On Wednesday 07 March 2007 10:14, Wolfgang S. Rupprecht wrote: > I'm curious does anyone know if there is a protocol for remotely > turning on the microphone? I recall reading about a case where the US > FBI got into trouble with the courts for remotely bugging a suspected > Mafia member's Onstar gps-equipped car phone. > > http://news.com.com/2100-1029-6140191.html > > While such a feature might be useful if the phone were ever stolen, it > would also be nice to know that any features like this are under the > phone owner's full control. > > -wolfgang
That's Onstar, which is has had this ability from the start (though "bugging" a car for Law Enforcement purposes wasn't the original intention IIRC). It's really no surprise whatsoever. There isn't a specific documented protocol for phones that I'm aware of. But the way things work is that the Feds usually approach a manufacturer about putting in what's called "Lawful Intercept" hooks which basically enable such back doors. Representatives from Cisco, for example, have publically stated that they would go along with this, oh, about 8 years ago as I recall. The main "carrot" which is provided is that the manufacturer will then be allowed to bid on Government contracts. Considering that the U.S. Government is the largest purchaser of IT equipment, this carries a considerable amount of weight with large corporations. But the protocols aren't publically documented. As far as cellphones go, it was revealed last December during the trial of one top Mafia honcho that the FBI had tapped his cellphone by remotely turning on his cellphone and recording his conversations. Supposedly this was by a hack, but the specifics weren't revealed. If memory serves, it was revealed that they had the ability to turn on the microphone even if the phone was off. It was either slashdot or digg which carried this as I recall. The Feds had apparently determined that this was easier, and less risky, than actually bugging his premises. But this is really kind of old news. This sort of thing was discussed on the cypherpunk list 10 years ago. For Open Source cellphones, all you have to do is to make certain the microphone circuitry is designed correctly if you want to prevent this. I haven't followed the hardware design here to see to see whether the phone is vulnerable to such an attack. Perhaps some of the OpenMoko developers would care to comment. But I can tell you that some of the designs from the Silicon Valley Homebrew Club will be resistant against such attacks. As well as other attacks. Indeed, the GSM library that I'm working on (at http://libgsmc.sourceforge.net) is specifically designed to be resistant to various attacks from a compromised GSM chip (be it lawful intercept or the usual buffer overflows). Indeed, the main topic at our third gathering was about security, at which I gave a talk. -dwight- _______________________________________________ OpenMoko community mailing list [email protected] http://lists.openmoko.org/mailman/listinfo/community
