Skip to main content

Snowden Designs a Device to Warn if Your iPhone’s Radios Are Snitching


When Edward Snowden met with reporters in a Hong Kong hotel room to spill the NSA’s secrets, he famously asked them put their phones in the fridge to block any radio signals that might be used to silently activate the devices’ microphones or cameras. So it’s fitting that three years later, he’s returned to that smartphone radio surveillance problem. Now Snowden’s attempting to build a solution that’s far more compact than a hotel mini-bar.

On Thursday at the MIT Media Lab, Snowden and well-known hardware hacker Andrew “Bunnie” Huang plan to present designs for a case-like device that wires into your iPhone’s guts to monitor the electrical signals sent to its internal antennas. The aim of that add-on, Huang and Snowden say, is to offer a constant check on whether your phone’s radios are transmitting. They say it’s an infinitely more trustworthy method of knowing your phone’s radios are off than “airplane mode,” which people have shown can be hacked and spoofed. Snowden and Huang are hoping to offer strong privacy guarantees to smartphone owners who need to shield their phones from government-funded adversaries with advanced hacking and surveillance capabilities—particularly reporters trying to carry their devices into hostile foreign countries without constantly revealing their locations.

“One good journalist in the right place at the right time can change history,” Snowden told the MIT Media Lab crowd via video stream. “This makes them a target, and increasingly tools of their trade are being used against them.”
“They’re overseas, in Syria or Iraq, and those [governments] have exploits that cause their phones to do things they don’t expect them to do,” Huang elaborated to WIRED in an interview ahead of the MIT presentation. “You can think your phone’s radios are off, and not telling your location to anyone, but actually still be at risk.”

Huang’s and Snowden’s solution to that radio-snitching problem is to build a modification for the iPhone 6 that they describe as an “introspection engine.” Their add-on would appear to be little more than an external battery case with a small mono-color screen. But it would function as a kind of miniature, form-fitting oscilloscope: Tiny probe wires from that external device would snake into the iPhone’s innards through its SIM-card slot to attach to test points on the phone’s circuit board. (The SIM card itself would be moved to the case to offer that entry point.) Those wires would read the electrical signals to the two antennas in the phone that are used by its radios, including GPS, Bluetooth, Wi-Fi and cellular modem. And by identifying the signals that transmit those different forms of radio information, the modified phone would warn you with alert messages or an audible alarm if its radios transmit anything when they’re meant to be off. Huang says it could possibly even flip a “kill switch” to turn off the phone automatically.

“Our approach is: state-level adversaries are powerful, assume the phone is compromised,” Huang says. “Let’s look at hardware-related signals that are extremely difficult to fake. We want to give a you-bet-your-life assurance that the phone actually has its radios off when it says it does.”

You might think you can achieve the same effect by simply turning your iPhone off with its power button, or placing it in a Faraday bag designed to block all radio signals. But Faraday bags can still leak radio information, Huang says, and clever malware can make an iPhone appear to be switched off when it’s not, as Snowden warned in an NBC interview in 2014. Regardless, Huang says their intention was to allow reporters to reliably disable a phone’s radio signals while still using the device’s other functions, like taking notes and photographs or recording audio and video.

Snowden, who performed the work in his capacity as a director of the Freedom of the 
Press Foundation, adds that their goal isn’t merely just protection for journalists. It’s also detection of otherwise stealthy attacks on phones, the better to expose governments’ use of hidden smartphone surveillance techniques. “You need to be able to increase the costs of getting caught,” Snowden said in a video call with WIRED following the presentation. “All we have to do is get one or two or three big cases where we catch someone red-handed, and suddenly the targeting policies at these intelligence agencies will start to change.”

The problem, for Snowden, is personal. He tells WIRED he hasn’t carried a smartphone since he first began leaking NSA documents, for fear that its cellular signals could be used to locate him. (He notes that he still hasn’t “seen any indication” that the U.S. government has been able to determine his exact location in Russia.) “Since 2013, I haven’t been able to have a smartphone like normal people,” he says. “Wireless devices are kind of like kryptonite to me.”

Huang and Snowden’s iPhone modification, for now, is little more than a design. The pair has tested their method of picking up the electrical signals sent to an iPhone 6’s antennae to verify that they can spot its different radio messages. But they have yet to even build a prototype, not to mention a product. But on Thursday they released a detailed paper explaining their technique. They say they hope to develop a prototype over the next year and eventually create a supply chain in China of modified iPhones to offer journalists and newsrooms. To head off any potential mistrust of their Chinese manufacturers, Huang says the device’s code and hardware design will be fully open-source.


