| ▲ | meindnoch 13 hours ago |
| What if I told you that carriers can also activate your phone's microphone without your knowledge and listen in on your surroundings? |
|
| ▲ | iamnothere 13 hours ago | parent | next [-] |
| What if I told you there are phones out there with hardware kill switches to physically cut power to microphones, cameras, and GPS? |
|
| ▲ | nichos 13 hours ago | parent | prev | next [-] |
| I would ask for your source |
| |
| ▲ | Coeur 9 hours ago | parent | next [-] | | "Mobile phone (cell phone) microphones can be activated remotely, without any need for physical access" https://en.wikipedia.org/wiki/Covert_listening_device#Remote... And the linked sources are: - Kröger, Jacob Leon; Raschke, Philip (2019). "Is My Phone Listening in? On the Feasibility and Detectability of Mobile Eavesdropping". Data and Applications Security and Privacy XXXIII. Lecture Notes in Computer Science. Vol. 11559. pp. 102–120. doi:10.1007/978-3-030-22479-0_6. ISBN 978-3-030-22478-3. ISSN 0302-9743. - Schneier, Bruce (5 December 2006). "Remotely Eavesdropping on Cell Phone Microphones". Schneier On Security. Archived from the original on 12 January 2014. Retrieved 13 December 2009. - McCullagh, Declan; Anne Broache (1 December 2006). "FBI taps cell phone mic as eavesdropping tool". CNet News. Archived from the original on 10 November 2013. Retrieved 14 March 2009. - Odell, Mark (1 August 2005). "Use of mobile helped police keep tabs on suspect". Financial Times. Retrieved 14 March 2009. - "Telephones". Western Regional Security Office (NOAA official site). 2001. Archived from the original on 6 November 2013. Retrieved 22 March 2009. - "Can You Hear Me Now?". ABC News: The Blotter. Archived from the original on 25 August 2011. Retrieved 13 December 2009. - Lewis Page (26 June 2007). "Cell hack geek stalks pretty blonde shocker". The Register. Archived from the original on 3 November 2013. Retrieved 1 May 2010. | | |
| ▲ | charcircuit 8 hours ago | parent [-] | | So specific models from before secure operating systems like Android and iOS. Now those operating systems even show an indicator whenever they are recording. |
| |
| ▲ | spwa4 12 hours ago | parent | prev | next [-] | | How that works is simple: there are regulations that force that the microphone used for calling is directly connected to the "baseband", which is under control of the carrier. It has to be, because of AT&T's argument: ONE misbehaving baseband can make cell phones inoperable in an area that's up to a kilometer in diameter. So AT&T's cell towers "need" to be able to send out a signal that permanently disables a phone's transmitter. Regulations say the baseband MUST control: all wireless signals (including wifi and GPS), all microphones and speakers, and it must be able to disable the camera electrically. It must have a tamper-resistant identifier (IMEI number ... kind of). Oh, it must allow calling the emergency services. If in this mode, during a call to the emergency services it MUST be able to send the exact GPS position (not just once, continuously) to the emergency services at the request of the emergency services (ie. NOT the user, and carriers must facilitate this) By the way, it's worse: as you might guess from the purpose, it doesn't matter if your phone is on the "spying" carrier or not, other carriers can send commands to other carriers' phones' basebands (because "get off this frequency" is required: spectrum is shared, even within countries. Since phones may go from one tower to another and be required to vacate frequencies, you need this command). It doesn't even matter if you have a SIM in your phone or not (ever tought that if eSIM works, it must of course be possible for any provider to contact and send instructions to the phone, so it opens up an end-to-end encrypted connection to the javacard that the actual phone cpu cannot intercept). In some phones it doesn't even matter if the phone is on or not (though of course eventually it dies). So "meshtastic" or anything else cannot make a phone safe. And in practice it's even worse. A lot of phone manufacturers "save on memory" and use the same memory chips for the baseband processor and the central cpu. Which means that it's a little bit cheaper ... and the baseband has access to all the phone memory and all peripherals connected