iPad and smartphone rootkits demo'd by boffins

For some owners, a hacked phone = death, by hit squad or laser guided missile

Capabilities of this sort have long been supposed to exist and to be in use by police, intelligence agencies and perhaps other organisations. Many security pros advise clients to remove batteries or leave phones outside for important meetings, and even before the widespread advent of GPS it was often possible to locate a phone fairly accurately by asking it which mobile masts it had in range and analysing the timing of signals from them. Where access to the phone can be gained, there are even commercial spyware packages to be had - though not many thus far based on rootkits.

In general, mobile experts hold that such malware must be inserted into a phone by gaining physical access to it, or perhaps by traditional victim-operated means such as email attachments, bluetooth transfers etc. Remotely inserting malware via a mobile voice or data link without cooperation by the phone user is said by most experts to be impossible, and certainly Ganapathy, Iftode and their crew demonstrated no such capability.

There have been hints, however, that at least one US intelligence outfit - specifically the shadowy military group known variously as the US Army Intelligence Support Activity, the "Army of Northern Virginia", "Gray Fox", "Centra Spike", "Task Force Orange" etc etc - may be able to do at least some things to a phone without any Bluetooth, physical access etc.

Some accounts suggest that Activity knob-turners in light aircraft were able to cause apparently switched-off phones to turn on without their users' knowledge as long ago as the secret war against Pablo Escobar, back around 1990. More recently it has been reported that Qa’ed Sunyan al-Harethi, an al-Qaeda bigwig who had the dubious distinction of being the first man to be assassinated by a Predator robo-plane, was fingered for the Hellfire missile strike which killed him by Activity analysts who "remotely programmed" his phone "to switch itself on".

Whether or not smartphones can be attacked remotely through their mobile-network link now, there can't be much doubt that the day is coming - and as the Rutgers researchers (and the soldier-spooks of the Activity) have shown, malware in a device you carry with you switched on all the time can be even more damaging than when it's in a normal computer. ®