- Kröger, Jacob Leon; Raschke, Philip (2019). "Is My Phone Listening in? On the Feasibility and Detectability of Mobile Eavesdropping". Data and Applications Security and Privacy XXXIII. Lecture Notes in Computer Science. Vol. 11559. pp. 102–120. doi:10.1007/978-3-030-22479-0_6. ISBN 978-3-030-22478-3. ISSN 0302-9743.
- Schneier, Bruce (5 December 2006). "Remotely Eavesdropping on Cell Phone Microphones". Schneier On Security. Archived from the original on 12 January 2014. Retrieved 13 December 2009.
- McCullagh, Declan; Anne Broache (1 December 2006). "FBI taps cell phone mic as eavesdropping tool". CNet News. Archived from the original on 10 November 2013. Retrieved 14 March 2009.
- Odell, Mark (1 August 2005). "Use of mobile helped police keep tabs on suspect". Financial Times. Retrieved 14 March 2009.
- "Telephones". Western Regional Security Office (NOAA official site). 2001. Archived from the original on 6 November 2013. Retrieved 22 March 2009.
- "Can You Hear Me Now?". ABC News: The Blotter. Archived from the original on 25 August 2011. Retrieved 13 December 2009.
- Lewis Page (26 June 2007). "Cell hack geek stalks pretty blonde shocker". The Register. Archived from the original on 3 November 2013. Retrieved 1 May 2010.
So specific models from before secure operating systems like Android and iOS. Now those operating systems even show an indicator whenever they are recording.
All the references are to old phones before Android and iOS came out. Or they are fake features phones sold to the target. So while this is something that was possible in the early 90's and early 2000's it's not longer a thing.
How that works is simple: there are regulations that force that the microphone used for calling is directly connected to the "baseband", which is under control of the carrier. It has to be, because of AT&T's argument: ONE misbehaving baseband can make cell phones inoperable in an area that's up to a kilometer in diameter. So AT&T's cell towers "need" to be able to send out a signal that permanently disables a phone's transmitter.
Regulations say the baseband MUST control: all wireless signals (including wifi and GPS), all microphones and speakers, and it must be able to disable the camera electrically. It must have a tamper-resistant identifier (IMEI number ... kind of).
Oh, it must allow calling the emergency services. If in this mode, during a call to the emergency services it MUST be able to send the exact GPS position (not just once, continuously) to the emergency services at the request of the emergency services (ie. NOT the user, and carriers must facilitate this)
By the way, it's worse: as you might guess from the purpose, it doesn't matter if your phone is on the "spying" carrier or not, other carriers can send commands to other carriers' phones' basebands (because "get off this frequency" is required: spectrum is shared, even within countries. Since phones may go from one tower to another and be required to vacate frequencies, you need this command). It doesn't even matter if you have a SIM in your phone or not (ever tought that if eSIM works, it must of course be possible for any provider to contact and send instructions to the phone, so it opens up an end-to-end encrypted connection to the javacard that the actual phone cpu cannot intercept). In some phones it doesn't even matter if the phone is on or not (though of course eventually it dies). So "meshtastic" or anything else cannot make a phone safe.
And in practice it's even worse. A lot of phone manufacturers "save on memory" and use the same memory chips for the baseband processor and the central cpu. Which means that it's a little bit cheaper ... and the baseband has access to all the phone memory and all peripherals connected through the memory bus (which is all of them in any recent phone). It may even be the case that these chips are integrated in the cpu (which I believe is the case for recent Apple chips). Oh and the regulations say: if there's a conflict over control over (most) peripherals, including the microphone and speaker, the baseband processor MUST be guaranteed to win that fight.
Oh and because governments demand this, but of course neither fund nor test these devices, they are old, bug-ridden and very insecure. This also means that despite the government requiring that these features be built into phones, governments, carriers and police forces generally do not have the equipment required to actually use these features (though I'm sure the CIA has implement them all). Not even carriers' cell phone towers: they have to pay extra to allow even just frequency sharing ...
Here is an article about baseband and baseband processors.
> Regulations say the baseband MUST control: all wireless signals (including wifi and GPS), all microphones and speakers, and it must be able to disable the camera electrically. It must have a tamper-resistant identifier (IMEI number ... kind of).
This is simply not true.
Source: I own a phone where this is not the case. Many Linux phones internally attach their wireless devices via USB, so there is good separation.
Also many upscale phones have decoupled the baseband from things that were once connected to it, as an attempt to improve security. (On iOS for instance the main CPU controls wifi.)
