Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Can the NSA really listen to your iPhone’s microphone even when it is turned OFF? Possibly (video)
UK Daily Mail ^ | 9 June 2014 | By MARK PRIGG

Posted on 06/10/2014 10:25:59 PM PDT by Swordmaker

Can the NSA really listen to your iPhone’s microphone even when it is turned OFF? Experts say it is possible - but reveal the trick to beat it

The NSA could technically listen in to the microphone of an iPhone even if it switched off, experts have revealed.

The claim was first made by Edward Snowden during an interview with Brian Williams of NBC Nightly News.

Today, experts confirmed the technique was technically possibly - and revealed a way to sidestep it.

The claim the NSA could technically listen in to the microphone of an iPhone even if it switched off was first made by Edward Snowden during an interview with Brian Williams of NBC Nightly News.

The claim the NSA could technically listen in to the microphone of an iPhone even if it switched off was first made by Edward Snowden during an interview with Brian Williams of NBC Nightly News.

Brian Williams of NBC Nightly News, holding his iPhone aloft during last Wednesday’s interview, asked, “What can the NSA do with this device if they want to get into my life? Can anyone turn it on remotely if it’s off? Can they turn on apps?

'They can absolutely turn them on with the power turned off to the device,' Snowden replied.

Security researchers claim the technique is possible, and that software could make the phone look like it’s shutting down but actually entering a low-power mode that leaves key communication chips on. . .

This 'playing dead' state would allow the phone to receive commands, including one to activate its microphone, Eric McDonald, a hardware engineer in Los Angeles told Wired.

(Excerpt) Read more at dailymail.co.uk ...


TOPICS: Business/Economy; Computers/Internet; Conspiracy
KEYWORDS: apple; bigbrother; hackers; infection; iphone; maccult; privacyrights
Navigation: use the links below to view more comments.
first 1-5051-67 next last
HOW TO TURN YOUR IPHONE OFF COMPLETELY

To ensure the phone is completely inoperable, it must be put into a sepcial DFU mode normal used to upgrade its software

Step-by-step guide on how to put iPhone in DFU mode

To enter DFU mode:


1 posted on 06/10/2014 10:25:59 PM PDT by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; AFreeBird; Airwinger; Aliska; altair; ...
Snowden claims the NSA can surreptitiously turn on iPhones remotely and turn on microphones and listen in, activate Apps. . . IF they've intercepted your iPhone and implanted it with hardware —PING!


Apple NSA Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 06/10/2014 10:30:02 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Learn the battery consumption quirks of your device and be alert to changes. Kinda like on a pc, staying aware of your typical temperatures and resource usage patterns can reveal malware or developing hardware problems in time to be corrected easily.

if you have a strong baseline of normal operations, any changes will stick out like a sore thumb.


3 posted on 06/10/2014 10:47:34 PM PDT by Fire_on_High (RIP City of Heroes and Paragon Studios, victim of the Obamaconomy.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

the answer is yes.

the one you should really come to grips on is...

with your computer off, they can power on your network card, upload software and have it open the mic and listen.

all without the machine booting up


4 posted on 06/10/2014 10:49:23 PM PDT by sten (fighting tyranny never goes out of style)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

If Apple allowed removable batteries, this could be avoided.


5 posted on 06/10/2014 10:57:50 PM PDT by Defiant (Let the Tea Party win, and we will declare peace on the American people and go home.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Defiant
Well also, if apple had a decent OS that was not subject to hacking there would not be a problem. Not to mention forever marketing overpriced by at least 2x machines that continually lag behind others in the market.

Heck, even the chinese produce better (and much cheaper) machines and more robust OS's!

6 posted on 06/10/2014 11:09:15 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 5 | View Replies]

To: sten

keep your cameras taped when not explicitly using them. and keep the mike unplugged when not using it.


