A slew of adverts on the Internet in the past few months claim that they can indeed tap into your cell phone conversations. A product called Bluetooth e-Stealth, which sells for around R800 claims that "the very latest technology and programs allow you to spy on any Bluetooth enabled device or mobile phone.
"Used by elite law enforcement agencies such as the CIA and FBI. Now the mobile Bluetooth spy software has been released to the general public. With our spy Software you can now easily find out who your partner, business associates, and friends have been in contact with. Whether you are suspicious of an affair, or would just like information that will help progress your career, you can now do all of the following using your mobile phone, and the person you are targeting will not suspect a thing."
For the moment, let's forget about the legality of phone tapping, and try and establish if in fact it is technically possible to listen in to cell phone calls. "Impossible" says MobileSpy.com on their website. They go on to say "So you've heard about the software called e-stealth or blue stealth. This page explains why you should NOT trust that software for anything except a waste of money. What they don't tell you is, even if your phone will run the software, the phone you want to spy on *must* accept a bluetooth connection anytime you want to spy on it. That's never going to happen. Do you really think your child or employee will accept a connection from someone called estealth? Of course not. It will completely tip them off that something is up."
And that seems to be the fact of it - "the phone you want to spy on *must* accept a Bluetooth connection". Judging from the response of a number of people I spoke to it seems that most Bluetooth devices ask if it is OK before accepting a ‘pairing' to another Bluetooth device. So while you may be able to see a number of other Bluetooth devices from your phone, the radius is limited to about 10m, and you can't simply connect to them via Bluetooth unless they accept the connection.
So just how does MobileSpy.com operate if they can successfully spy on others' conversations? According to their website, you will need to install a small program onto the compatible smartphone to begin recording. That means that MobileSpy.com requires that you install some software onto the phone you wish to target, assuming your ‘target' will be happy for you to spend ten minutes or more installing spy software on their handset so you can track their conversations. You might be able to get away with that if you're checking on your spouse or children, but after that it becomes a lot more difficult!
The same applies to TheSpyPhone.com, which seems to be the industry standard in bugging software, and they also require you to install software onto the target phone. "Install our intelligent software on any of these Nokia GSM handsets and you will be able to dial in and listen to the surrounding sounds and conversations coming from around the target phone from anywhere in the world without any indication of connection. When the spy call is ended the phone stays in standby mode and the person with the target phone will have no clue about your spy call. The intelligent software erases all call logging so even if the user entered the 'received call list' your number will not show. When anyone else calls the target phone, it rings and operates as a normal mobile phone." When asked "Can I call from the spy phone to any other cell phone and listen to anyone's conversation?" TheSpyPhone.com's response was "No. This is technically impossible."
Rob Lith, a director of Connection-Telecom, based in Cape Town is sceptical of the Bluetooth bugging device. "I'm dubious about this particular product. It could be a scam to download software for $69 - I've seen some posting that it's been downloaded and then a DLL doesn't work. But I have seen more Google results for E-Stealth Products so there could be something exploiting Bluetooth vulnerabilities - i.e. 'Rifle' sniffs out vulnerability in Bluetooth devices." (Rifle refers to a Bluetooth device that can apparently ‘snoop' on Bluetooth conversations from up to 1,6km's away by using an enhanced aerial.)
Another industry expert, who asked to remain anonymous, had this to say: "That site is a little skimpy on details, and it will also probably rely on the fact that the phone you are snooping on is Bluetooth enabled and has you as a paired device that is allowed to make unrestricted connections. I do know that you can snoop other Bluetooth devices, but by default most will ask for a passcode on both ends. I'm not sure how this product will get around that, and if it is through a flaw in the Bluetooth stack, I'm pretty sure that newer phones will be patched..."
On its website, Microsoft provides the following advice:
- Keep your Bluetooth setting to "non-discoverable" (transmission-disabled) and only switch it to "discoverable" when you're using it. Just leaving your cell phone or PDA in the discoverable mode keeps it dangerously open for Bluetooth transmission-a Bluetooth user within up to a 30-foot range can receive your signal and potentially use it to access your device as you walk around town, drive, or even walk through your office.
- Use a strong PIN code. Codes of five digits or longer are harder to crack.
- Avoid storing sensitive data such as your social security number, credit card numbers, and passwords on any wireless device.
- Stay up-to-date on Bluetooth developments and security issues, and regularly check with the manufacturer of your device for news on software updates or any specific security vulnerabilities.
There is a widespread belief that the CIA and FBI can indeed hack into cellphone communications, and that they have the legal right to do so in the United States. By extension one would have to assume then that the government in South Africa also has access to this technology. In the final analysis, however, one has to wonder what conversation can be worth listening in to, given that it is illegal to do so. If it is simply to steal talk-time, then it doesn't seem worth the risk or the effort. If it is to spy on one's spouse or children, I would argue that you're probably too late to fix the underlying problem anyway, and once your spouse finds out you have been spying on him or her, that relationship is pretty much over anyway!
And since it is very unlikely that the government will be spying on most normal people's phones, it seems that the biggest threat is that the person wanting to spy on you has to install software onto your phone in order to gain access. That means that your best protection is not to leave your phone lying around, and to ensure that your phone is set to "non-discoverable".