Connecting a cellular radio via USB provides far less isolation than the approach of a tiny kernel driver connected to an IOMMU isolated cellular radio on mainstream devices. USB has immense complexity and attack surface, especially with a standard Linux kernel configuration. Forensic data extraction companies mostly haven't bothered using attack vectors other than USB due to it being such a weak point. Many of the things people claim about cellular radios in mainstream smartphones are largely not true and they're missing that other radios are implemented in a very comparable way.
Cellular, Wi-Fi, Bluetooth, GNSS NFC, UWB, etc. do get implemented on secondary processors running their own OS but on mainstream smartphones those are typically well isolated and don't have privileged access to other components. The cellular radio in an iPhone or Pixel is on a separate chip but that's a separate thing from it being isolated. Snapdragon devices with cellular implemented by the main SoC still have an isolated radio. Snapdragon implements multiple radios via isolated processes in a microkernel-based RTOS where the overall baseband is also isolated from the rest of the device. There are a lot of lower quality implementations than iPhones, Pixels and Snapdragon devices but the intention is still generally to have the radios isolated even if they don't do it as well as those.
The Linux USB stack improves over time, and besides, implementing it with USB makes it easier to implement hardware toggle switches. (Cutting power pins to the USB modem is like unplugging it.)
Edit: I’ll add that I think smartphone “security” is almost impossible to achieve, given the complexity of everything and the opacity of modem vendor stacks, which is why I just assume endpoint compromise. I use my phone rarely and with toggle switches normally “off”, and I don’t consider it a secure device or use it very often. If you believe that a secure phone is possible, however, then Graphene is definitely a better fit than a Linux phone.
Yes, realized that after I replied which is why I added the comment about Graphene. I think they do a stellar job, but I also think they are fighting an impossible battle. If there were a GrapheneOS phone that had kill switches, I would use it in a heartbeat.
>Regulations say the baseband MUST control: [...] all microphones and speakers
I'm going to need a specific citation for this, given that it seems trivially falsifiable by the existence of bluetooth headphones (which the baseband obviously can't control), not to mention other sorts of call forwarding features like the one iPhones have.
The regulation would likely come from an industry body like the GSM alliance or some other thing that gates certification without which carriers won't allow the phone model onto their network, not governments.
> A lot of phone manufacturers "save on memory" and use the same memory chips for the baseband processor and the central cpu. Which means that it's a little bit cheaper ... and the baseband has access to all the phone memory and all peripherals connected through the memory bus (which is all of them in any recent phone).
> It may even be the case that these chips are integrated in the cpu (which I believe is the case for recent Apple chips).
I don't know whether it's true or not that they use the same RAM chips. But either way it doesn't change the fact that they can still be properly segregated via the IOMMU.
I had multiple services before Gmail was even conceived as I do now. I've had several Gmail accounts, the first was in the early days when one had to be introduced by an existing member (Gmail address) before one could join—a colleague sponsored me. The others were 'anonymous' accounts for testing email crested somewhat later after Google had realized that cliquey club memberships made no money.
I lived in a world without billionaires - Eastern Europe pre-1990.
It wasn't a world without powerful people though: party nomenklatura and their friends ruled us with an iron fist. Not billionaires in numbers but in lifestyle, power and ruthlessness.
Together with actual billionaires, we also lost all the products and services their work created in process of making them billionaires, so we were all cold and hungry.
I learned then to cherish societies where one could become billionaires: it meant there was enough economic freedom so that the tiny insignificant me could carve a honest, dignified living for me and my own without begging politician mercy for handouts.
Great response!
Its very trendy to say things like "capitalism is gross" or "billionaires shouldn't exist" but the truth is, capitalism has brought more people out of poverty than anything else in the history of the world.
Moreover, billionaires (Steve Jobs, Bill Gates, etc) didn't "steal" anything from you to get there. No one forced you to buy an iPhone.
I’m not sure what electricity costs where you live, but my calculations tell me I’d have to run an intel n4000 for 5+ years before I break even compared to buying a CanaKit rpi 5.
The US right-wing obsession with abortion is a relatively modern phenomenon, and was fairly deliberately cultivated. In many countries it isn’t really a left-right thing at all (except maybe amongst the extreme far-right, but you’re really talking the fringes). It’s not because it’s fun; it’s because it has been a very effective wedge issue for them.
> It’s not because it’s fun; it’s because it has been a very effective wedge issue for them.
It is fun, though. That's the whole point of a wedge issue. You invent some made up problem and then fight for it in an effort to feel the glory of superiority. It is effectively a sport.
