We all know about cellphone spy software that someone can put on a phone and monitor everything. But access to the actual phone is needed to attach such programming.
These ads suggest such software can be downloaded on a victim phone remotely just by calling your phone.
Seems spooky but is it real or are these companies scamming people and we have nothing to worry about?
I have a hard time believing that just a phone call could install software on a wide variety of phones. I can believe that you might be able to trick someone into installing something via a link in a text.
Dunno; but since Gemalto, the Dutch maker of the majority of SIMs yesterday had a $470 million drop in it’s stock because the NSA and Britain’s GCHQ may have stolen millions of SIM Card Keys used to encrypt cell calls, it’s the big boys one should worry about more.
Obtaining SIM card private keys allows intelligence agencies to decrypt intercepted calls without anyone knowing – not the users, the network operators nor the handset manufactures. Communications eavesdropped today, yesterday or five years ago can be decoded once a SIM’s Ki key is obtained.
The Register: ‘NSA, GCHQ-ransacked’ SIM maker Gemalto takes a $500m stock hit
I should emphasize Gemalto is innocent of wrong-doing. Still, most smartphones seem full of crap from apps anyway, some of which phone home.
And pace Lenovo’s bundling of Superfish crapware, no doubt a lot of laptops also.
There won’t be a definitive answer for all phones, because each company (and even product lines within the company) has some unique code. That being said, I’m inclined to agree here - there just isn’t a connection between “answer the phone” and “download and run this software.”
At least, I’m not aware of one in any of the phones I made when in my 15 years as a phone designer.
As Digital is the new Analog says, the presence of backdoors and their functionality will vary from cell phone manufacturer to manufacturer, and from model to model. But yes, in general these sorts of backdoors do exist, and have been discovered and documented by programmers and engineers who have reverse-engineered various phones. Pretty much every Samsung Galaxy device, for example, has a built-in backdoor which allows the manufacturer, or any other third party with the right knowledge, to remotely control the phone. This includes reading and writing files stored on the phone, activating the phone’s GPS to get its location, and activating the phone’s microphone to eavesdrop.
Digital rights organizations such as the Electronic Frontier Foundation and the Free Software Foundation have been warning the public about these rather flagrant privacy violations for years, though unfortunately without too great an effect.
You can read about the Samsung Galaxy backdoor from the FSF and from the developers of Replicant (a free fork of Android which aims to strip out all the spyware and security holes). The issue of cell phone backdoors in general, and the US government’s attempt to make them mandatory, was the subject of an EFF polemic a couple years back.
That said, don’t trust the snake-oil salesmen who want to sell you add-on software that supposedly blocks the backdoors. The privacy problems with phones are too deep-rooted; it’s unlikely that there is any effective workaround short of replacing the entire OS with a privacy-respecting one which is fully open and auditable.
TVs as well. Samsung’s been in the news recently for its smart TV EULA, which requires users to consent to private conversations picked up by the TV’s microphone to be sent to third parties. However innocent Samsung’s intentions may have been (they claimed that the voice data was captured only for the purpose of voice command recognition on remote servers), they wrongly claimed that this data was transmitted securely and confidentially. It took someone only a few minutes to analyze the outgoing network traffic from one of these TVs to see that all the data was sent unencrypted. So any malicious party whose network your TV’s Internet traffic happened to get routed through would be able to snoop on you, at least for the periods where you were giving your TV voice commands.
And don’t forget that a couple years ago LG smart TVs were found to phone home to report your viewing habits and the contents of any storage media you plugged into the unit, even when you specifically disabled this obscure “feature” in the TV’s settings.
One or two of my acquaintances told me that they first thing they did after buying a new TV was to open it up and physically disconnect the microphone. Myself, I just never plug mine in to the Internet.
We are moving somewhat afield from the OP. The question in the OP is not are our consumer electronics riddled with security holes due mainly to dubious features. But instead can people with no real technical background buy programs for under $50 that will let them spy on any phone. I don’t think that the two links in the OP are anything but scams to get $50 from people without letting them hack the phones of others.