7 posted on 06/10/2014 11:10:33 PM PDT by Jonty30 (What Islam and secularism have in common is that they are both death cults)
[ Post Reply | Private Reply | To 4 | View Replies]

To: sten

Not if it’s not plugged in.


8 posted on 06/10/2014 11:12:48 PM PDT by Fungi
[ Post Reply | Private Reply | To 4 | View Replies]

To: Defiant
If Apple allowed removable batteries, this could be avoided.

What part of "This requires PHYSICAL ACCESS TO YOUR iPHONE TO INSTALL HARDWARE" do you fail to understand? Without having prior access to the iPhone, NSA cannot do this. If they can get physical access to your phone, they can install hidden power sources, hidden microphones, etc. All bets are off. Hell, if they've had access to your phone they OWN you.

If you worry about this, simply turn on AIRPLANE MODE. . . which turns off ALL RADIOS. This has been checked. No RF comes from the iPhones at all. Another solution. You want to talk about something you don't want the government to hear? Put your phone in your microwave oven. Excellent Faraday cage. Almost every home has one.

9 posted on 06/10/2014 11:17:13 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Swordmaker

bttt


10 posted on 06/10/2014 11:17:48 PM PDT by TEXOKIE (We must surrender only to our Holy God and never to the evil that has befallen us.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

I think you can buy security software from the State Department that prevents the State Department from doing that.


11 posted on 06/10/2014 11:20:56 PM PDT by Telepathic Intruder (The only thing the Left has learned from the failures of socialism is not to call it that)
[ Post Reply | Private Reply | To 1 | View Replies]

To: sten
with your computer off, they can power on your network card, upload software and have it open the mic and listen.

On a Mac, you have to specifically allow "Wake for network activity" otherwise it will not happen. Also, Apple has hardwired the camera light on iMacs and MacBooks so that if the camera comes on, the light will light. No software way to avoid that.

12 posted on 06/10/2014 11:21:25 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Telepathic Intruder

I think the russians have better security software than that. :)


13 posted on 06/10/2014 11:24:30 PM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 11 | View Replies]

To: sten

So physically disconnect it from the 120 and or the network.


14 posted on 06/10/2014 11:26:26 PM PDT by Still Thinking (Freedom is NOT a loophole!)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Swordmaker

We must all do microphone checks. Hold the phone near the toilet and fire off your salute of disapproval.


15 posted on 06/10/2014 11:40:02 PM PDT by jonrick46 (The opium of Communists: other people's money.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
OK. So, you powered down your phone, and it reacted appropriately and turned off, at least to all outward appearances (unless you've got a good thermometer).

You should be good, right?

Absolutely. If your phone is powered off, it can't respond to the network. NSA proof!

But what if, thanks to having quietly installed an NSA firmware "upgrade" via whatever route, it didn't really power off?

The only way you'd know is if your phone's battery life is atypical. If it's still warm despite being turned off ... if you get droned!

16 posted on 06/10/2014 11:40:36 PM PDT by cynwoody
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer

I want the Chinese controlling my phone, much better than the NSA...

/ sheesh...


17 posted on 06/10/2014 11:41:10 PM PDT by Yehuda (Search youtube and listen to "Islams Not For Me".)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Yehuda
I admit, it can be a toss-up. *grin*

Most telling for the chinese though is if a virus or backdoor is discovered (usually by the 'nix crowd since the macophiles are usless for things like this) you can wipe it and have it secure again fairly quickly, unlike the US alphabet agencies who would most probably respond by kicking in your door in the middle of the night and shooting your dog(s) and then arresting you.

Unless you were a muzzie, arabic, related to the clintons or mrs bill (or eric-the-with-holder), or: one of the Sons Of Barak's (SOB's).

Or gay, if Barky found out.

18 posted on 06/11/2014 12:12:43 AM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 17 | View Replies]

To: jonrick46
We must all do microphone checks. Hold the phone near the toilet and fire off your salute of disapproval.

I think I would prefer an audio disapproval... RRRRIIIIIIIPPPPPP!

