The Tin Hat Brigade proudly present...
Managers at Germ chem firm Evonik are putting their mobile phones into biscuit tins during important meetings, but testing by El Reg has revealed critical flaws in the Faraday-cage qualities of popular brands. Concerns about industrial espionage have driven the German chemical company Evonik to equip every meeting room with a …
It is largely a case of maximum linear gap length. As a rule-of-thumb to get half-decent screening you need to have proper metal-metal contact every 1/20 wavelength or less for *every* joint. For 1.8GHz this means around 8mm.
Most biscuit tins won't approach this, in fact, a lot of RF screened boxes don't make it either!
But put an audio noise source in the tin box and it will help render any sound spying *much* harder if the screen is not enough to put the phone out of RF use (depends on base station range, etc).
Maybe fart apps are not so useless after all?
I am sure you have to earth a cage if you want the transmitter to be blocked; you will get some attenuation from just having a metal/water/fleshy object in the path but not enough to stop a mobile broadcast. If you earth it you give a new direction for the magical photon/electron waves to head; down into the ground so you can get a bit more attenuation.
I would say that a tin strapped to the central heating systems or some other earth point with some copper tape around it should be OK. Then you put the tin in a microwave and the microwave underwater in a large bucket... no problems there?
It's a common misconception, but there is absolutely no need to earth a faraday cage to make it work. Earthing a cage can help to bleed off any charge which builds on the external surface, perhaps for safety reasons, but earthed or not it will still act equally well as a screen to prevent charge on the outside getting inside, or vice-versa.
its easier to line a cardboard box with felt and bubblewrap (and probably cheaper, too)
why use a faraday cage when you can put the phone in a dark box with no sound? mics on phones are bullshit and always have been (thankyou, designed-to-task!) but if you're going to get paranoid into the corporate espionage game, then you already have a corp. whitelist for phones, and/or you just have someone collect up the units and they sit outside the meeting in a safe at admin goon X's cubicle.
I fail to see when faraday cages were ever made necessary.
With the Micro SD Card capacity these days, the phone could recorded everything it's mic picked up for days at a time, and since it's not transmitting the battery would last a good long while as well.
If the company are really that paranoid what do they do about spy gear embedded into pens and buttons etc. Pens they could provide but I think supplying approved clothing before each meeting might be viewed as a bit weird.
Lining a cardboard box with felt and bubblewrap is easier than buying, then emptying a tin of Jacob's Cream Crackers? That's nonsense.
I'll grant you it's impossible to eat even a single cream cracker without butter and some jam, cheese or whatever (and a nice cuppa to wash the lot down) but what sort of nutter would do that?
You cannot take the battery out so that you can never break the iLink to your brain; without it how would Apple make you know what you want to buy... I mean gather market research data out of your frontal cortex.
Big Brother has a Jobs for you O_O (don't blink, that is what they sink the data)
Back in the day, we were trying to test the behaviour of a mobile phone app we were developing and needed to simulate conditions of low signal strength. Problem was, we were within spitting distance of the local cell tower. Wrapping tinfoil round the phone didn't work and locking the phone in the safe also failed to produce the desired results on account of us not being able to see what happened, so we tried the kitchen Microwave instead.
It seemed like a great idea- It keeps all those toasty microwaves in, right? Plus it has a window, so we don't have to do Schrodinger testing any more! Well, it turns out that we're better programmers than radio engineers, because it simply didn't affect signal strength.
We wound up using the safe and a cunningly-positioned video camera. Also, nobody used the microwave much after that.
If your reading the display, I suspect you don't have the door closed. This may have some impact on the effectiveness of the shielding, because the mesh over the door isn't there for decoration.
The simple test is putting it in, and then ringing your mobile. If it doesn't ring, then it's got no signal. Also, a closed microwave is at least as effective as blocking sound waves as a biscuit tin.
Unless you're getting good, metal-on-metal contact all round the rim, the Faraday-ness of the tin will be severely degraded (ie - you may as well not bother).
Most biscuit tins have painted/lacquered sides so you'd have to be lucky to get good (low impedance) contact all round.
Proper (>40dB) screening at GHz frequencies is not simple.
Like you might want to put an ordinary Radio in a Biscuit Tin to protect from EMP.
