Slashdot Mirror
Edward Snowden's New Research Aims To Keep Smartphones From Betraying Their Owners (theintercept.com)
Smartphones become indispensable tools for journalists, human right workers, and activists in war-torn regions. But at the same time, as Intercept points out, they become especially potent tracking devices that can put users in mortal danger by leaking their location. To address the problem, NSA whistleblower Edward Snowden and hardware hacker Andrew "Bunnie" Huang have been developing a way for potentially imperiled smartphone users to monitor whether their devices are making any potentially compromising radio transmissions. "We have to ensure that journalists can investigate and find the truth, even in areas where governments prefer they don't," Snowden told Intercept. "It's basically to make the phone work for you, how you want it, when you want it, but only when." Snowden and Huang presented their findings in a talk at MIT Media Lab's Forbidden Research event Thursday, and published a detailed paper. From the Intercept article: Snowden and Huang have been researching if it's possible to use a smartphone in such an offline manner without leaking its location, starting with the assumption that "a phone can and will be compromised." [...] The research is necessary in part because most common way to try and silence a phone's radio -- turning on airplane mode -- can't be relied on to squelch your phone's radio traffic. Fortunately, a smartphone can be made to lie about the state of its radios. The article adds: According to their post, the goal is to "provide field-ready tools that enable a reporter to observe and investigate the status of the phone's radios directly and independently of the phone's native hardware." In other words, they want to build an entirely separate tiny computer that users can attach to a smartphone to alert them if it's being dishonest about its radio emissions. Snowden and Haung are calling this device an "introspection engine" because it will inspect the inner-workings of the phone. The device will be contained inside a battery case, looking similar to a smartphone with an extra bulky battery, except with its own screen to update the user on the status of the radios. Plans are for the device to also be able to sound an audible alarm and possibly to also come equipped with a "kill switch" that can shut off power to the phone if any radio signals are detected.Wired has a detailed report on this, too.
I'm not that concerned that my phone might transmit while in airplane mode. My phone usually isn't in airplane mode. It's far more concerning what's being transmitted while the phone is operating normally. I'd be far more interested to know, for example, whether my phone is secretly recording my conversations and acting as a bug.
Wouldn't a simple hardware switch that connects the phone to its antenna suffice ?
No antenna = no useful signal for the towers to pick up.
I thought he was just a pretty average govt. tech employee that decided to leak a bunch of documents. Now he seems to be treated like a leading expert on security? Is there something I missed here? Is his research something beyond a Google search?
So, no one properly turns off their phone when getting on a plane? I'd turn my phone completely off more often if I didn't have to listen to a stupid, non-user-volume-adjustable chime every time it turns on.
They won't be happy. He'll might have his ration of Borsch withdrawn.
Prolific, savior of humanity.
The dangers of knowledge trigger emotional distress in human beings.
This won't do anything. It's not like people are only using their phones to make an outgoing calls and then turning them off. People use smart phones to DO things. Whether that's accessing the internet or communicating with people via text or voice, the phone NEEDS radio signals to do that. "Man in the middle" systems exploit that for tracking. What Snowden and Huang are recommending isn't going to change that at all.
"Growing old is inevitable; growing up is optional."
Its better than nothing I suppose, but a better step might be to get manufacturers to build in hardware based cut offs of the transmission hardware and maybe hardwired LEDs showing when the mic/camera is active. In the future a real plus would be to re-design the cell network communications protocols so that your phone doesn't "need" to constantly announcing itself but only transmits when making calls or access data. Of course you can expect governments to fight tooth and nail against these "terrorist tools" while quietly skirting around the fact that ~99% of the time their "anti terrorism" measures end up being used against pretty much everything but terrorists (drug runners, money launders, protest groups, etc)
The problem is your phone's GSM/CDMA radio is a proprietary black box and there's certain way to really shut it up besides breaking it or putting it behind a place where no transmissions can escape, like a freezer. All of the towers are poisoned because all of the American telecoms have no qualms with surrendering your privacy when presented with warrants, even if they're certainly unconstitutional.
