I always liked the line that states, “Just because you’re paranoid, doesn’t mean that someone isn’t out to get you.” These days, in addition to physically trying to “get” you, there are also those who are trying to virtually get you by stealing your information for misuse. There are those who might want to wipe out everything with an EMP event so that not only do you not get to use your own stuff, you can’t even get a backup from someone else. It could be a foreign government, a criminal consortium, or even your own government doing the deed. Nature can get into the game with a Carrington event from the sun. So yes, in terms of your electronically-stored information, you have a right to be paranoid no matter what anyone says.
All this justified paranoia leads us to the need to protect our electronics. There are many attacks that can be made, but here I am going to be focusing on ways to prevent some threats that can arrive via the ether.
A major, and increasing threat, is an attack on your cellphone or smart device that uses cellular, Bluetooth, or WiFi for connectivity. There have been documented hacks into these things that allow snoopers to steal your data or even utilize your phone as a listening device. Your data will include your phone book of contacts, your call logs, incoming and outgoing, your email accounts if you access them over your phone, text messages, and any other useful material you might store on it. If you use it as a book reader, your reading tastes are accessible to anyone who can hack into it. Also bear in mind that the thing is constantly telling the world where it is. Nice, eh? The folks doing this range from criminals trying to steal credit card numbers to our own government being curious about your potential thought crimes.
Among the more troubling things to me are the dummy cell sites that have been found by defense contractor ESD America. According to Popular Science magazine, ESD has located 17 “interceptor” cell sites around the country using their $3,500 CryptoPhone 500. It isn’t clear who owns the sites or what they are used for, but they can not only intercept your data, they can push applications into your phone to compromise it. Many of the “interceptors” are near U.S. military bases, which raises questions of espionage. Initially I thought that, since they aren’t licensed, such devices would be caught by the Federal Communications Commission (FCC), but I thought deeper and remembered that the FCC investigates complaints. If no one realizes these devices are operating and they are operated in a manner that doesn’t interfere with legitimate services, there won’t be complaints and, therefore, there won’t be investigations.
Then there are the federal law enforcement agencies using aircraft-mounted and ground-based boxes to scan the cellular network.
While I am often not in agreement with the American Civil Liberties Union (ACLU), they have information on StingRays, also known as “cell site simulators” or “IMSI catchers,” which the ACLU calls “… invasive cell phone surveillance devices that mimic cell phone towers and send out signals to trick cell phones in the area into transmitting their locations and identifying information. When used to track a suspect’s cell phone, they also gather information about the phones of countless bystanders who happen to be nearby.” The ACLU has a map showing locations where municipal, county, state, and federal law enforcement agencies are using them. I found it alarming to see how widespread they are. StingRay, by the way, is a product of the Harris Corporation, and the term has come to be used for any such device, much as the term Xerox is used for a copy of an original.
While it isn’t something I could do, the Popular Science article, cited above, mentions that for about $3,000 a hacker can build their own StingRay-like device, using open source software and software-defined radios. They link to a video that shows someone doing just that. While this equipment seems intended for legitimate purposes, this is where criminals can enter the picture. They can use it to steal your information. I do note that these systems appear to work on the GSM networks used by AT&T and T-Mobile in the U.S. I am unsure if they can be used on the Verizon or Sprint networks, which use a different technology. I am sure, however, that the government units have no such limitations.
Now that I’ve scared some of us, what do we do? If you are like me, you can’t afford the CryptoPhone. Something that is more affordable is the $629.00 Blackphone. I suspect this is far more secure than a conventional phone, but I have not used one and do not have the means to test the security. I can’t afford it, either, so there you have that.
You could purchase a pre-paid phone with cash, as some do, but we have to be aware of traffic analysis. If you use it to call someone who has been identified as “of interest,” your number will now be marked as “of interest” too. This probably doesn’t matter if you are simply trying to avoid being the target of scammers or criminals, but if we move into the world that some fear is coming about as I type, you will need to have a deep stock of pre-paid phones, as they will be burned as quickly you use them.
I’m sad to say that I don’t see any way of securing yourself from all of these threats, other than breaking the link to any and all networks, except when you really have to make a call or gather information. The simplest way is to remove the battery from your phone, but some of the most sophisticated units don’t give you that option. You can power them down, but there are documented means of remotely turning on many of these devices without your being aware of it. Microphones can be activated and your phone used as a snooping device, proving, once again, that everything is two edged; what started off as a convenience and safety device can now also be the downfall of your privacy.
A further question is what if we need the data that is stored on such a device but don’t want it to broadcast its identity and location? So what are we to do if we aren’t able to give up the convenience and utility of these devices? We might have information stored on them that we really need to use, but we are nervous about powering the thing up at some given moment. MobileSec Solutions, LLC , a Saratoga, CA company, offers a solution to assuage these concerns in the form of bags designed to interfere with the radio frequencies used by cell phones. I say bags, in the plural tense, as they give you two. You put the phone in the smaller bag and then put the small bag into the larger one. The bags are made of a fine mesh metal screen that is optimized to shield the frequencies cell phones use, which range from about 700 MHz to about 2.5 GHz. This includes the cellular frequencies used in the U.S. along with WiFi and Bluetooth. They have magnetic closures to keep them tightly shut and have a tasteful woodland camouflage trim on the seams.
MobileSec sent a set for me to review, and I found that you can read the screen on the phone through the wire mesh, though it does make it harder to do, particularly in bright light. I have seen other pouches that are supposed to kill the radio frequencies in question, but so far, this is the only one I have seen that you can see the screen through. The nice part about that is if you need to retrieve some stored data, you can do so without revealing where you are or what you have.