Though would any transmitting sites work afterwards?
Actually I wondered was this about bad site security due to relying on persistent Cookies. More interesting. Now I will have to buy various tinned goods (and eat them, can't be mucking environment by dumping) to check suitability of tin as Faraday cage. I presume testing with an iPhone might not be any good. Need an old 6300 off eBay?
You can't remove the battery from a Nokia N8 either.
OK, not quite correct, you *can* remove the battery, but you need very small TorX driver - so it's not any easier.
A simpler solution would be to not allow any phones in the area where sensitive discussions are taking place.
I recently went on a factory tour and the owners had little lockers installed in the reception area where you could put things like mobiles and cameras because they weren't allowed on certain parts of the tour (and everyone was searched).
OK, a bank of lockers will be more expensive than a few biscuit tins, but they will be a much more sensible solution to the problem - you could even install charging points in the lockers.
"Batteries out and your disassembled phone on the table in front of you, please".
Either of which wil fail unless there is a TSA guard on the door checking for your 2nd device left in your pocket/pants/arse...
Fiver says whoever approved the buying of biccys "for security" is a tad, uh, overweight...
.... we used to finance Nokia. We had correspondent banks in Germany that did the same.
Both we and the Germans noted that whenever they came to a sensitive meeting they would take out the batteries in their phones and place them on the table beside the handset. They explained that removing the power source was the only way to be sure that the phones could not be remotely activated at the time for just such a purpose. This was in the days when phones were basic but reliable (and the 6310i was all the rage). I would expect current smartphones to be at least as compromisable. After all remember what the UAE tried to do to Blackberrys a while back http://www.theregister.co.uk/2009/07/14/blackberry_snooping/
Slightly stuffs corporate iPhone users, but then it's not like anyone jailbreaks them, or there are any untrustworthy apps around......
Surely it can't be beyond the wit of man to say "That is a security risk, you aren't bringing it in here". However, then we are back to the significantly simpler and more elegant solution - don't allow any phones where sensitive stuff is being discussed. However, there is so much stealth recording technology available, it is probably irrelevant to anyone that really wants to breach the security of the meeting.
Can't someone be nominated to whip out a sealable plastic box, outside the meeting room. They ask for the phones to be placed in the box, then the person puts the box in a locker/safe for safe keeping until the meeting has finished?
Simplest solutions are often the simplest for a bloody good reason.
Well apart from the obvious problem that most phones neither have their sourcecode publically accessible nor can you make sure it runs a firmware you could check, there are other ways to subvert your phone.
The simplest is simply swapping the battery. There are batteries out there with slightly smaller cells and a tiny bug insides. That's cheap to do and far simpler than swapping the phone.
The other way which is harder is to do is to exploit the baseband controller. Many have some sort of "auto answer" feature, activated by a command sent to the baseband controller from the application controller and stored in a byte somewhere in memory. A clever exploit might be able to write a suitable byte into that memory location. This could be done either from the application controller or if you have more resources, from the wireless network side by faking a cell.
Another way to intercept phonecalls is to load an application onto the SIM-card via the SIM application toolkit. This also requires the phone to be booked into a cell you control. That way you can, for example, make every call a 3-way call to the attacker.
Any phone which rang on a desk unattended or which ran in a meeting did a perfect ballistic curve towards the bucket. In 90%+ of the cases he did not miss.
As in those days we all had corporate issue Nokia 63xx on corporate contracts noone could really complain (except the people who dealt with the phone supply).
Step 1) Wrap phones in foam rubber/bubble wrap.
Step 2) Place phones in tin and strap lid down *firmly*
Step 3) Place tin in much larger tin
Step 4) Pour in two handfuls of ball bearings or lead shot and seal much larger tin
Step 5) Place much larger tin on a rock tumbler drive in outer office or cleaner's closet
Step 6) Switch on
Step 7) Profits!
the tin would be a fire-risk, with all those phones competeing for signal, maxing wattage to be 'heard'.
Battery-life would lower.
I say install a publicly accesible feed directly from the boardroom table. If they are such heroes, worth all the glossy spin, then surely their every step would be as that of a prophet walking on water, for all to see.
Nothing good happening there.
Biting the hand that feeds IT © 1998–2021