious. The last thing any cell comapny wants is teh blood of some innocent user oon its hands and all over the news just bc they wouldnt shell out a new sim card or waive a number change fee. Once again tahts probably different with sprint and verizon seeing as how they would have to send the user a whole new freaking phone.
Yeah, they're on Sprint and haven't even thought to switch carriers. So it's a bunch of whole freaking new phones for them- Sprint should really get to the bottom of this else their reputation will become "the most easily hacked network".
Actually, no. I have Verizon, and had an extremely annoying call from some ADT call center, that would ring my phone, everyday at 2am., about someone else's house. I tried contacting the company about it, but to no avail..the calls just kept coming. I simply told a Verizon CSR about it, and they were more than glad to change my phone number...they did it in less than 10-20 minutes and I was even allowed to choose some of the digits I wanted in my number. In my opinion, I have no idea what this story is all about. I'm guessing they all have smartphones with bluetooth, but I still have never in this world heard of anything like this...in movies yes, when the FBI/CIA etc. do it, but not in real-life. Sounds a bit fictional if you ask me. I can understand remotely sending text messages...some sort of spoofing method, that I'm sure a more than average employee could convey. Looking at an enlarged photo of the news report, it looks like they might be on Sprint, it's still not completely clear, but I can make out a Sanyo Katana and two different LG models...all of them from Sprint, so I'm going to assume that's the carrier they're using. It's awkward that the report says that "Other families have gotten them, too."...it sounds like some regional CSR is pulling this off..now I've never had Sprint, nor know about their inner workings, but it seems someone is trying to really scare these families.
srry abt spelling . im really goin back 2 bed now.
I can't believe how naive people are. The goverment has put backdoors in your phones and Internet access that allows them to monitor everything you do. Bush has made it so that they can monitor anyone they want at any time they want. There are a lot more backdoors that even your local phone company probably knows about.
The problem is those backdoors are left open so people other than our government can find their way in as well. All the people who think your phone is really off when you turn it off are just kidding yourselfs. You are basically just putting it in standby mode for many of the newer phones.
What you have here is a very sick individual who is stalking this family because of an cute blonde teenager in the house. I hope they catch this person ASAP and punish him to the fullest extent of the law.
Who should be really punished for the it. The person who possibly created the backdoor in the first play (Phone company), the person that saught for the back door with phone companies (the gov't) or the person that used the backdoor that was possibly created.
To the great cloud of people (not here on engadget necessarily) who said it was foolish to think that the built-in government mandated GPS tracking of your phone could be controlled by the user and not by remove command by hostile parties:
Duh. They flip a bit and know where you are. Fun, huh?
@thomas_malkin,
There is no "built-in government-mandated GPS tracker" system. It does not exist- period. I design cell phones and most cell phones do not have GPS antennas in them. Many CDMA phones do have some sort of GPS antenna, but very few GSM and 3G phones have that feature. It is not physically or practically possible to fit the antenna in most phones.
It is still possible for a service provider to track a phone based on proximity to a tower, but I have no idea how the government mandates that or what they would have to go through to obtain that information from a provider.
Simply put most phones do not have GPS in them. It is not a government requirement for anything on the hardware side of a cell phone.
@Gar,
Sprint is PCS, therefore is CDMA. So, I guess by that virtue all the family's phones have some kind of location tracking built in?
Consider this a test to see how long you can survive without a cellphone.
That, and the cell company has records of every connection to the phone. If the phone's been connected to, the record exists and can be subpoenaed. *If* this is actually happening as the families say it is, the perpetrator is leaving digital footprints. They will eventually be caught.
Tim is right. Read it and weep. Moto Razr is supposed to be one of the easier handsets to control remotely supposedly...
http://news.com.com/2100-1029_3-6140191.html
I remember ready some technical reports on government’s requirements for cell phone software. Back when Homeland Security was starting up they had a think tank on technology monitoring and the biggest thing that I remember was the requirements they required for all cell phones by Jan 1, 2005 for the USA.
Every phone is required by law to have software features added to allow GPS location even if the phone is off. The phone seems to still communicate at a much lower power rating for this use. It also allows them to silently power on the units to listen in even if the cover or flip top is down. It is diffidently some black ops information but the report suggested that if you don’t want anybody to control your phone either remove the battery or leave it at home. So nothing in this article surprises me.