through the memory bus (which is all of them in any recent phone). It may even be the case that these chips are integrated in the cpu (which I believe is the case for recent Apple chips). Oh and the regulations say: if there's a conflict over control over (most) peripherals, including the microphone and speaker, the baseband processor MUST be guaranteed to win that fight. Oh and because governments demand this, but of course neither fund nor test these devices, they are old, bug-ridden and very insecure. This also means that despite the government requiring that these features be built into phones, governments, carriers and police forces generally do not have the equipment required to actually use these features (though I'm sure the CIA has implement them all). Not even carriers' cell phone towers: they have to pay extra to allow even just frequency sharing ... Here is an article about baseband and baseband processors. https://www.extremetech.com/computing/170874-the-secret-seco... | | |
| ▲ | gruez 10 hours ago | parent | next [-] | | >Regulations say the baseband MUST control: [...] all microphones and speakers I'm going to need a specific citation for this, given that it seems trivially falsifiable by the existence of bluetooth headphones (which the baseband obviously can't control), not to mention other sorts of call forwarding features like the one iPhones have. | |
| ▲ | iamnothere 12 hours ago | parent | prev | next [-] | | > Regulations say the baseband MUST control: all wireless signals (including wifi and GPS), all microphones and speakers, and it must be able to disable the camera electrically. It must have a tamper-resistant identifier (IMEI number ... kind of). This is simply not true. Source: I own a phone where this is not the case. Many Linux phones internally attach their wireless devices via USB, so there is good separation. Also many upscale phones have decoupled the baseband from things that were once connected to it, as an attempt to improve security. (On iOS for instance the main CPU controls wifi.) | | |
| ▲ | strcat 10 hours ago | parent [-] | | Connecting a cellular radio via USB provides far less isolation than the approach of a tiny kernel driver connected to an IOMMU isolated cellular radio on mainstream devices. USB has immense complexity and attack surface, especially with a standard Linux kernel configuration. Forensic data extraction companies mostly haven't bothered using attack vectors other than USB due to it being such a weak point. Many of the things people claim about cellular radios in mainstream smartphones are largely not true and they're missing that other radios are implemented in a very comparable way. Cellular, Wi-Fi, Bluetooth, GNSS NFC, UWB, etc. do get implemented on secondary processors running their own OS but on mainstream smartphones those are typically well isolated and don't have privileged access to other components. The cellular radio in an iPhone or Pixel is on a separate chip but that's a separate thing from it being isolated. Snapdragon devices with cellular implemented by the main SoC still have an isolated radio. Snapdragon implements multiple radios via isolated processes in a microkernel-based RTOS where the overall baseband is also isolated from the rest of the device. There are a lot of lower quality implementations than iPhones, Pixels and Snapdragon devices but the intention is still generally to have the radios isolated even if they don't do it as well as those. | | |
| ▲ | iamnothere 10 hours ago | parent | next [-] | | The Linux USB stack improves over time, and besides, implementing it with USB makes it easier to implement hardware toggle switches. (Cutting power pins to the USB modem is like unplugging it.) Edit: I’ll add that I think smartphone “security” is almost impossible to achieve, given the complexity of everything and the opacity of modem vendor stacks, which is why I just assume endpoint compromise. I use my phone rarely and with toggle switches normally “off”, and I don’t consider it a secure device or use it very often. If you believe that a secure phone is possible, however, then Graphene is definitely a better fit than a Linux phone. | | |
| ▲ | throw1771 9 hours ago | parent [-] | | Just FYI the person you're replying to is intimately familiar with GrapheneOS (Founder/lead dev/ex lead dev, can't recall exactly) | | |