Huang, who lives in Singapore but travels monthly to meet with hardware manufacturers in Shenzhen, says that the skills to create and install their hardware add-on are commonplace in mainland China’s thriving iPhone repair and modification markets. “This is definitely something where, if you’re the New York Times and you want to have a pool of four or five of these iPhones and you have a few hundred extra dollars to spent on them, we could do that.” says Huang. “The average [DIY enthusiast] in America would think this is pretty fucking crazy. The average guy who does iPhone modifications in China would see this and think it’s not a problem.

The two collaborators have never met face-to-face. Snowden says he first met Huang after recommending him to television producers at Vice, who were looking for hardware hacking experts. “He’s one of the hardware researchers I respect the most in the world,” Snowden says. In late 2015, they began talking via the encrypted communications app Signal about Snowden’s idea of building an altered phone to protect journalists from advanced attacks that could compromise their location.

Huang insists that Snowden’s focus for the project from the beginning has been protecting that breed of vulnerable reporters, not from the NSA, but from foreign governments that are increasingly able to buy zero-day vulnerability information necessary to compromise even hard-tohack targets like the iPhone. As a case study, they point in their paper to the story of Marie Colvin, the recently murdered American war correspondent whose family is suing Syria’s government; Colvin’s family claims she was tracked based on her electronic communications and killed in a targeted bombing by the country’s brutal Assad regime for reporting on civilian casualties.

Huang says he’s tried to develop the most no-frills protection possible that still meets Snowden’s rightfully paranoid standards. “If it wasn’t for the fact that Snowden is involved, I think this would seem pretty mundane,” Huang says almost bashfully. “My solution is simple. But it helps an important group of people.”

Comments


  1. Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Services, IT Security, Storage solutions
    IT Security Solutions

    ReplyDelete

Post a Comment

Popular posts from this blog

Here Are 7 Brilliant Cheat Sheets For Linux/Unix

There's nothing better than a cheatsheet when you are stuck and need a reference. So here bringing to you 7 brilliant free cheat sheets. 




1. Unix Tool Box: An incredibly exhaustive reference for all things Linux. This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users.

2. One page Linux Manual: Great one page reference to the most popular Linux commands, it is a summary of useful Linux commands.

3. Linux Reference Card: One great reference published by FOSSwire.

4. Linux Command Line Cheat Sheet: This is an interestingly sorted and helpful cheat sheet by cheatography.

5. Linux Command Line Tips: This is a linux command line reference for common operations. Cleanly sorted and well described.

6. Treebeard’s Unix Cheat Sheet: A great reference that shows command comparisons with that of DOS. So if you are someone who was a DOS user and has switched to Linux, this is the best one too have!

7. Linux Shortcuts and Commands:…

WhatsApp is illegal, will soon banned in India : Government

WhatsApp could have accidentally entered into troubled waters here in India by enabling its end-to-end encryption for all. The new security feature by WhatsApp is not what is required by the Indian telecom rules and WhatsApp could face a ban, if the rules are not adhered to. But not yet.
In India, companies need to follow the country’s rules and adhere to specific types of encryption, which WhatsApp does not currently use. WhatsApp’s end-to-end encryption on its chat service means that WhatsApp or anyone else won’t be able to crack open its contents.  Only the sender and the recipient are able to read the encrypted data. WhatsApp uses a 256-bit key for encryption of all chat messages, which is only known to the sender and the recipient.
Why is it not possible for WhatsApp to help decrypt users’ messages? "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us," WhatsApp founders Jan Koum and Brian Acton wrote on their blog. How…

3 Mega Acquisitions in last week affects the Internet Space of India

Qihoo 360 buys Opera in $1.2 Billion Opera Software intends to accept a $1.2 billion acquisition offer from a group of Chinese companies. The Chinese consortium includes Internet security company Qihoo 360, Internet firm Beijing Kunlun (which invested roughly$93 millioninto Grindr earlier in the year) and investment group Golden Brick and Yonglian. According to Opera, the $1.2 billion is a 56 percent premium over Opera's share price during the last 30 trading days. Despiteclaiming350 million users, the company's browser has struggled in the oversaturated Western market. China could be a profitable arena for Opera, in part because Google's Chrome browserdoes not come preinstalled on Android phones in China like it does elsewhere. In addition, doing business in China without local partners is nigh impossible, but Opera could leverage the networks of Kunlun and Qihoo 360 if the deal goes through.


Snapdeal Buys Freecharge in $400Million e-commerce marketplace Snapdeal has acquired …