Do you not see the logical connection between the two questions? As long as there are security holes and backdoors in consumer electronics, there will be people out there exploiting them. Naturally some of them will be selling their services, either on a one-off basis or in the form of prepackaged software which customers can run themselves. Of course a great many such software packages will be scams, but it’s naïve to think that they all are.
I was able to find a page explaining this scam. It took a bit of work, because of the software’s generic name (bad sign right there). Remote Install Cell Spy Software Exposed - SpyzRus.com
As for the possibility of hacking somebody’s phone with only a call, I’m pretty sure that’s impossible, at least for android devices (I don’t know enough about apple ios to comment either way). On Android, phone calls are handled by an app called simply “Phone”. In the huge list of permissions this app has, there isn’t anything that would let it install additional software, or reroute/monitor data communications.
It can of course, make calls, record audio, send messages, directly call numbers, and do other things that would let it monitor your audio conversations and retransmit them to another device, but it has a legitimate need for those permissions (either for it’s job, or because it’s run in the same process with certain related systems apps).
Gaining remote control of some Android devices is possible, and the links I posted earlier explain exactly why this is so and how it works. The authors even provide a proof-of-concept program showing how the backdoor could be exploited by someone with access to it. The technique does not exploit liberal permissions of a user-level app running on the phone, but rather a built-in vulnerability in the phone’s underlying operating system—or more specifically, the OS running the phone’s modem. This part of the OS communicates directly with the cell phone network, so it’s not restricted by any Android permission settings.
Here’s a relevant snippet from one of the articles, written by one of the developers who discovered the vulnerability. It describes the problem in general terms, without getting into the technical details:
This is actually part of what I didn’t like about some of the architectures I had to deal with, back in the day. The first several phones I made had a very clean modem - it was a modem, an not much else. Control over the peripherals, such as the camera, microphone, and GPS, were handled by the applications processor.
For cost and size reasons, we started looking at a different solution. This came from a company that had a very strong background in the modem side of the world, and thus their solution was very modem-centric. The modem controlled peripherals and clocks, and the application processor had to request any changes through the modem. This would, theoretically, open up some of the security issues that psychonaut is talking about.
As an aside - when Blackberry was at it’s lowest, before BB10 came out, there was significant talk about them changing to Android. And every time a rumor about a buyout from Samsung or Lenovo or others would pop up, the same discussion happened.
The general consensus from people I spoke to was that this would mean Blackberry would have to give up their claim to security. BlackberryOS and BB10 were built from the ground up with security in mind. Android wasn’t. It’s virtually impossible to change a complicated, unsecure system into a secure one. Just too many opportunities for a backdoor.
BlackBerry’s claim to security has always been just that—a claim. Whether the OS really is secure is impossible to verify, since they don’t make their source code available for users to audit. There are, in fact, competing claims (by none other than the NSA) that BlackBerry devices are open to remote surveillance. This story was broken by Der Spiegel back in 2013 after the Angela Merkel wiretapping scandal; see for example Privacy Scandal: NSA Can Spy on Smart Phone Data and How the NSA Spies on Smartphones Including the BlackBerry. If the story is true and the NSA has found a way to break into BlackBerry phones (or if BlackBerry has been complicit with the NSA and deceptive in its claims that its OS has no built-in backdoor), then it is entirely within the realm of possibility that other third parties have also figured this out. (Though if any have, I doubt they’d be openly selling the tools for a measly $50.)
That pretty much answered my question. Thanks! 
There have been numerous exploits found in Android. Google sort of tries to patch them, but sometimes it just doesn’t care. (Their philosophy is basically “Buy a new phone.”)
But even if Google issues a patch, the chances that the maker will update the software on their phones is small.
Note that these exploits are generally fed thru browsing web sites and and less commonly via email attachments. However, a link to a malware website in an email is surprisingly effective. People click on crap all the time.
Of course, just getting people to install some malware laden app is remarkably easy.
Apple has generally had better security for its phones. But you need to have a recent-ish model to get the updates.
If you have a Blackberry or Windows phone, you are living dangerously.
None of the above relates to manufacturer or state compromised stuff.