Thursday, February 25, 2010

QotD: Ain't nobody's business edition.

Seen at Joe Huffman's:
As a friend of mine in the cell phone manufacturing business once told me, "I don't know exactly what's in the phone software. But I do know the phone only has one battery."
If you don't want Big Brother knowing where you are, leave the verdammt thing at home. I'm assuming that everyone knows not to say anything on one that they wouldn't want played back for a judge.

21 comments:

Anonymous said...

"I'm assuming that everyone knows not to say anything on one that they wouldn't want played back for a judge."

Now, when you say everyone, you mean just readers of your blog?

Ice Dawg and Ray-ray have yet to get that memo. The wild things that the feds were doing a few years ago have filtered down to the city and state level.

Shootin' Buddy

Dwight Brown said...

"Now, when you say everyone, you mean just readers of your blog?"

As well as all those people who have seen *Pulp Fiction*.

OA said...

I don't own one. I find that helps.

"Ice Dawg and Ray-ray have yet to get that memo."

Nor have they gotten the one about running in britches that will without fail fall around your ankles.

Divemedic said...

I wouldn't have a conversation around a telephone that I wouldn't want a judge to hear, much less ON one. Just remember that telephones, cell or land line, can not only be tapped, but can also be used as listening devices.

Add the GPS capability that cells have, and you see the issue. I recommend getting a Faraday cage, or even something like this static bag:

http://staticbags.com/SCC4x6zip.html

Less than $1, and my phone doesn't work while in it. I got mine for free. Should work for everyone.

Laughingdog said...

"Less than $1, and my phone doesn't work while in it"

Or, as mentioned in the first place, you can just pull out the battery, which has the advantage of not requiring you to carry around a static bag in addition to the phone.

reflectoscope said...

Never, ever doing anything sensitive in the browser on your phone, either.

Jim

Windy Wilson said...

I recall reading many years ago about how employees at the CIA would answer the phone, "This line is not secure".

Words to live by in the computer age.

TJP said...

This blog is not secure.

How do you take the battery out of an RFID chip?

perlhaqr said...

TJP: Microwave oven

Joanna said...

Or, as mentioned in the first place, you can just pull out the battery, which has the advantage of not requiring you to carry around a static bag in addition to the phone.

I don't know about you, but my phone takes about 15 seconds to "boot up", and it plays an annoying jingle that I can't figure out how to turn off. It would be more convenient if I could disable it at will without having to yank the battery every time I want some privacy.

Joe Huffman said...

Disabling the radios does not equate to rendering it incapable of reporting back to your masters at a later time the conversation it just listened to or the pictures it just took.

Remove the battery and wait a minute or 10. Or leave someplace where it can't get you into trouble.

drjim said...

Wrap it up in aluminum foil, or lock it in an ammo can if you can't pull the battery.

Jeff said...

"Or, as mentioned in the first place, you can just pull out the battery, which has the advantage of not requiring you to carry around a static bag in addition to the phone."

I need a jewelers screwdriver and a suction cup to take out my battery. Steve Jobs would prefer that I don't take it out.

Static bag is quick and easy.

Paul said...

Man, what ever did we ever do when we only had the wire.

I know of a case or two that has been cracked based on a trace of the perps cell phone location.

personally, the hills are looking better and better every day.

Anonymous said...

Regarding phones: I'm really unhappy that my GM vehicle has phone capabilities built right in.

>:-(

John S

Brad K. said...

I liked the report that the FBI released a couple of years ago. They talked one target's cell phone company into letting them download software to the suspect's phone.

The software disabled powering down, instead muting reception and connecting to the Feds. And letting the lights go off and stuff so the user could *not* tell the phone wasn't turned off, or at least disconnected.

They happily listened in, recorded - and convicted. On a phone that everyone else thought was turned off.

We still have the same FBI, the same telcos. And B. Hussein Obama's government still does the warrantless wiretapping.

Greg said...

Don't forget about the microphone that is built into your laptop computer that can be turned on remotely.

Stranger said...

Being old - and suspicious - and skeptical - and cheap - I use a prepaid cell, wrapped in aluminum foil, to look like a sandwich. A bit of dried ketchup helps the illusion.

Along with my cameras and second carry piece, extra ammo, etc., the cell phone sandwich goes in a well worn diaper bag. Not even the addicts are desperate enough to steal a diaper bag.

Stranger

ErnestThing said...

You don't have to have a conversation on the cell for it to be listened in on. Cellular phones since the beginning have had a testing function that allows the provider to listen to the mic on any phone for the purposes of determining voice quality. Feds started using it for (inadmissible) intel on people they were tailing way back in the 80s. Obviously they couldn't use the fact that they tapped the phone in the case, but that wouldn't matter when they could just happen to be at the same place they heard mentioned on the conversation.

Joe's got the right idea. If I need to have a truly private conversation, the batteries come out of the cell phones.

Ian Argent said...

@reflectoscope: Never, ever doing anything sensitive in the browser - whether or not it's on the phone or on your computer, it's observable. The same techniques you would use to "secure" your computer's browser by and large work on your phone as well. It's probably more dangerous to use your laptop at a public hotspot than to use a phone browser - in the laptop case you're potentially sending unencrypted signals out to be intercepted locally. These days it's much harder (for certain type of cell networks, effectively impossible for anyone but the NSA) to intercept and decrypt the over-the-air packets.

Anything you do on the airwaves is potentially public; as is anything you do on the internet.

Finally, I can remote-wipe my phone as long as it's connected to the 'net. It takes about a minute to manually wipe the phone from the front, most of which is taken up by playing "are you sure" with the interface. (I haven't taken the time to see how long it takes to send the wipe command remotely - next time I need to hard reset one of my devices I think I'll try that).

Phelps said...

There is no such thing as a secure browser. TEMPEST still exists, and I am willing to bet dollars to donuts that no one on a TEMPEST hardened machine will ever access this page.

It doesn't matter how good your encryption is if they are just reading the decrypted message on your screen.