Perhaps one of these days our phones will have the ability to detect aromomatic inputs? That would be even better. . . hmmmmm It would be good if their reproduction of that input were, shall we say, high definition?

19 posted on 06/11/2014 12:40:52 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Swordmaker

Your “RRRRIIIIIIIPPPPPP!” is what I meant by a “salute of disapproval.” If I had it in me, a 21 gun salute!


20 posted on 06/11/2014 12:44:14 AM PDT by jonrick46 (The opium of Communists: other people's money.)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Swordmaker

Ridiculous question.

They do listen, archive and index everything.

Think of like this; just 15 years ago it cost $1,000 for a 1 gigabyte hard drive.

Today, you can purchase a 64 gigabyte thumdrive for $50 bucks!

What is the cost for storing 1,000,000 times more information? And how much “zero” “real estate” will it take to store your life, a meta file or cycle?


21 posted on 06/11/2014 12:53:30 AM PDT by Vendome (Don't take life so seriously-you won't live through it anyway-Enjoy Yourself ala Louis Prima)
[ Post Reply | Private Reply | To 1 | View Replies]

To: jonrick46

Launch one. ..x


22 posted on 06/11/2014 12:54:32 AM PDT by Vendome (Don't take life so seriously-you won't live through it anyway-Enjoy Yourself ala Louis Prima)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Swordmaker

If you think your phone is off but it isn’t, you will have decreased battery life because the phone really isn’t off.


23 posted on 06/11/2014 1:36:39 AM PDT by fso301
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

I wish it were true that only hippies, hipsters, and those smug “fair traders” at Starbucks used Apple phones, and that the NSA didn’t know how to wiretap other smartphone brands. That way, I would be confident that the NSA isn’t trying to spy on upstanding citizens, and that it would actually be doing something useful with our tax dollars.


24 posted on 06/11/2014 1:50:10 AM PDT by Objective Scrutator (All liberals are criminals, and all criminals are liberals)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer
Most telling for the chinese though is if a virus or backdoor is discovered (usually by the 'nix crowd since the macophiles are usless for things like this)

Oh? Really? Were you aware that 98% of the malware for mobile devices is for Android, a 'nix derivative. The other 1.9% is for Symbian and Mobile Windows Phone and RIM. . . with iOS, a subset of UNIX, bringing up the final 0.1% and that is only for JAILBROKEN iPhones? And you think that "Macophiles are useless for things like this" do you? What about these Macophiles?


This image shows Curiosity's Entry, Descent and Landing (EDL) "war room" and its staff. On the night of Aug. 5, 2012 PDT (early morning Aug. 6 EDT), 34 engineers gathered in this room at NASA's Jet Propulsion Laboratory, Pasadena, Calif., to support the landing with their personal computers.


Curiosity Mars Lander Control Room. . . also with their personal Mac computers.

Of course, these Macophiles couldn't be bothered to look for discovering backdoors into their devices. . . they are too busy doing real work rather than doing "things like this."

Not to mention forever marketing overpriced by at least 2x machines that continually lag behind others in the market.


Apple MacPro — base price $2999 — Complete specifications

Please, Utilizer, tell me what computer is ½ the cost of this Apple MacPro computer that is also far ahead of it? Make sure you make an effort to match your components as closely as possible. This is a workstation grade machine, not a bottom of the barrel computer. It uses an Intel XEON™ grade processor and comes with 12GBs of 1866GH DDR3 ECC RAM as well as a high end SSD. . . and has the ability to connect 39 external devices at 20GB/sec transfer rate as well as three 4K displays, or six 2560 X 1600 simultaneous displays through dual AMD FirePro 300 graphic cards with 2GB of GDDR5 SDRAM each providing 2 Teraflops each of computing power. Oh, it also comes with a complete suite of software, including Apple's word processor Pages, spreadsheet Numbers, and Keynote presentation software. . . all of which are MS Office file read/write compatible. . . plus the entire suite of software in OSX.9 Mavericks. This computer can also run every version of Windows and Linux. It is a fully certified POSIX compliant, UNIX™ and can run all that software, out of the box. Oh, and under load its sound level is under 10 Decibels according to Ars Technica's review. Anything you come up with should be able to do all that as well.

