29 January 2015. A3 sends:
A2's advice that "if you ground your headset the device will be unable to
use the built-in microphone" is dubious without solid references.
The Android API documentation for "MediaRecorder.AudioSource" allows the
explicit selection in software of "Microphone audio source with same orientation
as camera if available" as distinct from "Default audio source" or "Microphone
Another source notes: "Android does not, at this time, support the use of
external mics when recording video," suggesting again that software has the
power to select its audio input source.
28 January 2015. A2 sends:
A good suggestion to stop listening devices is to connect a 3.5mm headphone
jack that grounds out. The hardware on cellphones disables the built-in mic
to prefer a headset so if you ground your headset the device will be unable
to use the built-in microphone.
28 January 2015
On the Ubiquity of Web-enabled Microphones
On the ubiquity of web-enabled microphones
JANUARY 23, 2015
Let me briefly outline my concerns around the issue of web-enabled microphones
in a general way. We have entered an age where in developed countries,
the vast majority of citizens are surrounded by these microphones at all
times. Even in the bedroom now, since the smartphone is becoming the
new alarm clock for many.
Bruce Schneier (computer security expert, now also with the EFF) has remarked:
"It's bad civic hygiene to build technologies that could someday be used
to facilitate a police state. No matter what the eavesdroppers and
censors say, these systems put us all at greater risk."
There are two elements of this emerging technology that prompt me to regard
this as bad civic hygiene: the omnipresence of these microphones, and
the increasing lack of technological constraint allowing their compromise
by state and other actors.
When I say "increasing lack of technological constraint", I am referring
to several things: the descriptions of actions by agencies such as
NSA, GCHQ, and the FBI who are specifically targeting smartphones (e.g. Tailored
Access Operations of NSA and Remote Operations Unit of FBI), the exploding
grey market for zero-day vulnerabilities dominated by state actors (especially
the United States), and the emerging market for contractors who are developing
exploits and software tools which enable to these vulnerabilities to be
efficiently utilized. (Vupen in France, Hacking Team in Italy, Endgame
Systems in U.S., FinFisher in the U.K., etc.)
Zero-day vulnerabilities are essentially unintentional backdoors that are
discovered in various software applications every year by hackers.
There are hundreds of these things discovered every year, and they are an
unavoidable by-product of the software development cycle. They are
a special kind of software bug that can permit a third-party who knows about
them to take over a person's device. Sort of like skeleton keys which
allow entry into anyone's device that happens to use the operating system
or application in which the vulnerability is discovered, and they permit
various degrees of power over a person's device. Programmers create
exploits known as "zero-day exploits" to make use of these
vulnerabilities. A market has emerged whereby these exploits are sold
to the highest bidders, which, unsurprisingly, happen to be state actors.
An exploit for the iPhone's iOS was sold for $500,000 at one point to an
unknown buyer -- the NSA perhaps, but every intelligence agency on the planet
is willing to pay top dollar for these things. Parties are willing
to pay much more if it seems the exploit is likely to go undetected for some
time and if it provides a lot of power over the device (laptop, smartphone,
or tablet). However, when a vulnerability is discovered "in the wild"
and reported to the software company (as should be the case), the value drops
to near zero very quickly as the software company develops a "patch" and
sends out security updates to consumers. In any event, the result of
these activities over just the past decade is that sophisticated intelligence
agencies, and certainly the FBI and NSA, now possess a revolving set of skeleton
keys that allow them to reach inside virtually anyone's device on the
planet. They don't need a warrant to do this, and they don't need
permission from the telecoms or software companies. They don't have
to notify any third parties that this is happening. This is a HUGE
amount of power for any state actor to have.
Federal law enforcement agencies like the FBI have been clamoring for mandatory
backdoors into all these new web-based technologies, but there are fundamental
technical issues with integrating a CALEA-type system with the internet (CALEA
= Communications Assistance for Law Enforcement Act of 1994). Security
experts are suggesting that the feds (including domestic agencies like the
FBI) develop teams of hackers to perform wiretaps in the future. They
are essentially recommending that the FBI develop their own Tailored Access
Operations (an NSA hacking division). Installing a CALEA-type system
will fundamentally weaken the security of the internet for everyone, they
claim, and it's also not very practical because new technologies develop
so rapidly. It will hinder innovation. (From later note:
we now know the FBI has already developed their own hacking team with the
Remote Operations Unit. Chris Soghoian, principal technologist with
the ACLU, discovered the Remote Operations Unit through former contractors'
CVs on LinkedIn and put the pieces together.)