| ▲ | iamnothere 9 hours ago | parent [-] | | Yes, realized that after I replied which is why I added the comment about Graphene. I think they do a stellar job, but I also think they are fighting an impossible battle. If there were a GrapheneOS phone that had kill switches, I would use it in a heartbeat. |
|
| |
| ▲ | 15155 5 hours ago | parent | prev [-] | | > cellular radio via USB provides far less isolation Really? Does the radio somehow become the USB Host in this equation and magically start driving the conversation? How? |
|
| |
| ▲ | mlfreeman 12 hours ago | parent | prev | next [-] | | Please provide links to the relevant regulations from an actual government website such as eCFR in the US (https://www.ecfr.gov/) | | |
| ▲ | tgsovlerkhgsel 3 hours ago | parent [-] | | The regulation would likely come from an industry body like the GSM alliance or some other thing that gates certification without which carriers won't allow the phone model onto their network, not governments. |
| |
| ▲ | lgats 10 hours ago | parent | prev | next [-] | | GPS isn't a wireless signal sent by the phone, it is RX only. | |
| ▲ | dfc 10 hours ago | parent | prev | next [-] | | > It must have a tamper-resistant identifier (IMEI number ... kind of). What is the tamper resistant number that is kind of the IMEI? | |
| ▲ | CamperBob2 12 hours ago | parent | prev [-] | | That's a homework assignment, not a citation. |
| |
| ▲ | 13 hours ago | parent | prev [-] | | [deleted] |
|
|
| ▲ | apparent 13 hours ago | parent | prev | next [-] |
| One of the reasons I use iPhones is that Apple controls an integrated hardware/software experience, which makes it less likely that private information is being leaked despite the presence of privacy controls. |
| |
| ▲ | iJohnDoe 13 hours ago | parent | next [-] | | I wouldn’t be so confident. The article even references this. Apple has used third-party baseband devices in the iPhone since the beginning, which was from other manufacturers. All bets are off regarding security when this is the case. This does included microphone access. The article touches on this by saying Apple is making the baseband/modem hardware now. Something they should have done since day one, and I’m not sure what took them so long. However, it was was clear they didn’t have the expertise in this area and it was easier to just uses someone else’s. | | |
| ▲ | wisplike 13 hours ago | parent [-] | | Patents is why it took them so long. | | |
| ▲ | wolvoleo 7 hours ago | parent [-] | | Yeah but also RF in the real world is hard. Apple found out the hard way with the iPhone 4. Their secrecy didn't help. People doing real world testing had a case that made it look like an iPhone 3s and that also happened to mitigate the death grip problem. We know this because one was stolen and given to gizmodo. And that was even only antenna design, they still used a standard RF stack then. |
|
| |
| ▲ | bigyabai 13 hours ago | parent | prev [-] | | I empathize with the sentiment, but in reality Apple is as lazy as anyone else: https://www.technologyreview.com/2019/07/29/134008/apple-con... | | |
| ▲ | bilbo0s 13 hours ago | parent | next [-] | | Apple is not as lazy as anyone else, don't believe the hype. That assertion is a bit overblown. And people can easily find out it's overblown with a bit of research. But at the same time, my whole philosophy is never let it touch any network connected device at all if it is critical. I don't care if it's an Apple device. Here's reality, mobile carriers have been able to get your location from nearly the inception of mass market mobile phone use. I'm not sure anyone really believed their location was somehow secret and not discoverable. If you're using the phone or internet networks, you're not anonymous. Full stop. Forget whatever anyone told you about your VPN, or whatever other anonymization/privacy machine that Mr McBean is selling Sneetches these days. Assume everyone is tracked, and some are even watched. Therefore everything you do or say with your devices should be considered content that is posted publicly with an uncertain release date. | | |
| ▲ | leptons 2 hours ago | parent | next [-] | | >Apple is not as lazy as anyone else, don't believe the hype. "You're holding it wrong" might be the laziest thing anyone has ever said about a tech product. | |