25 posted on 06/11/2014 2:20:28 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 18 | View Replies]

To: Swordmaker

If not jail broken? No. Positively no. Anyone who thinks so, also likely believes in “chemtrails” and aliens being held at Area 51.


26 posted on 06/11/2014 3:55:13 AM PDT by Tzfat
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Boy-Oh-Boy-Oh-Boy!

You sure come off as an a$$hole sometimes.

Just my 2 cents.


27 posted on 06/11/2014 5:08:53 AM PDT by BBB333 (Q: Which is grammatically correct? Joe Biden IS or Joe Biden ARE an idiot?)
[ Post Reply | Private Reply | To 25 | View Replies]

To: BBB333; Swordmaker
"You sure come off as an a$$hole sometimes."

Definition of the pejorative term:

"Anyone who consistently overwhelms the FUD of BBB333 and his slimy ilk with hard, cold facts."

28 posted on 06/11/2014 5:55:45 AM PDT by TXnMA ("Allah": Satan's current alias... "Barack": Allah's current ally...)
[ Post Reply | Private Reply | To 27 | View Replies]

To: Swordmaker

ANY speaker can be a microphone, this isn’t news. The vibration of the speaker when noises are being made by something around it is enough to generate its own electricity and that can be used to power a transmitter.

This isn’t something unique to any smart phone, its been around for just less time than the modern speaker system existed.


29 posted on 06/11/2014 6:03:37 AM PDT by HamiltonJay
[ Post Reply | Private Reply | To 2 | View Replies]

To: TXnMA

I guess you are one, too.

The point is the dentist could be a bit more pleasant.

Do I have a Mac? Yes, 2.25 TB of internal storage on two internal HDs, running Windows 7 via Parallels 8.

iPhone? Two, thank you for asking.

iPad? Check.

Apple TV? Two as well.

Should I overlook the dentists a$$holeisness?

No, and neither should YOU!


30 posted on 06/11/2014 6:08:48 AM PDT by BBB333 (Q: Which is grammatically correct? Joe Biden IS or Joe Biden ARE an idiot?)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Swordmaker

i didn’t say the machine was waking up. just that you can power on the nic card


31 posted on 06/11/2014 6:13:35 AM PDT by sten (fighting tyranny never goes out of style)
[ Post Reply | Private Reply | To 12 | View Replies]

To: BBB333; Swordmaker

Congratulations on surviving a whole year on FR...


32 posted on 06/11/2014 6:31:57 AM PDT by TXnMA ("Allah": Satan's current alias... "Barack": Allah's current ally...)
[ Post Reply | Private Reply | To 30 | View Replies]

To: TXnMA

Thank You!


33 posted on 06/11/2014 6:47:42 AM PDT by BBB333 (Q: Which is grammatically correct? Joe Biden IS or Joe Biden ARE an idiot?)
[ Post Reply | Private Reply | To 32 | View Replies]

To: Swordmaker
See, this is why you get grief from people here for being such a fanboy. I own a Macbook Pro, Mac Mini, iPad mini, and iPhone. I've been running Mac to run my office for 5 years, and before that, from 92-99. My first Apple computer was an Apple Iic, purchased in 1984. Our household is all iPhone, 5 of them. Have been for years. Daughter has a Macbook and I just ordered one for our son.

And yet, if I mention that it would be nice if iPhones have a removable battery, you go ape and respond as though your honor had been personally attacked. Get a grip, man! Steve Jobs told people who had antenna problems that they were holding the phone wrong. You suggest putting the phone in the microwave. Both ridiculous of course. The fact is, Apple makes such choices to prevent the user from having more control over the device, and of course, to maximize profits. Apple hates when third parties make accessories that allow them to make a buck, and so they create proprietary cords and work hard to make working on an iPhone, iPad or Macbook Pro as difficult as possible for non-Apple techs.