See this paper for background:
"Going Bright: Wiretapping without Weakening Communications Infrastructure"
| Steven M. Bellovin, Matt Blaze, Sandy Clark, Susan Landau | IEEE Security
& Privacy 11:1, Jan/Feb 2013
My comments on the authors' analysis in this paper: OK, fine, mandatory
backdoors are unacceptable. But if the feds' teams of hackers develop
the power to enact wiretaps and bugs without having to ask for third-party
permission, that will facilitate intelligence laundering on a wide scale.
Sure, the information/evidence can't be presented in court. But they
are more than happy to find other ways to use the information. Numerous
examples of this have cropped up in the past year in the press (e.g. Special
Operations Division -- a joint operation between DEA, FBI, and NSA -- slides
were released a few months after Snowden to the press in a leak, but they
were not part of the Snowden dump. Agents are specifically instructed
to "recreate" the trail of an investigation to hide the original sources.
They are effectively removing any poisonous taint from illegal surveillance
by fabricating an independent source and never revealing the original
surveillance. I believe they are generally handling narcotics cases,
and the ACLU and EFF filed an Amicus brief late last year in a case in SF
court as a result of the slides, because they suspected illegal surveillance
might be taking place and intelligence was being laundered -- see United
States of America v. Diaz-Rivera -- a very recent case, not sure what the
outcome was at the suppression hearing. Google: Special Operations
In regards to the cell mic->bug method, the power of this method should
be obvious when you consider that a huge portion of conversations in the
developed world these days takes place within earshot of a web-enabled
mic. True, the technology will probably limit the use of this method
to cases of "targeted exploitation" only and it might never be used on a
truly massive scale (unless they get their backdoor wish). But when
you read about how exploit management has become automated to the extent
of owning thousands of devices at once, it raises serious questions about
what "targeted exploitation" even means on a practical level. See the
NSA "TURBINE" program for an example of relatively large-scale automated
management of hacked devices via exploits. I do not find the term
"targeted" particularly encouraging in light of their capabilities.
In addition, recent technological advances in the fields of speech transcription
(BABEL program at IARPA, GALE at DARPA, MLT from Northrop Grumman (Machine
Language Translation), software from Nexidia, a company with DOD contracts,
along with programs in high-level semantic analysis from the MITRE corporation
"to interpolate what people mean from what people say") and voiceprint
recognition (huge databases being built -- much more of a privacy threat
in the long term than faceprint recognition, IMO) would facilitate the audio
content to be converted to output that resembles a chat log in a process
known as speaker diarization. This log could be analyzed very
efficiently with keyword searches and other automated data mining tools that
are emerging. If sections are hard to transcribe, an analyst could
fast forward instantly to those sections for closer listening. So the
cost of monitoring hundreds or thousands of hours of voice chatter has come
down precipitously and the tools to derive intelligence from it are more
powerful than ever.
Ergo, the stage is being set for intimate surveillance of people's lives
not just in cyberspace, but in everyday face-to-face interaction on a relatively
large scale that is likely to only increase with time. Facial recognition
in public is nothing compared to this. The power imbalance enabled
by this technology between the authorities and the citizenry is a cause for
concern, and the authorities have every motivation to limit the exposure
that this method might receive.
The smartphone is God's gift to Big Brother. This is clear from both
NSA slides and GCHQ slides, which specifically describe copious efforts to
hack into and control every single model of smartphone on the market -- even
relatively obscure models. Given the capabilities of the smartphone,
we might ask what makes it more special than a laptop or home computer in
terms of attracting attention from intelligence agencies. They both
contain email and contact information. But the smartphone has a microphone
that is carried with the user everywhere, and it also has a GPS antenna.
This makes it a uniquely powerful source of intelligence on a person far
beyond a home computer. The ability to turn the microphone into a bug
is sometimes called a "hot mic" in internal presentations. A GCHQ slide
gave this capability the codename "Nosey Smurf".