ok @ paranoid tim, yeah the govt has access to pretty much every thing the cell company does, they can even listen in and make ur phone appear to be in an idle or even and in off state. I got requests from law enforcement all the time to track a phone or get sensitive info relating to one. I didnt handle that, we transfered all those calls to the at&t office of the president becuz there were alot of legal issues invovled there. But let me tell ur paranoid ass a few thing taht im sure alotta engadgeers already kno, gsm phones interfere with unshielded stereo equipment when ever the transmit even low poer signals like cell site to cell phone handshakes, they make radios sound like a bat out of hell if you are standing to close and being monitered so most dopes would figure out that they are being monitered pretty quickly. Also you would see a significant drop in batery life if ur phone was being monitered siognificantly at all. Cdma phones dont realy have the interference problem but seeing as how theer are over 80 million gsm phones in the usa if this was a significant threat the media would have benn all over it years ago. Wait know u are right my friend Old George W mandated tha all gsm phones secretly have a cdma atenna put in as well as a hidden auixillary battery and gps so that noone would notice a drop in battery life or interference with radios. 80 million times about 20. $16,000,000,000 dollars secertly appropriated to a covert militay program plus the multiple facilities employing 10s of thousand of techs who are able to moniter criminals, and suspected terrorists at all times. thats just a few billion more per year so will say thats about $25,000,000,000 per year, secretly appropriated to mundane looking programs and then sneakily rerouted in this top secrety program. You are right my friend. How did we not see this before. Everyone run to walmart and purchase a tinfoil hat. Its the only way to protect you and your family. Run now. Seize the day. Time is running out. George W also planned 9/11 and was elected with the help of a shadow goverment for whom he is a pawn. Oh and pigs are flying outside your window, seriously they are go check.
Who's the paranoid one here? Or your attempt at sarcasm failed so badly because it's barely coherent.
@ john gos is not required. triangulation is also an accepted method. it is alot less accutte a. abt a 300 yard range and taht only works when you are within range of 3 cell towerts so generally only in large metropolitan areas.
You try to blame your poor spelling skills on lack of sleep. Its quite obvious to anyone reading your posts, you're illiterate. Which makes all your points moot.
Oh it is ez 4 the govt to moniere ur calls alot easier than listening in and using ur phone as a 21st century bug.
dude, just go to bed.
Trying to avoid a stalker by getting your picture in the paper?
Brilliant.
All your phone are belong to us!
it is all true but how is it done
@ jamar. Look I'm just stating facts bud. Srry I'm still a little groggy. I apologize for my sarcasm not being up to your standards. That's why I'm not writing for engadget, but this article has so many holes in it, and I simply wanted to clarify what and what was not probable and possible. Yes the goverment can listen in on calls. thats very ez to do. yes govt can use ur phone as a bug, but not without being easily identified by the user as doing so. At least if they are using a gsm phone. Yes they can get your location, your call records, your voicemails, your texts, your web history. Youy may remember At&t was being scrutinized by the public early last year for the wiretapping probe with bush. Yes the govt still does that on wired and wireless lines and with internet. But it is irrational to think even for a minute that the govt is actively tracking you or listening to u while your phone appears idle or off. They have the capability but it is almost completely for emergency uses only. Active gps tracking would also require contionous cell network usage once again causing interference with local radio equipment. Ussualy if the govt is intrested in you, they will moniter cell phone conversations, and get your location once abt every 40 min whent they get a cell phone - tower handshake.
Ummm... I'm not a US resident (I was, though). I see your point, though- being paranoid doesn't help anyone.
Seriously man, Ambien is bad for you.
shit just get a new phone and number, you already have all your contacts on the sim card.
did you even read the article dumbass?
They're on Sprint- not as easy as switching out cards. They definitely need to switch providers (and get really basic no-frills phones so there's nothing to hack, just in case).
I don't have to read all of the article, the only reason this person is doing all this is for kicks, watching the reaction of the victims, why give him the satisfaction and power.
It’s all about cutting off their power
you still will have the old phone and sim card, not to use it in the new phone, just to transfer over contacts to the new phone, it’s going to be a hassle to enter all the contacts, but at least you have them.
Treat it like a stolen credit card. cut off the old and one get a new one and make your service provider take care of the mess.
Sprint *doesn't* use SIM cards. These people have started fresh some 5-odd times (all on Sprint, though), and it never worked. I know who to avoid now- not even SERO will tempt me when I return to America; it's going to be T-Mo, AT&T or I'm roaming from my current Chinese carrier. Not worth even the slightest chance of this happening to me.
So, the issue is that this 'stalker' is using up their minutes / text message limit?
Seriously, the phone company should so be able to jump in and help but obviously they won't until they get pressure from law enforcement or the media.
I'm going to go with the media on this once it's picked up by more outlets. Or bloggers.
Hold up a second...
I'm SURE one of the crappy Australian current affair shows (today tonight / ACA etc.) reported this EXACT same story but with a Melbourne family... Not that this surprises me considering the state of Australia's Current affairs shows, but it was interesting seeing engadget pick this up AFTER they did... All we need now is for The Chaser to do a story on it for some comedic gold :)
Something almost exactly like this (only using landlines, not cell phones as it was 10 years ago) happened in 1997.
http://www.phonelosers.org/issue/046/#sommy
My bet is it's a friend/family member screwing around.
these type of stories are almost always too bizarre to be believed. haven't they considered talking to Sprint (I guess that's their provider based on other comments), and having Sprint review the raw CDRs to see where they are coming from, and then having the manufacturer review the phone to see what has been installed. i'm sure their developers are curious about hacking, because it hurts their reputations.
i have worked on CALEA applications (the fed wiretapping app) and wiretapping is not complicated, it's just a conference call. however, there is no way to muck around with the settings on someone's phone within our applications. that's done at the switch, and monitoring of such activity would be really difficult, and lack of accountabilty makes it problematic for Sarbanes Oxley compliance issues.
so honestly, i have to believe that some of this is being faked.
on an interesting side note. I served in an ECW Intell unit with a James Atkinson who specialized in this TYPE of stuff. That would make him an expert.....however the person I am speaking of also went to jail for, stalking and shooting up a car plant!!! Maybe the so called expert is in fact involved? I don't know just an interesting coincidence I guess.