Many of us know this and buy Apple products in spite of it. There are many things people like me love about Apple. But I, unlike you apparently, admit of the possibility that Apple may not be perfect. It is a choice, with tradeoffs, and one of those tradeoffs is, they HAVE to control everything. Including batteries. There are many reasons why a removable battery is nice, and NSA spying through the microphone (whether they have to have PHYSICAL ACCESS TO YOUR PHONE or not, is just one of many.

Have a great day.

--written on Macbook Pro Retina

34 posted on 06/11/2014 7:23:41 AM PDT by Defiant (Let the Tea Party win, and we will declare peace on the American people and go home.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Swordmaker
Also, Apple has hardwired the camera light on iMacs and MacBooks so that if the camera comes on, the light will light. No software way to avoid that.

That's not correct -- this has been broken in software:

Research shows how MacBook Webcams can spy on their users without warning (The Washington Post)

iSeeYou: Disabling the MacBook Webcam Indicator LED (Johns Hopkins University)

PDF of technical report on the above from Johns Hopkins Univ.

I don't know if Apple has plugged up the specific security hole these people used, but it was thought at the time that there was no way to do this because of the hardware interlock. This shows how clever techniques can do something that seems impossible.

A good rule of thumb is that if somebody thinks that something can't be hacked into, they just haven't thought about it hard enough or they don't know enough about the internals of the system. [And that's even ignoring the possibility of social engineering.]
35 posted on 06/11/2014 9:12:21 AM PDT by Alvin Diogenes
[ Post Reply | Private Reply | To 12 | View Replies]

To: Swordmaker
I like the fact that the girl in the purple blouse to the extreme right hand side of that NASA room looks a lot like Penny (Kaley Cuoco) from The Big Bang Theory.

But where's Howard Wolowitz?

Cheers!

36 posted on 06/11/2014 1:23:34 PM PDT by grey_whiskers (The opinions are solely those of the author and are subject to change without notice.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: Alvin Diogenes
That's not correct -- this has been broken in software:

Did you read the part in your links specifying the so-called vulnerability was a PROOF OF CONCEPT?

It is not, as you imply, an out of the box, easy exploit applicable to every Apple Mac out in the wild.

This is déjà vu for me because I have posted this explanation before sometime ago when it first was publicized.

For this "vulnerability" to be exploited requires the person who turns off the LED have remote administrator privileges. This requires, Alvin, that the Mac which is to be exploited has to have been physically in the hands of someone for them to set it up FOR remote administrator privileges to be granted. While this person had possession of the targeted Mac, he would have to have super user access, which is even a higher access than administrator! because the Mac's iSight Camera module EPROM has to be reflashed to by-pass the software lockout so the remote administrator can controllably turn on the camera without the LED. This cannot be accomplished with only an administrator access.

Once all of that has been accomplished, your Peeping Tom, wanting to watch some one in her boudoir, has to log in to her prepared Mac with the administrator's name and password before he can do diddly squat about surreptitiously turning on her camera.

In other words, Alvin, it was NOT "broken in software" without a lot of preparation of the Mac to be "broken."

I posted this on FreeRepublic back when Miss Teen USA came out about the invasion of her privacy. . . and it turns out that although the media used this as a reason to talk about whether Apple Mac cameras could be turned on remotely, Miss Teen USA, it turns out owned an HP computer! It was not even an exploit of a Mac that started all of this hoopla!

37 posted on 06/11/2014 7:52:24 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 35 | View Replies]

To: BBB333
You sure come off as an a$$hole sometimes.

Just my 2 cents.