I've been tracking mobile device management (smartphone use by employees)
at the Pentagon through contractor newsletters, and the solution they are
moving towards in terms of protecting data on their employees' smartphones
is to reengineer the kernel to minimize the attack surface. In other
words, they are re-engineering the microchips to try to make them more
secure. There are other companies coming out with secure smartphones
for security-conscious people who are not government workers with security
clearances -- there's the Privacy Phone from FreedomPop, the Black Phone
from Silent Circle, and the Boeing Black smartphone. The problem with
all of these models is that none of them are hack-proof. Not even the
phones from the Pentagon for NSA employees. It's impossible with modern
software and hardware to KNOW that something is hack-proof. They all
know this very well, but they are just counting on maintaining a strategic
edge over their adversaries. It's the cyber-arms race.
Turning off a smartphone will not necessarily prevent it from being
surveilled. You cannot know if it is actually ever off. There
has been a lot of discussion about this online. You may not have caught
this detail, but when journalists first went to visit Snowden in Hong Kong,
he asked everyone to put their phones in the freezer before he started
talking. Some activists (for example the Occupy crowd) were known to
be taking the batteries out of their phones. This would do the trick,
but it's kind of a pain in the ass.
So I'm proposing a solution which is relatively simple, 100% hack-proof,
and effectively neutralizes billions of dollars worth of surveillance
equipment. It's just an off-switch for the microphone. It disconnects
the circuit. Voila. You cannot break the laws of physics.
You cannot access something from the web which has been removed completely
off the web. I know enough to know that I will never catch up with
these hackers, so let's forget about all that shit and step completely outside
of the cyber-arms race for all time. I'm actually quite dumbfounded
that nobody is suggesting making a product with this feature. However,
I also think it would be handy for many people to be able to neutralize the
GPS-tracking. So I think an off-switch that had three positions would
be ideal. First position: normal. Second position: microphone
is cut off, but the antennas still are functioning to remain online, receive
calls, texts, or emails. This would be handy for activists, journalists,
dissidents, etc. who don't want to have to take the batteries out of their
phones every time they get together in social situations. Third
position: antennas are cut off along with the mic. This neutralizes
location tracking as well. Three positions might be confusing to folks
at first (?) but I think the utility would become evident. Mic off
but still online allows people to remain receptive to calls and emails.
Jacob Appelbaum (hacktivist in Germany -- has access to Snowden files along
with Laura Poitras) is always recommending to people to leave their phones
at home. I understand where he's coming from and I'm 100% with him
as far as cause for concern goes, but good luck in convincing people to actually
do that. I think the switch should be physical in nature, because
any software-based system could be vulnerable, and a phone with a physical
switch could be opened up for examination by Gizmodo or the EFF.
A friend suggested that a 3-way off switch might possess enough novelty to
warrant a patent. I have no idea. I hope that it's not actually
patentable, because I just want to see that a product like this is made,
but I actually have some concerns because of my situation that the government
would take my idea and give it to a contractor, or patent it themselves and
sit on the patent. Yes, I think it would be valuable enough to them
for them to consider doing something like that, based on everything I've
read about their interest in smartphones. And the NSA's attitude is
that they are willing to sacrifice computer security in general for everyone
around the globe so long as they feel they are maintaining a _strategic edge_
over their adversaries. So something that would neutralize the playing
field for everyone is not what they would consider to be in their best
interest. It is in the best interest of the citizens however
who have natural and healthy privacy interests, I feel strongly, because
if these agencies are permitted, they will start recording every face-to-face
conversation on the planet and screening the conversations in the same way
they do with email now. They don't have to necessarily record the audio
either, as that would take up huge amounts of memory. The default mode
would probably use transcription to go straight from voice to text.
Then for higher-value targets, the audio content might also be saved.
And all intelligence agencies around the globe will desire to keep this a
secret for as long as possible. This level of power would have been
unimaginable a decade ago, but it is probably not even a decade off at this
I believe there would be an instant global market for a smartphone that had
this feature. It would be potentially be upsetting to many intelligence
agencies, however, who have invested billions in location tracking alone.
And once a product like this is produced, there's no way for them to get
around it. It's physics at that point -- not computer science.
People just have to be mindful to use the switch.
Then there are still the microphones on our laptops and perhaps appliances
in the future in the coming "internet of things". One thing at a time,
Borrowing Schneier's phrase, there is some very poor civic hygiene
unfolding. I'd like to see this addressed, and I think now might be
a decent time when there is a lot of public concern. Before complacency
sets in again.