March 7, 2007 at 8:00 AM ET
Lost in the intriguing story of a Wal-Mart employee who allegedly spied on a New York Times reporter was this tidbit: The "technician" managed to pluck text messages out of the air and read them, according to the company. And these messages weren't just communications between Wal-Mart employees and a professional journalist covering the firm; innocent bystanders and their messages also were swept up in the spying, it said.
Wal-Mart spokeswoman Mona Williams offered scant details of the spying activities by the fired employee on Monday, but she stated that the text messages were intercepted by the employee using a radio device, then scanned for certain keywords. She declined to elaborate on the technology used to pluck the messages out of thin air, other than to say the radio device pulled down messages within "a mile or so" of the company's headquarters.
She also wouldn't say how many innocent people had their messages read, other than to say there were only "a handful" of other victims.
On Tuesday, Wal-Mart spokesman David Tovar confirmed that the text-message prying occurred, but said the company couldn't reveal any additional details about the incident.
Wal-Mart said on Monday that it believed the employee's recording of telephone conversations between the New York Times reporter and members of the company's media relations department broke no laws because it's legal in Arkansas for telephone conversations to be recorded as long as one of the parties involved is aware of the recording.
It is illegal to surreptitiously intercept electronic communications without a warrant under the federal wiretap statues enacted in 1968. In 1986, the Electronic Communications Privacy Act clarified wiretaps laws to extend to interception of signals from modern radio-based devices, explicitly prohibiting the monitoring of cellular phone transmissions by third parties without a court order.
The U.S. Attorney's Office for the Western District of Arkansas is investigating the incident.
The company's description of the privacy breach begs the question of whether it is possible to intercept and read text messages flying around a certain area. The experts that MSNBC.com spoke with Tuesday agreed that it would be possible. The only point of contention was how much it would cost.
Cellular interceptor technology that could pluck text messages from the sky is readily available on the Internet -- for those who have $500,000 or more to burn and can prove they work for a law enforcement agency.
Companies like Global Security Solutions and Home Land Security Strategies Inc. offer such text-message-sniffing products for sale.
Reserved for G-men and -women
Home Land brags on its site -- CellularIntercept.com -- about the powers of the "G-Com 2066," saying it will "capture SMS (short message service) data. It is a passive system -- no signal is transmitted from the system and the cell phone network receives no electromagnetic interference." The site says that all devices sold there are "restricted and reserved for authorized agents of Government."
But he also stated that a determined hacker who wanted to grab all the text messages floating around in a certain area wouldn't have to spend that kind of coin to do so. A teenager could build a radio kit to do it from parts purchased at an electronics store, he said.
"There are many different ways to do it," he said. "Whatever is in the air can be intercepted and listened to."
Former White House cybersecurity adviser Howard Schmidt echoed Demeter's claim. He was even more specific, saying a few parts purchased for about $100 at a local Radio Shack would do the trick. In fact, he said, he helped build such a kit as part of a security assessment for a company only a few years ago.
"Text messages are transmitting over radio frequencies ... unencrypted. You can intercept them and pull the pieces back together," Schmidt said. "There are schematics all over to do this."
Cue up the James Bond track
But Joe Farren, a spokesman for mobile phone industry group CTIA, rejected the idea that amateurs with inexpensive equipment could intercept text messages, saying that would be limited to the realm of highly specialized hackers and government spooks.
"I'm waiting for the James Bond theme to start playing here," he said. "Minus the James Bond, NSA-type capability, that kind of thing doesn't happen. If messages are sent on a modern, digital network, they are encrypted. You need serious NSA-type capability to do that."
Even that might not be an impossible barrier at a large company like Wal-Mart. Like most Fortune 500 firms, Wal-Mart employs former FBI and CIA agents to work in its corporate security department.
Text messages are sent using SMS (short message service) protocols, and available with nearly all digital cell phones. There are many ways for a spy to surreptitiously peek at them.
In 2002, a Gartner Group report warned companies not to trust SMS, saying that clever hackers could simply befriend cell phone employees and get them to obtain copies of text messages. The report followed the conviction of a student in the U.K. who persuaded two mobile phone employees to release text messages sent by his ex-girlfriend.
Some companies sell what are effectively Trojan horse programs for cell phones, which cause them to forward messages received by the phone to a third party. Implanting such programs requires physical access to the phone that's being spied on, however, said one maker of the tools who asked not to be identified.
Cell phones and pagers also can be "cloned," meaning the clone will receive a copy of every text message sent to the original device. In the most famous case of pager cloning, alleged Israeli organized crime figure Assaf Waknine obtained a clone of the pager carried by a Los Angeles police detective who was investigating him.
But intercepting all text messages sent within a one-mile area -- which is what Williams alleged the Wal-Mart employee did – would require a much more sophisticated surveillance system. And it would constitute a more outrageous violation of privacy.
"It makes you wonder how big can this problem really be," said privacy auditor Larry Ponenmon, who runs The Ponemon Institute. "Does it touch every large company?"