Why? Because I challenged a troll who came on an Apple thread and INSULTED every Apple user on FreeRepublic by showing him that his A$$holic assumptions were WRONG and challenged him to prove his assertions? That makes me an A$$hole?!? Let him put facts where he put his mouth. I do. In case you didn't notice, I did not insult him or call him names. I challenged his facts.

I've given up with abiding rudeness including YOURS! You get no change from your 2¢

38 posted on 06/11/2014 8:17:52 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 27 | View Replies]

To: HamiltonJay
ANY speaker can be a microphone, this isn’t news. The vibration of the speaker when noises are being made by something around it is enough to generate its own electricity and that can be used to power a transmitter.

ROTFLMAO

Where did you study electronics?!?! The micro-currents generated from a speaker moving through the SEMICONDUCTORS of the amplifier circuits that drive it, many of which are going to be DIODEs (read UNIDIRECTIONAL, passing current only one way) will not be sufficient to power any kind of transmitter, once you encounter any form of tuned circuit, ignoring that would be the output of the phone's Audio circuitry or CPU! This is an absurdity. Or are you thinking there is some switching circuitry between the speaker and the CPU and the transmitter that the micro current can bootstrap itself to switch from speaker mode to microphone to transmitter without a CPU being powered on? Yes, an engineer can design a speaker that will double as a microphone, but it will neither be a good speaker, nor a good microphone. . . But an unpowered speaker will never provide the wattage to send a radio signal any appreciable distance. Pardon me while I stop and gasp for breath.

39 posted on 06/11/2014 8:47:52 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 29 | View Replies]

Comment #40 Removed by Moderator

To: Swordmaker
As the article says, this was implemented on older generation MacBooks, not current models.

However, on the vulnerable models, it appears that in fact you don't need remote administrator privileges, nor do you need to reflash the EPROM. You just need to run the iSeeYou app. Caveat: I have not tried this on an actual machine myself, as that seems unwise; but this is the claim made in Johns Hopkins article.

The reprogramming of the firmware is said to be done with system calls and USB functionality, and no mention is made of attaching additional hardware to reflash the EPROM, nor is physical access to the machine said to be required.

Here's what the article says:

Threat model. To mount our main attack where we capture video without any external indication to the victim, we assume that an attacker is able to run native code on the victim’s computer as an unprivileged user. Further, we assume the code is unencumbered by defenses such as Apple’s App Sandbox which is used for applications downloaded from the Mac App Store but by little else. This assumption is quite mild...

...

We stress that our main result — disabling the iSight LED — only applies to the first generation internal iSight webcams and we make no claims of security or insecurity of later models...


It's clear that they're saying that this is a security issue with 1st-generation iSight webcams.

You do need to convince someone at the machine to run the app, but that's generally not too hard to achieve (people download things frequently, they open email attachments, etc., etc.).

They do go on to show how you can use this to do more than bypass the webcam LED -- you can actually run arbitrary code (as an unprivileged user). This extra step requires some additional user authorization. (I think a compromised video conferencing program would be sufficient, but I'm not sure.) However, this extra authorization isn't needed for the webcam LED trick.

By the way, my post was not at all anti-Apple or anti-Unix. Experience suggests that Windows machines have many more vulnerabilities. However, this particular hack happens to have been on a Mac.

Anyway, if I'm wrong, please point out where the article says that anything more is required than running an unprivileged program on a target machine of the correct vintage.
41 posted on 06/12/2014 12:19:19 AM PDT by Alvin Diogenes
[ Post Reply | Private Reply | To 37 | View Replies]

To: Alvin Diogenes
" As the article says "


Please provide proper attribution and a working link which goes directly to the published material in your post. In fact, always provide proper attribution, including a working link to the site of original publication each time you post any published material.

Thanks.

42 posted on 06/12/2014 12:24:42 AM PDT by Admin Moderator
[ Post Reply | Private Reply | To 41 | View Replies]

To: sten

Without the system booted, what would execute the software?