So, if you're some kind of political dissident, or you're trying to escape an abusive person who has access to the telecoms' data*, it's probably best to not even use cellular communication at all. Use Tails. If you have no other choice but to use cellular transmissions, then it's probably better to have some kind of hotspot where you can communicate everything with end-to-end encryption from a trusted computer, rather than using the radio that comes in your phone and could potentially blabber about everything connected to it.
*You might think this unlikely, but once I was listening to an FM radio show (the Kane Show, for those in the Washington DC area). This show has a segment where people who know their significant other is cheating on them get revenge in various ways. Now, this might've been entirely staged or a hoax, but one woman told the hosts that she knew her boyfriend was cheating on her because she worked for Verizon (which was his provider) and monitored everything he did on his phone through 4G. Maybe the boyfriend had it coming in this particular case, but imagine some violent, stalkerish man doing this to women...
The difficulty seems to be that they're trying to hack privacy onto phones that are not really designed for it.
The vast majority of phones seem to be designed around the idea of apps, particularly social apps.
The hardware on these phones are typically black boxes and the software is designed in the interests of the vendors.
It's not difficult to make your computer private. You can build it from component pieces and put an open source OS on it.
In contrast, I've found a little information on building your own phone.
https://www.raspberrypi.org/bl...
That's the best I could find and it's a long way from being a practical phone.
For starters I can't find any CDMA circuit boards so you can't use it with Verizon. As bad as they are they have the best network in the US.
But ultimately being able to really own our phones is the only way to insure privacy on them.
Scenario 1
You are one of the subversives. You wish to prevent your phone from leaking your location or the curently open document. You attach one of these detectors, turn airplane mode on. In about 20 minutes since you left home, as if on a timer, your detector beeps and you see RF activity. You scramble to turn it off, wondering if it leaked your location and / or open document.
Scenario 2
You are one of the subversives. You pull the battery out. You write with a pen on paper.
Scenario 3
You are one of the subversives. You place the phone in a makeshift Faraday cage. You write with a pen on paper.
I don't really understand the first scenario. Are we talking about sensitive enough info ? Then why risk using the phone ? What app (with no network access required) would be absolutely vital to a subversive meeting ?
Also, would it beep if it got excited by other RF, possibly emitted by those looking for subversives ?
I appreciate privacy but this device seems to give a false sense of security. If a person doesn't have the discipline to enforce a "battery out" or "leave phone home" policy, would they have the discipline to randomly test this device, to keep it charged, to inspect it for rogue electronics, etc ?
I should be paranoid about my phone, but not about this device ? Also, it seems a bit narrow in scope. Does it check for inaudible sounds from the phone's speaker ? Does it check for CPU load that modifies the phone's thermal print ? Does it check for blitz pulses ? Does it check for the phone quietly recording everyhing ? Does it check for.. uhh, I'll stop.
Data exfiltration (wooo...) isn't just a real time problem.
Yeah, Snowden's "vacationing" in Russia because Obama and his Democrat friends are oh-so Snowden friendly?
Recording audio &/or gps location doesn't need to transmit at the time. Back online/cell network a bit more data won't be noticed. Battery out/power off would work.
Obama did nothing about Snowden's fans in the U.S. President Trump will. TRUMP 2016!
and fleeing prosecution to "frenemy" nations made you a genius security researcher as well. Maybe there's some kind of cause-effect relationship there that I don't understand. I look forward to Edward Snowden's future cure for cancer because apparently he is some kind of super genius who can achieve anything he wants.
Do you suppose he snatched all that intel and escaped unnoticed to Hong Kong using magic pixie dust?
Obama was too scared to call Snowden a traitor. Trump did.
Obama was too scared to call for Snowden's execution. Trump did.
Trump 2016!
He's at it again. Doesn't give a shit about you or anyone, just wants to be talked about.