What are you saying? That James Atkinson is going to shoot up a car plant while calling these people?
Wow... this brings back some memories. I remember a guy back in college (10+ years ago) who could hack a phone to essentially get root access to the 'tower'. The 'tower' being whatever server the call is first processed from. It was fascinating to watch the guy. He could look at all the traffic, listen in, change stuff on the tower or any phone that was connected. He could do this with impunity with any phone that was out at the time. He never got caught for that but then he was careful not to do anything too obvious. You would think all the years later that security would be a lot better. Maybe it is or maybe some punk kid figured that out too get past that and now is connected to a tower.
those of you who doubt all of this should go read the SMS specification.
"Short messages can also be used to send binary content such as ringtones or logos, as well as Over-the-air programming (OTA) or configuration data. " -wikipedia
anyhow, anyone who has ever looked into that has been amazed at the sheer exploit potential and how (in general) the industry has just assumed that they can secure their networks by making such access illegal.
As for turning on a phone, hell, just make it have a wake-up time.
I've a solution for these people. Just do what I did.
I wrapped up my cell phone in tin foil. After smashing it into small pieces. Very, very small pieces.
Yeah, gotta love how none of these poor innocent victims (who are probably doing this to themselves for attention) even thought to just toss the phone in the trash and not get a new one.
Last time I checked, a cellphone isn't required, it's an option......
If it's really soooo scary, just ditch the cell.
Maybe I'm overlooking something here, but instead of getting new phones, why don't they... CANCEL THEIR SUBSCRIPTIONS
Solution!
1) Get a new phone that doesn't have any of the extras.
2) Disable WiFi, Bluetooth, and any other form of wireless communication on the current phones.
This happens when you have morons using technology that they don't understand. I'm not excusing the stalker because that/those guy(s) should be caught and kicked the shit out of. But, if someone starts messing around with my cell like this story says then I would just go get a non techie cell. Problem solved.
@Matt E.
You find a way to remote turn on my cell phone, put your contact info into it, and call yourself with it, and i will ask you where you want me to ship it, because it's yours.
Personally, i won't need it in the underground bunker if all thats as easy to find, as you claim.
umm take the battery out and go to the cell phones service and ask for a new phone/ new number........ easy and pie
oh i see there dumb blondes
This is hilarious. I love it
I would start looking at people who work at their local cell phone stores.
Probably one of those fast talking hip hop style kids that always seem to work the cingular booths. PRobably an ex boyfriend or just a perv. Gotta work at the cell phone store to have access to all those things.
Find this bastdard and put them in jail. It is wrong.
Ahh, good point. And if the same person was working EVERY time they picked up a new cell they could program everything right away. I say this may very well be the case.
Actually, it just has to be someone who works at ANY store and can look up their name on the computer.
Thats why I am sherlock homez and you are just dee-tarded.
Its probably a sidekick. HAHAHAHAHAHAHAAA
I smell a movie deal out of this story.
If I was the phone I'd get turned on around Courtney too.
This thread has lowered the collective Engadget IQ by a good 30 points.
JFC!
To this day, cell phones do everything except make coffee.
With phones, the service provider can do anything. They can perform firmware updates overnight, and access the customer's music library/store (ringtones). As switching to Verizon, Alltel, T-Mobile, or AT&T/Cingular could result in the predator making threats and mailing (yes regular mail that bills come in through)(or just putting threats in there themselves with a blank envelope) could worsen the situation. If I were them, I would have a phone specialist come over and monitor phone statistics (which tower, what satellite, bluetooth connectivity) with high-tech devices (if the predator can do it, it's possible).
has nobody thought that the signal used on mobile phone to the towers has something to do with it you have two mobiles in one one to talk in microphone and one to listen to the caller one reciever one sender in one mobile phone the mobile company can send settings to your phone and updates eg weather lottery results etc i am sure a ring tone could be sent and a message what people dont realize is when you connect to the internet you are downloading a lot of information on your phone with very fast speeds and with the new 3g this is a lot faster i would be interested on there network and if they did web browsing or some one entered a competition in last few months or gave there number out over the phone in public and somebody went from there if its blue jacking or snarfing its gone to another level but all seems probable i mean we have vista but its cracked before its released we have heard of music and dvds pirated before release etc so why not personally i think its nearer at home eg ex boyfriend relations prank gone wrong or maybe a younger member of family 9 to 15 years old having a laugh has any family member have mental problems more than one personality etc or perhaps the ultimate answer most likely is cloned phones that is possible and been done etc or a program that runs on a certain date and pinches a number out of your phone and sends messages etc i would take the date back to when it first started to cover that option and as to cloning put my phone in a lead lined container and phone my number to see if it answers if so its cloned