VPN Articles and News

NSA’s Secret Tool “BADASS” Spied On Smartphones

Saturday, March 28th, 2015

German publication Der Spiegel has published yet another collection of classified documents that it obtained from the NSA whistleblower Edward Snowden. The documents offer a deep insight into how the intelligence agencies are preparing for future wars and acquiring the expertise needed to disable critical infrastructure through the internet. The documents also reveal how the NSA and GCHQ were able to spy on Smartphone users through a secret program known as “BADASS”. As per the report, the program had the capability to intercept unencrypted web traffic that was being sent from Smartphones to servers of analytics and marketing companies.

Most mobile apps available within popular app stores come with built-in tracking. The data provided by such tracking codes can not only be used to analyze how the app is being used, it can also help in building user profiles and gathering data anonymously from the devices. As it can be imagined, the analytics data poses a serious privacy threat since it can be intercepted and used for surveillance purposes. NSA and its counterparts from around the world have shown special interest in intercepting data from mobile devices due to the exponential rise in the number of internet enabled Smartphones and tablets.

The report published by Der Spiegel shows how the NSA and GCHQ were able to collect sensitive data like Device IDs, location and app preferences simply by intercepting unencrypted tracking data that was flowing between Smartphones and servers of data analytic and web marketing companies. Although the BADASS program appears to be at least four years old (the published documents are from the year 2010), many web analytic companies including Google still rely on unencrypted data for their tracking sessions.

This presents a golden opportunity to the intelligence agencies since they can not only track location information and movements of the device owners, but also conduct surveillance by exploiting weaknesses in leaky and poorly coded mobile apps. While such a scenario seems far-fetched, it was hinted at by several renowned publications last year. As per the reports published at that time, intelligence agencies found monitoring of mobile devices useful since it helped in unearthing location and other types of sensitive data from target subjects.

The report raises several uncomfortable questions regarding how the intelligence agencies were able to piece together user profiles as well as track them by intercepting seemingly random bits of tracking data. Most analytics data as well as tracking codes do not contain any kind of personally identifiable information but as the report shows, this does not prevent intelligence agencies from collecting and exploiting sensitive data about users.

The report also mentions how the intelligence agencies from around the world were ramping up their capabilities to exploit mobile apps. While the exact specifics of how the NSA and the company was planning to do that was not mentioned in the report, it is evident that the intelligence agencies are hell bent on collecting even more personal data from the average citizens. In such a scenario, it makes sense not to trust suspicious apps and use privacy tools like VPNs to cover your online tracks.

March 28, 2015

Leave a Reply

Your email address will not be published. Required fields are marked *

3 + 7 =