| ▲ | bigyabai 7 hours ago | parent | prev [-] | | > And people can easily find out it's overblown with a bit of research. Where? Apple's whitepapers aren't audited by anyone other than themselves. > Assume everyone is tracked, and some are even watched. Fatalist non-sequitur. |
| |
| ▲ | llm_nerd 13 hours ago | parent | prev [-] | | There is a pretty large chasm between "When you explicit (or accidentally) use the siri functionality, it can record the interaction for quality purposes and per the agreement you made share that will Apple or its agents" and "random third parties can engage hardware functionality without your knowledge and spy on you". I am entirely, 100% certain that my telco can't just enable the microphone on my iPhone and record me, short of some 0-day exploit. I simply cannot make that bet on many other devices. |
|
|
|
| ▲ | retired 13 hours ago | parent | prev | next [-] |
| My provider knows who I call, who I text, which websites I browse, my bank account number, my home address, my rough location, which countries I visited for holiday and through DTMF they can even sense which buttons I press on my handset. |
| |
| ▲ | 13 hours ago | parent | next [-] | | [deleted] | |
| ▲ | KellyCriterion 11 hours ago | parent | prev [-] | | Eh, no? How does your provider know all your bank accounts? If at all, then the one you are using for billing - but the 2FA apps do not expose such data to the provider? The Apps communicate via HTTPS calls in the background? | | |
| ▲ | gruez 10 hours ago | parent | next [-] | | I think they're implying they can glean all that information based on the 2fa codes you receive. eg. "your security code for First Bank Of HN is: xxxxxx" | | |
| ▲ | sib 9 hours ago | parent [-] | | Which don't contain the bank account number (at least in any 2FA I've ever received from a bank.) |
| |
| ▲ | rkomorn 9 hours ago | parent | prev [-] | | Maybe they meant their provider has it for payment info. That would not be unusual in Europe. |
|
|
|
| ▲ | tigrezno 13 hours ago | parent | prev | next [-] |
| what about Graphene? |
| |
| ▲ | strcat 10 hours ago | parent [-] | | GrapheneOS only supports devices with isolated radios including but not limited to cellular. It's one of the hardware requirements: https://grapheneos.org/faq#future-devices The radios on the supported devices can't access the microphone, GNSS, etc. GrapheneOS has never supported a device without an isolated cellular radio since that isolation was in place even with the initial Nexus 5 and Galaxy S4. However, some of the devices prior to Pixels did have Broadcom Wi-Fi/Bluetooth without proper isolation similar to laptops/desktops. Nexus 5X was the initial device with proper isolation for Wi-Fi/Bluetooth due to having SoC provided Wi-Fi from Qualcomm. Pixels have avoided this issue for integrating Broadcom Wi-Fi/Bluetooth. Nexus devices left this up to companies like LG, Huawei, etc. and anything not done for them by Qualcomm tended to have security neglected. Qualcomm has taken security a lot more seriously than other SoC vendors and typical Android OEMs for a long time and provides good isolation for most of the SoC components. Don't believe everything you read about smartphone security and especially cellular radios. There are many products with far less secure cellular radios which are far less isolated but rather connected via extremely high attack surface approaches including USB which are claiming those are better. A lot of the misconceptions about cellular come from how companies market supposedly more secure products which are in reality far worse than an iPhone. | | |
| ▲ | Borealid 7 hours ago | parent [-] | | I cannot imagine a way to connect a cellular modem that provides a smaller surface area than USB ACM. There is no direct memory access and no way for the modem to directly access other devices. Could you perhaps elaborate on what the more-secure alternative to USB ACM would be? |
|
|
|
| ▲ | lysace 12 hours ago | parent | prev | next [-] |
| At this point I would be mildly surprised. |
|
| ▲ | IshKebab 13 hours ago | parent | prev | next [-] |
| I would not believe you until you provided actual evidence. |
|
| ▲ | relaxing 13 hours ago | parent | prev [-] |
| Why, do you think it's the sort of thing you're likely to say? |
