Say, a transcribed text of a conversation, for example's sake.
Is there a way to set up a phone so that typing a "special" password puts the phone in an alternate state with different apps and content, etc. (and possibly erase the regular content)?
- Investigators are not going to be typing your password into the running original device, they're going to be trying it against an offline clone of the encrypted storage. All that will happen is the decryption won't succeed and they'll tell you that it was the incorrect password and continue holding you until you give it up.
- This is hardly unique to France, US courts have jailed suspects for refusing to provide passwords in numerous cases. https://arstechnica.com/tech-policy/2017/03/man-jailed-indef...
Oh no, absolutely not. We're not talking about "investigators" here, just random cops in a random precinct who have zero infrastructure, zero knowledge about anything, and aren't pursuing any serious "investigation".
They will absolutely type your password into the running device. They're doing this all the time.
https://cdn.arstechnica.net/wp-content/uploads/2017/03/rawls...
I'll remind you that on previous MacOS versions (8 years ago?) researchers had discovered that the Mac laptop's integrated webcam could be turned on without the green LED turning on. So basically: the webcam turning on without the user knowing it. And way weirder: some random company somehow had the rights to sign code using that "feature".
The story got pretty much killed.
I'm sure if some digging had been done, you'd have found some three letter agency behind the shell company enjoying the very strange right to turn the webcam on on MacOS devices without the LED turning on.
For everybody out there: rest assured though, Apple are the good guys and there's no way they have the ability to turn on the webcam of your Mac laptop today without you knowing about it. [1]
[1] yes, this is sarcasm
> French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5.
https://www.lemonde.fr/en/france/article/2023/07/06/france-s...
Why would anyone stir up the civil libertarians if the thing you are making legal is not possible?
Even if warrants are initially mandated for a specific search, couldn’t this erode into, ‘it’s just a quick scan’?
What if it’s ‘useful’ to ‘quick scan’ their own President? ‘Confirming their security’.
Could this evolve into a subtle shift in the balance of power? In other words, a political crisis?
Where the intelligence agencies have informational advantages over any elected office.
From information into knowledge, you could easily have behind the scenes figures who have unmatchable insight and ability to coordinate.
Suddenly every target has value…
This is a question with one short answer (at the time of my comment). It's hard to imagine why it made the top on its own merits.
I don't care much about Karma. I posted this specific topic since I find it kind of hilarious that police should now lawfully be able to do something they are almost surely not able to do. And I enjoy discussions to such topics here on HN, because most of the time the viewpoints mentioned here are at least of the same quality of the answers on stackexchange.
If it had a discussion or even a good answer, it would have made perfect sense.
I assumed the goal would be stack overflow karma, as that's actually valuable.
Do you know what other hardware your baseband processor has the ability to inspect?
Would the cell phone manufacturers (Apple, Samsung, Motorola, Nokia, Xiaomi, etc) say no when faced with the possibility of losing market share in France. Because of a law pushed through under the cover of security. Many a liberties have slipped under that blanket cover called security.
I think they will put in this feature if it's not already there.
If a foreign country wants to do it to someone on foreign soil (like the saudis to bezos did [1]) they exploit some vulnerability brought on the free market (like the whatsapp/video message exploit chain the saudis used, or exploits like the NSO zero-click iMessage exploit [2]).
If a foreign country wants to spy on its own citizens who protest the government, they could just use the local phone carriers capability to silently ping, update firmware or change system settings remotely, those are intentionally part of the mobile standards (including intentionally weak encryption) so governments can spy on its people.
[1] https://www.wired.com/story/bezos-phone-hack-mbs-saudi-arabi... [2] https://www.wired.com/story/apple-imessage-zero-click-hacks/
That probably doesn't surprise others. What isn't as known is that the government also intrudes into chats with other people on social media.
They don't just monitor, but actively interfere.
Edit: By the way, Nokias and other dumbphones (without physical off-switches -- the PinePhone has them, but good luck getting one) can also get their mic and GPS remotely activated. The partial solution is to get one with a removable battery and remove the battery whenever not in use.
iPhones can be hacked into through IMEI if you connect them, but are useful, encrypted offline-only PDAs if you don't install any app.
Also, if your electronics are being spied on by the government to this degree, chances are you are also being physically monitored.
https://www.lemonde.fr/en/france/article/2023/07/06/france-s...
I'm not french myself, so take it with a grain of salt.
Here's a link to Wikipedia's article on the leaks: https://en.wikipedia.org/wiki/Vault_7
The only one that mentions televisions is Weeping Angel (cool name) which attacks Samsung F Series Smart Televisions. Likely they can indeed target other devices but I'm not sure I'd go as far as saying that Vault 7 shows that they can target "virtually all smart devices".
Or am I missing something? Can anyone provide more concrete evidence?
That's what I love about HN and Reddit, and similar websites: All the helpful counterpoint, especially when someone criticizes the intelligence community. Thank you so much!
BUT sophisticated attackers like US or Israeli governments (and I assume Russian or Chinese but I don’t have direct experience with these) don’t need these backdoors, getting anywhere near your phone is enough to root it to allow installation of spyware, according to my CSO who worked in naval intelligence. There are simply too many vulnerabilities for there to be a hardened device in the consumer space. Some are better than others (Apple) but as Bruce Schneier says, if you are worried about this sort of thing you really have to be totally disconnected from the internet and exchange encrypted physical media.
Open basebands are not something we're anywhere close to having though, for many reasons.
One doesn't need to do any shady stuff with baseband or stockpile on zero day vulns.
The current mobile ecosystem is such that any supported device (recieving updates and such) sends its unique identifier to the manufacturer before recieving OTA updates. And devices by default check for updates on a regular bases. Basically the manufacturer can always target and track individual devices. And provision indivisualised signed updates. Not just at the country level but targeted to specific IMEI.
Coming to more concrete examples, Google is known to do AB testing with their Pixel line of devices, setting custom profiles for some users.
Xiomi had previously shown capability to actively disable devices that move outside of legal sale regions.
Samsung uses such capabilities for enterprise devices in Samsung's Enterprise/Knox platform. And consumer devices can be thought of as enterprise devices under the manufacturers domain.
---
So the government only simply needs to send these companies warrants to target, bug and track specific devices or registered customers.
Online platforms are already subjected to data requests from law enforcement which they must conform to (atleast those with supporting warrant).
Some try to recuse themselves from such compelled intrusion of their customers by employing end to end encryption (e2ee).
With this provision and manufacturer cooperation, they could get direct full control of the ends (personal devices). Obviating the need to "break" encryption.
Why deal with a dizzying cloud of services in wide range of jurisdictions when you can have full access to citizen devices with cooperation of a handful of manufacturers.
In summary, this is not just feasible, the elements for an organised remote control system are already present in current smartphone ecosystem. In form of signed updates by manufacturers that can target particular IMEI devices. One just needs this law to wade through the legality issues.
A solution to avoid such sweeping surveillance capability would be to convince manufacturers to not receive identifiable data before provisioning updates. And have a public ledger of officially signed image hashes, like those of of domain certificate transparency lists.
I know it is a valid threat, but even in the cases that set this precedent there was a team of 140 and they did not leverage a baseband exploit.
Another means: is it really infeasible for a nation state to intercept and modify devices that are being sent to a specific country/person?
Source: I was once a CALEA programmer.
Anyone who says otherwise is an idiot, a liar, or both.
Web sites that are frequently referenced are forced to censor the truth.