Touch screens seem to be an issue, though. I have an antique Palm Treo phone, and it works fine tapping through both bags, but our Kindle Fire tablet was not easy to use when I tried it in the larger of the two bags. It has the more modern sort of touchscreen, like those found on newer smart phones and unlike my stuck-in-the-mid-2000’s Treo. MobileSec suggests using voice commands, if you need to operate your device inside the bag, and most modern phones can do that. If yours can’t, it might be an issue. Some phones still have buttons, which could help a lot, too. Tablets look like they will be problematic, but MobileSec doesn’t even suggest using the bags with tablets.
I found that one bag thoroughly killed any WiFi, Bluetooth, or cellular connectivity on both my Treo and the Kindle Fire in my house, which is within eyesight of three towers. MobileSec says using the second bag guarantees that you can stand under a cell tower without it discovering your phone. I got as close as I could to five different towers, but I can’t be positive if they carried my service provider. Two of them, however, pegged the signal strength meter, so I suspect they did. These two towers required both bags, while the other three killed service with one bag, which I also took as a clue. While there are websites (http://www.antennasearch.com/ and http://www.cellreception.com/) that list cell phone sites, they don’t always list which company has what equipment on any given site. I also found sites that weren’t shown by either service. In fact, one of the strongest ones wasn’t shown on either website, and I know it has been there for years.
MobileSec says the phone bags will also protect the device from an EMP event so you can use it to retrieve data later. The inner bag is 7.25 x 4.25 inches, and the outer bag is 10.5 x 6.5 inches. The small bag weighs two ounces, and the large one weighs 2.5 ounces. The bulk of the weight is in the magnetic closures.
You can’t, of course, receive calls when your phone is encased in the bags, so people you want to stay in contact with can’t reach you. The only solution I can think of for that is to get an old fashioned one-way pager. They are still available, and it appears you can get local service for about $15 a month, if you shop the web. The idea is that you would keep your cell phone disabled in the bag, and if someone needs you, they page you, and you choose the time and place to return the call. A one-way pager will not send out any revealing signals that can be used to locate you. Paging traffic can, however, be monitored, and if you get a message to call a number of interest, your pager could be associated with your phone number when you return the call. It might be smart to organize a simple code system for your associates.
The Laptop EMP Shielding bag is for a different problem– protecting your computer from an EMP event while allowing you to use it. It allows WiFi and things like cordless mice to connect. The signal to and from those is degraded, but they will work if close enough. This bag uses a larger mesh screen than the cellphone phone one, so it isn’t attenuating as high a signal as the cell phone bags. Since you are only looking through one layer of a coarser mesh, it is fairly easy to read the screen. Hitting the keys is not a problem. The touchpad worked okay on my Dell, but I didn’t have a touch screen laptop to try it on. MobileSec warns that could raise issues.
My friend, the electronic wizard I call Apollo in my reviews, who helps me with this stuff, said he thinks the bags will be effective for EMP. He ran some tests and said they block the appropriate frequencies. EMP is, of course, hard to test in reality, as very few of us have the means to generate a real one, but if Apollo says they work, I am confident that they will.
My Dell laptop with a 15” screen easily fit into the laptop bag with additional room for a small solar panel for charging, which MobileSec says will work in the bag. While the solar will work in the bag, it would probably be slow. This unit also has a battery that can be charged from an outlet and then inserted in the bag to power the laptop. Opening the bag to run a power cord in will break the shielding, however, defeating the protection. MobileSec notes that the bags will vent heat.
The bags were shipped to me in a large, rigid container, and I wondered if that meant they couldn’t be folded or wadded up, but I was assured that isn’t a problem. They advised that the purchasers expect to get a pristine, unwrinkled product, but that the bags are pretty much impervious to rough handling and folding.
MobileSec told me that the items in the bag don’t need to be insulated from contact with the bag. Many of the EMP shield solutions, such as a steel garbage can or an ammunition can (with some extra sealing for the lids), do require that equipment be isolated from the container. MobileSec says that their bags are tested to meet the RS-105 requirement regarding EMP susceptibility, which is part of the broader Mil-Std-461 on the electromagnetic interference of equipment.
The cell phone bag set is $55.00, and the laptop shield is $99.00.
The advantage of the bags is that I can access the data on the devices while they are shielded. There are other ways to effectively shield this equipment, but they won’t let you use it. The one difficulty is keeping it charged. You could have duplicate devices and use one to charge batteries and swap the batteries out. A device that allows you to charge batteries outside of your equipment would be ideal, of course, but many tech devices don’t come with those anymore.
As I ponder all of this, one thing I am thinking of doing is taking the laptop I use for legacy hardware that won’t run on Windows 7 and storing it in an EMP shield. I can keep a copy of all of my files on it and have them for as long as I can keep electricity going. It would, of course, as one SurvivalBlog reader recently suggested, be even better to print everything useful and store that too. One of the MobilelSec bags would be an excellent solution as would be the cell phone bags for when I want to ensure my privacy in that respect. The EMP laptop bag has enough space to also store some spare two-way-radio equipment, memory sticks with information, and a portable inkjet printer.
Another thing I am thinking is how much do I really need a cell phone and how connected do I need to be? I got by for most of my life without one. I am reassured by thinking relatives can reach me in an emergency, and that’s something I don’t want to give up, but I don’t want to give up privacy either. There are terrible quandaries in these times. – SurvivalBlog Field Gear Editor, Scot Frank Erie