I've thought about this a bit. Consider a consortium of like-minded privacy-concerned people that has a pool of virtual SIM cards (exceeding the user base by perhaps 2x or more). The group pays for the whole pool of SIM cards (end users pay the group, perhaps through bitcoin). Participating phones check out random virtual SIM cards (using some kind of cryptographic signature perhaps similar to blockchains to assure anonymity) periodically in order to ensure apparently random distribution. All transactions flow over a VPN to a common network and the phone itself is disabled (use VoIP). Web access runs through Privoxy or similar filtering to ensure there are no traceable bits. This should be fine until you start installing other apps.
This probably requires special hardware in order to "spoof" the consortium's SIM cards and swap between them with minimal downtime.
Use my userscript to add story images to Slashdot. There's no going back.
But at the same time, as Intercept points out, they become especially potent tracking devices that can put users in mortal danger by leaking their location.
Which is close to the top of the list of reasons why I really don't want one at all.
Now, if I could get an OS and drivers for the GSM hardware that were all open-source, and I could examine and compile it all myself, and load it onto the phone, then maybe, but as is? They've got more security holes than your average kitchen colander.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
If a phone had a POCSAG pager module inside it could run radio silent. The infrastructure is in place, the coverage is great, the service is cheap. All we need is a good phone(please make it FOSS with great hardware!) and we can only boot the GSM modem when we choose to show up on radar. We can stay in touch in real time, get texts and near realtime incoming calls to call back, perhaps even take live incoming calls with the right answering service switchboard software.
If I were someone *that* worried about being located/tracked, yet needed notepad, calculator, and camera functions, I'd bring pre-smartphone tech like a Palm Pilot and a good dedicated digital camera (some have annotating apps and editing in-camera). My good 'ol Palm III lasted over a week on two AAAs.
I'm sure there are dedicated, non-smartphone devices for other activities as well.
I now have a lower opinion of the quality coming out of MIT.
The phone should be considered ALWAYS ON unless you take the battery out.
Why in the world do you need a computer to tell if your phone is transmitting? All you need is a diode, a capacitor, a transistor and an LED to make an RF detector. They make these thing as novelty items. They blink when your phone's transmitter goes active.
Most modern computers have a "management" chipset that can be used to to manage the computer without the OS being involve or aware. I am assuming this architecture is also part of modern cell phones. So unless Snowden and his pal can figure out how to access that chipset anything they do with the OS is worthless.
just throw your untrusted phones in a broken/unused microwave and close the door. Faraday promises it wont betray you. No political problem can't be solved with a sufficient amount of physics.
If your life is at risk, YOU SWITCH IT OFF. If you can't switch it off, remove the battery. If you can't remove the battery, put it in a screened holder. This isn't rocket science.
I trust that he will uphold the constitution.
His 15 minutes are up. Why does he believe himself to still be relevant? (Bring on the downvotes, I hate moderating anyway) Oh, because it wasn't about _whistleblowing_ (correctly _leaking_ mind you, but let's leave that for another time) and his moment of public masturbation is over.
OMG facts!
Take the damned battery out! Hasn't anybody seen NCIS!
power off device completely. Remove battery (if possible). Remove tinfoil hat and wrap phone. That should pretty much solve the problem unless I am missing something, and it gets that goofy tinfoil hat off your head so people stop looking at you strangely.
HA! I just wasted some of your bandwidth with a frivolous sig!
Timmy Cook, CEO Apple Inc., invented encryption, the computer and computer programming. He also claims to have created a "Time-Machine" that took him to the distant past where he invented the French Language.
This "Stunt" by Snowden will for sure get him on Timmy's Shit List!
Ha ha
I wonder if it'd be possible (for somebody with knowledge/talent) to build a mini StingRay-like device that would force your phone to communicate through it and its firewall?
NSA whistleblower Edward Snowden
s/b
USA national hero Edward Snowden
FTFY
I for one am totally safe.
Now excuse me while I play Pokemon GO.
Some bullshit story about counter-measures to avert the actual spyware that a phone is? Fuck you.
