GPS for 911 calls
dwight at supercomputer.org
dwight at supercomputer.org
Thu Mar 8 06:06:27 CET 2007
On Wednesday 07 March 2007 10:14, Wolfgang S. Rupprecht wrote:
> I'm curious does anyone know if there is a protocol for remotely
> turning on the microphone? I recall reading about a case where the US
> FBI got into trouble with the courts for remotely bugging a suspected
> Mafia member's Onstar gps-equipped car phone.
> While such a feature might be useful if the phone were ever stolen, it
> would also be nice to know that any features like this are under the
> phone owner's full control.
That's Onstar, which is has had this ability from the start (though "bugging"
a car for Law Enforcement purposes wasn't the original intention IIRC). It's
really no surprise whatsoever.
There isn't a specific documented protocol for phones that I'm aware of. But
the way things work is that the Feds usually approach a manufacturer about
putting in what's called "Lawful Intercept" hooks which basically enable such
back doors. Representatives from Cisco, for example, have publically stated
that they would go along with this, oh, about 8 years ago as I recall.
The main "carrot" which is provided is that the manufacturer will then be
allowed to bid on Government contracts. Considering that the U.S. Government
is the largest purchaser of IT equipment, this carries a considerable amount
of weight with large corporations. But the protocols aren't publically
As far as cellphones go, it was revealed last December during the trial of one
top Mafia honcho that the FBI had tapped his cellphone by remotely turning on
his cellphone and recording his conversations. Supposedly this was by a hack,
but the specifics weren't revealed. If memory serves, it was revealed that
they had the ability to turn on the microphone even if the phone was off.
It was either slashdot or digg which carried this as I recall.
The Feds had apparently determined that this was easier, and less risky, than
actually bugging his premises.
But this is really kind of old news. This sort of thing was discussed on the
cypherpunk list 10 years ago.
For Open Source cellphones, all you have to do is to make certain the
microphone circuitry is designed correctly if you want to prevent this. I
haven't followed the hardware design here to see to see whether the phone is
vulnerable to such an attack. Perhaps some of the OpenMoko developers would
care to comment.
But I can tell you that some of the designs from the Silicon Valley Homebrew
Club will be resistant against such attacks. As well as other attacks. Indeed,
the GSM library that I'm working on (at http://libgsmc.sourceforge.net) is
specifically designed to be resistant to various attacks from a compromised
GSM chip (be it lawful intercept or the usual buffer overflows).
Indeed, the main topic at our third gathering was about security, at which I
gave a talk.
More information about the community