Matt Waxes Poetic About Software Security
Wolfgang S. Rupprecht
wolfgang.rupprecht+gnus200703 at gmail.com
Fri Mar 9 21:20:44 CET 2007
"Matthew S. Hamrick" writes:
> But I like the idea of a switch for the microphone and a cover for the
> camera, too.
Having the security mechanism easily inspectable and verifiable is
also nice. There is nothing like a spring-loaded double-pole knife
switch mounted on a glass sheet to give you a warm fuzzy that the two
wires coming from the phone are really disconnected when the user
stops pressing on the switch.
In a similar vein, and a bit more automatic would be a hardware system
that forced a red led to be lit whenever the microphone was active.
Something as simple as a reverse biased diode in the microphone's
audio path could keep it disconnected until the audio line were forced
to some voltage that caused the diode to be forward biased and a led
to light. One could periodically check that the output from
microphone's A/D was indeed zero when the microphone is supposed to be
off. The latter is still subject to somehow verifying that the
microphone checking code hasn't been compromised, but the jtag
interface and doing a byte-by-byte comparison of the actual kernel to
the expected kernel should be of help there.
>From what I understand, certain government organizations are very
aware of the dangers that open microphones on cell phones pose.
Wouldn't it be great if an open-source project solved a problem that
the big established players are effectively barred from solving due to
agreements with competing government organizations?
Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/
More information about the community