If you don't want it to track you while you are out doing your espionage and subterfuge gigs just get it under a fake name by having sex with a phone store employee. You fucking dickheads @ slashdot are pathetic.
How will you contact a fucking network that spies on you without contacting a fucking network that spies on you?
Don't have service to it and transfer it later or stop playing James Bond world with your fuckin phone.
Real world talk is use Orbot and Tutanota on Android, use iPhone if you want the dickshaped version that fits up your ass snugly.
Oh yeah wait Mr. Putin and FSA.. i am going to work on some spy shit - while im against spy shit - and in Russia because I defected for disclosing the lies of the US government. Government means employees of the people.
The currently-in-development Neo900 project (which hit a few snags because PayPal are scumbags and withheld large chunks of project funding but seems to have recovered now that PayPal has released the money) has some features that will help with this.
It contains physical hardware level off switches for phone radios/antennas (including a separate disconnect for the GPS antenna to prevent it from being able to do GPS location unless you enable it) but more importantly the design of the hardware means the baseband radios (including the cellular baseband module) have NO access to the main application processor or its RAM or Flash storage. All audio goes through the main application processor as well (meaning the baseband has no access to the microphone in the phone at all)
As far as I am aware it will be possible to run the Neo900 and use its features (make calls, access the internet etc etc) using only open source software on the main application processor (so no blobs that could contain backdoors).
No its not an iPhone or an Android device, no its not super-thin and super-light, no its not packing the latest super-powerful CPU and no it wont run Pokemon Go or Netflix but it will prevent bad actors (whoever they may be) from remotely activating your phones microphone and recording everything you say without your knowledge.
The core function of smart phones is not making calls, (even to the point that MMS is no longer defined as a telephony service) which is why so-called subversives want to use their phone. If one removes the battery, one cannot write memos, take photos, record interviews. Most phones use a SIM, which contains your billing details and it can be removed. Those telecom companies aren't going to spy on you for free, (yes, you're paying them to watch you) so the solution is obvious. Unlike 'dumb' phones without a SIM, your smart phone will still do everything else. Which means, that if one uses a roaming wi-fi service like Fon (or some domestic variant), tracking the handset may still be possible.
The more ostentatious, the better. It should be about the size and beauty of a fine humidor. Some would be gold, silver or platinum plated. But, you could also have ones that appeared to be mahogany, rosewood or teak. Market it as "The Privacy Box", or perhaps just pBox. You pitch it as a critical accessory for the upwardly mobile. When you absolutely need privacy, just put the phone in the "Pbox".
Expensive lawyers would use it to reassure clients that they took their privacy seriously. C-level executives would use it to highlight the importance of their discussions. The ritual of placing the cell phones in the "Privacy Box" would help seal the deal.
The primary attributes of this product would be:
For extra points, you could easily design it to:
Wish I had the capability to make something that looked expensive and tasteful. I think this would sell itself.
on-air/mobile data/wifi mode when they had been set to airplane mode for days/months at a time. I live in an area that does have stingray flyovers, and both phones are chinese hardware rebadged by an American cellphone company.
Phones were Android (both CM and vanilla, multiple generations of OS) and only run software out of the f-droid repositories, most selected to NOT require network privileges, save web browser and communications tools. None of those applications were running when the phones switched modes, and this has taken place over the span of months.
Given the amount of personally identifiable information we keep on a cell phone every day, it should be very chilling to think of just how rapidly the entire contents could be exfiltrated from the device if data mode can be remotely triggered, and if the baseband modem (often also the initialization processor!) is controlled by an adversary, whether foreign or domestic. Blackmail, thoughtcrime prosecution, parallel construction, placement of false evidence. All of it is possible if control by the user and isolation between communications and processing sections are not retained in a mathematically verifiable manner. Not that modern computer systems are any more trustworthy, even if you exclude Windows 10 from the equation.
At the rate we're going the only solution yet will be returning to the original Dark Net. I hope you've got your sneakers and floppy-equivalents ready. Because those are the only things that will have any chance of keeping your data secure.
Both brands have been slashvertised previously.