I think there's a little misunderstanding of what Phone Recorder does. I did not write the app, but I have a pretty good guess at what its actually doing.
Its *not* recording the audio streams that actually make up the call. Its using the built-in mic to record audio. I believe this is why there are several comments complaining about the audio level of the person on the other side of the call. So, its recording your voice because you're talking into your handset. Its then getting faint audio through the mic from the ear piece. If you activate the speaker phone you'll get much greater volume from the other side of the conversation. This does not really change the security points brought up here, but I just wanted to clarify what is going on. The actual traffic going over the cellular network is not being recorded, the ambient sound is. As JBQ mentioned, the cellular audio streams aren't even processed through the main CPU, but a separate co-processor. The main CPU can talk to this co-processor and access the call audio, but at the very least there is no way in the Java API to get access to the actual call audio streams. Cheers, Justin Android Team @ Google On Dec 1, 11:54 am, tauntz <[email protected]> wrote: > It is certainly possible - look for example at the "Phone > Recorder"app(available via Market). > > There are actually many issues with this IMO - one is the fundamental > thing that you can record phone calls but notkeypresses. The next > thing is that the wording of the warning during install should mention > that theappis able to record incoming and outgoing calls. (currently > it's too vague and doesn't mention anything about outgoing calls). > Another thing is that if suchappis installed behind your back and > without your knowledge, then the user should still get a visible > and/or audible notification that the call is being recorded (a red > recording icon in the "header" for example). ("Phone Recorder" > displays a short toast when recording starts but this is coming from > theappitself AFAIK and a maliciousappwould not show that.) > > Tauno > > On Mon, Dec 1, 2008 at 8:55 PM, Jean-Baptiste Queru <[email protected]> wrote: > > > This is the kind of discussion that might turn out to be more > > appropriate for android-security-discuss, though since android-discuss > > is pretty much a catch-all it's hard to be off-topic here ;-) > > > I think that the point is valid, though. Sure, the density of > > information and the ease with which it can be filtered is far higher > > with a keyboard capture than with a voice capture, but if you ignore > > that specific aspect the fundamental security concern is indeed > > similar for phone calls and keyboard capture. > > > I was however under the impression that on the G1 at least anything > > related to the audio part of phone calls was entirely isolated from > > the application processor, so I'm not actually sure whether it's > > really possible to capture a phone call the way you're thinking of. I > > might be very wrong. > > > JBQ > > > On Thu, Nov 27, 2008 at 2:19 AM, tauntz <[email protected]> wrote: > > >> Hi all > > >> Was wondering why iscapturingkeyevents(keypress,keyrelease > >> etc..) from abackgroundappconsidered a more serious security issue > >> thancapturingphone calls frombackgroundapps? > > >> If you are going to make a phone callcapturingapp, then the > >> installer notifies the end user of: > >> "Phone calls - Intercept outgoing phone calls" and "Hardware control - > >> record audio" > >> Notice that it won't directly tell the user that theappwill actually > >> record outgoing AND incoming calls - only that it want's to record > >> some kind of audio and it intercepts outgoing calls and does not tell > >> anything regarding incoming calls. > > >> So it's possible for a maliciousappto record ALL your phone calls > >> without you noticing it (after installing theapp). A malicious user > >> can take your phone if you leave it unattended and install theapp > >> there and you have no idea that all your calls are being recorded and > >> uploaded to the net for example. > > >> Why isn't the same logic applied tocapturingkeyevents? Some people > >> have said that it would be a huge security risk if you would allow an > >>appto do that (egcapturingusernames/passwords). Now why is this > >> considered a bigger security risk than recording phone calls? The > >> average user won't enter any of his/her usernames anyway on the > >> G1after he has registered the phone with his g-account the first time > >> the phone boots. The average user makes/receives phone calls, sends > >> SMS or plays some games.. and once in a while browses some websites > >> that do not require a log in. > > >> Recording phone calls allows an attacker to get n-times more > >> sensitive/personal details about the user than recording > >> usernames/passwords. I mean.. so what if an attacker gets a password > >> for the average mailbox/forum - he will find only pictures of LOLcats, > >> the occasional "Joe sent you an e-card" and huge amount of ... > >> enlargement spam. Now imagine if an attacker gets access to all your > >> phone calls... to me at least, this seems WAY scarier. > > >> I just want to understand the reasoning behind allowing recording and > >> disallowingkeyevents. It's a decision that I just can't understand > >> :( > > >> (And no, I personally don't care if anappcan/can't do any of the two > >> things - they are not features that I need.. I'm just curious) > > >> Tauno --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
