
Snowden said when he was in Hong Kong that the NSA can remotely turn on phones and cameras. That was three years ago.
The FBI could turn on your phone's camera or microphone by remote control to spy on you, according to top Apple exec Eddy Cue, if the Feds win their case to unlock the iPhone of San Bernardino killer Syed Farook. Speaking to Spanish-language station Univision, Cue, who has Cuban parents and is fluent in Spanish, warned that …
You'd need to hack more than the codebase.
You'd also have to make edits...
And push them back into Apple...
And make sure it was not spotted.....
And make sure that Apple built, released and updated those versions.
The only way you could really accomplish this is with an inside job:
... And keeping it quiet.
They can turn on microphones by placing a silent call, which is supposedly allowed via the baseband code (which is written by Qualcomm) or possibly via the SIM. iOS itself doesn't have a backdoor for this, but they don't need one since Apple (nor Google, Microsoft, etc.) has no control over the baseband code or the code run in the SIM.
Perhaps one of the reasons Apple is reportedly talking to Intel about licensing their LTE technology is that Apple wants to license it and include it in their SoC - and maintain the baseband code themselves so if any nasty surprises are in there they can fix them. Another good reaosn to do away with the physical SIM (which is a computer in its own right and runs its own OS using closed code) and go to a software one - close another avenue for the NSA to snoop on you.
They were the last to fold of all the companies listed, and the extent of each company's cooperation isn't clear from the NSA slide. Apple has been taking steps over the past couple years to make it more difficult for them to even be ABLE to cooperate with the government, so they are never again in a position where secret laws can be used against them without public knowledge. If they don't have a way to access information, no one needs to worry about them providing it.
Either that or Apple are still working with the spooks and kicking uo a fuss now to persuade everyone that iPhones are unhackable when NSA/CIA/FBI/XYZ can hack them whenever they want. The ulitmate win/win scenario - Apple gets lots of public kudos for standing up for the ordianry punter against the intelligence machine while the TLAs get to see everything their targets are doing since they've been convinced the iPhone can't be hacked. They did this before in Afghanistan making a big fuus over international PAYG sim cards and for a time AlQueda bought the line that if they used Mint SIMs then they couldn't be tracked ... apparently worked brilliantly until a US General unwisely bragged to journalists that they just waited for a phone with a Mint SIM to connect to a cell tower and then they knew where AlQ were and sent in the drones.
If Apple was still working with the spooks under some secret law that covers them, Google, Microsoft, Facebook and everyone else, why would either side bother with this public spectacle? This issue was not on anyone's radar before, so it would only draw attention to it and possibly cause someone in the know with teh government, Apple or other involved tech companies to squeal.
The problem with large scale conspiracies is the more people know the more likely it will be revealed.
That would be RAT, Remote Access Trojan, the stalker's friend.
And yes, there's been similar stuff for the TLA's since the good ol' days of landline. ie: Turning on phones remotely without them ringing.
The microphone in the iPhone is always on. Just say "Hey Siri" from across the room and you'll see what I mean.
Other than some technical feats, what really enabled government spying on citizens, is when Consumers started Accepting that Services will be turned on by default.
For the average User it's easier to Click "YES" to turn on GeoLocation, Siri, iCloud etc...
We can all thank Microsoft for conditioning the population to click Next, Next, Finish.
Who would really read dozens of pages of EULA's? Most people don't read, know and understand what they accept by clicking that button.
It's Complacency that's enabling the evil in this world. Just think of the post 9/11 era and how your freedom was taken away from you. We were so busy watching embedded journalists in IRAQ and Afghanistan on TV, that we didn't even notice the mass surveillance systems being built under our noses.
Simple plan that one, but more likely to be implemented in a 3rd party iPhone case than by Apple themselves. Or in any number of currently existing iPhone cases and a slip of foil-backed paper.
I don't know, but I would imagine that a bugged microphone would be more useful to spooks than a bugged camera, anyhow - and that would be harder to muffle. I suppose you could have a phone case with a small speaker, playing pseudo-random gibberish (or Radio 2's Jeremy Vine show - same difference) into the phone's microphones.
>It would actually be simpler for the very paranoid to have a case with a dummy connector to plug into the speaker/microphone jack socket.
The switch between internal mic and headset is managed by software - plugging in a jack doesn't disable the internal microphone hardware per se. If we're working on the assumption that the phone's software is compromised, then I wouldn't trust a jack to disable the internal mic. So Kevin, you're not being paranoid enough mate! :)
(This can be demonstrated, at least on Android phones, with an App called 'SoundAbout' which is handy for using headphones that confuse the phone - typically headsets designed for iPhones. You can force the audio routing to your will, as a workaround. )
>Apple make a battery case now don't they? They could try incorporating a sliding cover into that.
