That sounds crazy right? Even given how unscrupulous the NSA has been revealed of late, surely they aren’t using app stores to track us? Wrong. That’s exactly what they are doing.
In the latest of docs leaked by Edward Snowden, it is revealed that the NSA and the spy organizations of the UK, New Zealand, Canada and Australia (yes folks, the good guys) were working together to exploit the kinds of weaknesses in mobile apps which criminal hackers usually use to steal identities for their own espionage purposes. The technical details are super boring, so I won’t waste your time with them. But essentially, they were combing through popular apps to find their own exploits, then planning to use those exploits to collect data and track individuals. Mobile devices are ideally equipped to let spies track us; all they have to do is match the SIM to the individual and it’s game on.
The project was called ‘Irritant Horn’ (who comes up with these names?) and it’s not 100% clear to what extent it was fully deployed. Of course, if it was done well enough, we wouldn’t be able to tell. The agencies were particularly interested in African countries and Asia. Almost hilariously, the most popular mobile browser in China was characterized as leaking like a sieve. Leaving users open to a wide range of tracking and interception, they were even able to send fake messages from one identified user to another once those users had been infected by the spyware the actual spies were using.
Naturally, the responsible agencies are claiming ‘appropriate oversight’ and self-defense. Google, Apple and Samsung have no comment and I’m sure that this story will be buried as quickly as possible. But next time you are noodling on Candy Crush, just remember that Big Brother is watching you.