Apple could, but that would be tantamount to them admitting they don't trust their own software stack, in addition to any aesthetic and manufacturing considerations.
Users who want to block their camera can do so with nearly any case by just sliding a chewing gum wrapper in front of the camera :)
Well, except that the FBI doesn't have the authority to do that - and the remedy the FBI is requesting doesn't actually give them the ability to do it. Then there's that whole 'warrant' thing people keep missing - not to mention the 4th Amendment which pretty much says 'no - you can't do that'.
But hey - facts aside, I think Mr. Cue is confusing the FBI with the NSA (who actually CAN do what he's suggesting - but as we've already seen - don't need Apple's help in doing it...)
The rhetoric in this situation really has been turned up to 11.
You have been in contact with spies and terrorists. Your visits to this site are evidence of that. Connection made. This is a developing emergency. Thousands of lives are at risk. You must be spied upon. NSA called in. No laws broken. Secret laws supersede the constitution for issues of national security. Secret courts agree.
Ever wonder why you need to charge your battery more often than you used to?
"Then there's that whole 'warrant' thing people keep missing" -- Jeff Lewis
If you were right, the court of the first instance missed it is as well: because if it were a simple "warrant thing" then that court would never have needed to rely on the All Writs Act, as failure to comply with a warrant would put Apple in contempt of court.
People who say "This should be as simple as a warrant" are expressing an opinion that could potentially be justified by argument (I haven't yet seen a compelling one, but it's possible). People who say "This is as simple as a warrant issue" are just plain old wrong, and any other authoritative assertions that they make can be safely ignored.
If the FBI and other TLAs are allowed to use the All Writs Act in the San Bernardino case, what prevents them from requesting other kinds of access using the same law?
It would seem as if the FBI and pals were preparing a big panoply against their own citizens, for when they need it. I 'd suggest changing their name from FBI to STASI and cut all the PR bullshit.
America is a modern freedom loving democracy with a constitution and the rule of law. They aren't going to use anti-terrorism laws to crack down on journalists or people fibbing about where their kids should go to school like some tin-pot 3rd world monarchy.
Indeed. My eyeballs started to bleed when I read that subheading. I don't normally do the grammar nazi schtick but what in the name of Deity was wrong with "Cue warnings of repercussions...."? Much more of this and El Reg' subbies are going to cost me a fortune in in eyewash and tranquillizers.
Given the level of stupidity of the ferals, it's a wonder that they can recruit anyone with a couple of functioning brain cells. The whole case is about dumb shysters and assorted other low-lifes pontificating about a subject they absolutely do not understand and will never understand. But they are too arrogant to even admit they ignorant.
So let's assume Apple is forced to write new Government mandated firmware...
Will Homeland Security be checking the devices of travellers to the USA on arrival:
"Excuse me Mr Tourist, we see you've got an iPhone? Is it the US version or the non-US version (in which case we are going to deny you entry)?"
And is any country going to ban the US version? Wasn't it The Netherlands that recently implemented laws preventing this type of privacy invasion, in which case are Merkin Fanbois going to be barred from Holland?
It is never going to be "just USA". Once the new firmware is known to have been written, other governments will request Apple to make the spying features available to them as well - otherwise "emergency" tax will be added to to Apple's bill, or perhaps Apple simply banned from the country.
That's exactly their problem.
As soon as America wins this the Chinese, Russians, UK, Iranians and Belgians are going to demand the same.
Apple could make a different version for each country and give them unique keys - but if the US is going to demand keys to any phone then the same keys will work for the Belgians. So the ruling will give those Belgians access to the phone of every American politician.
We will be eating our Freedom Fries with mayonaise by christmas.
Why do so many not think Apple and Cook are capable of the same FUD and misdirection tactics used by every major vendor? Read "The Secrets of Surveillance Capitalism" in the online Frankfurter Allgemeine [http://goo.gl/Ji06iV]. The article targets Google, but let's be real: all smartphones are Trojans designed to scrape as much personal info about you as they can, including Apple products. Google supports Apple against the FBI because the diversion provided by protracted litigation is in Google's best interests, business-wise. If the app or service costs the user nothing, then the real product in this business model is user data -- all of it. And we all freely give ourselves away. Either we accept the notion that Internet privacy is a myth and conduct our online behavior accordingly or, like Tim Cook, behave hypocritically and live in denial.
If Apple lose and then all the other tech companies are forced to open up, then no American company will be trusted overseas killing their industry or they will have two make an alternative version for the US market and other countries (UK,France,Australia,India,China,N.Korea,Iran .....) hell bent of destroying civil liberties !