43 posted on 06/12/2014 12:27:26 AM PDT by Gene Eric (Don't be a statist!)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Defiant
And yet, if I mention that it would be nice if iPhones have a removable battery, you go ape and respond as though your honor had been personally attacked. Get a grip, man! Steve Jobs told people who had antenna problems that they were holding the phone wrong. You suggest putting the phone in the microwave. Both ridiculous of course. The fact is, Apple makes such choices to prevent the user from having more control over the device, and of course, to maximize profits. Apple hates when third parties make accessories that allow them to make a buck, and so they create proprietary cords and work hard to make working on an iPhone, iPad or Macbook Pro as difficult as possible for non-Apple techs.

You get your own grip, Defiant. You just spouted a load of mythological based FUD yourself. A lot of what you just said simply is not true. First of all, please link me to a thread on FreeRepublic where I have gone "Ape" over anyone suggesting it would be "nice if iPhones have a removable battery." Please.

There are excellent engineering reasons for not having a removable battery which I understand and appreciate. These choices made by Apple engineers are why our iPhones and iPads are as small, thin, and light as they are, yet still have industry leading battery lives. Ask yourself, Defiant: "What does it take to add a user replaceable battery?"

Not having a user replaceable battery allows Apple engineers to use caseless battery cells that can be as flat as they need them, in any shape that best fits the available volume and space. . . or even use two or more separate battery packs in different locations inside the body of the phone to maximize the energy availability in the space availability, and increase the operational time. . . all while minimizing size and weight, on which consumers put a premium.

All that would have to be given up for a small minority who, like you, who have been carping for seven years about not having replaceable batteries. You want more time? Buy a Mophie case and double the power.

No, Defiant, this is a decision that makes sense every way you look at it. . . Adding a user-replaceable battery makes no sense unless you want to add cost, size, weight, problems, more customer dissatisfaction, and, in the long run, shorten the longevity of your product.

Is that going "ape" or is that explaining why Apple made a reasonable product design decision that I like that makes the product overall a better product?

You picked up on more FUD on "Antennagate" and Steve Jobs' comment. Jobs made an off the cuff joke to a guy he thought would have a sense of humor, before he went on to explain there really was no problem. And there wasn't. . . but the guy had no sense of humor, didn't believe Jobs, and spread the comment around the world. The iPhone4 went on being sold WITHOUT any antenna changes or redesign in the rest of the world, Defiant, and no antenna complaints were registered in any other market or carrier. Articles, which I posted on FR, from Australia were asking "what antenna problem?" and the iPhone 4 actually, when tested against competitors, was found to have the best reception performance of them all. The issue was a carrier based problem with AT&T only, with too many customers and not enough bandwidth causing dropped calls in certain urban areas. The unchanged iPhone 4, has been resurrected by Apple this year for sale in third world countries and STILL no antenna issues.

And I was quite serious about putting a phone (not just an iPhone) in a microwave oven. . . Even if it is a humorous solution. But I see you have no sense of humor like the guy Jobs was chatting with.my point was that if you are so damn paranoid and worried that someone can eavesdrop on you from a turned off phone and you must talk about something sensitive, put the damned thing in a microwave oven. A microwave oven is impervious to the radio wavelengths. . . nothing in, nothing out. Then you should probably have your chat in Klingon.

Your claim that "Apple hates when third parties make accessories that allow them to make a buck, and so they create proprietary cords and work hard to make working on an iPhone, iPad or Macbook Pro as difficult as possible for non-Apple techs" is absolutely ludicrous and demonstrates you don't know what you are talking about. If Apple hates this so much, why are they the leaders in meeting system standards? What is "proprietary" about Intel's Thunderbolt? How come Apple licenses over 10,000 authorized accessory manufacturers for Apple accessories? Why has Apple paid out over $10 Billion to independent App developers? Why do Macs work with industry standard peripherals? Why does Apple make adapters available for all standard cables? Why does Apple publish the specifications for their "proprietary" connectors which they've adopted to be able to make their devices even thinner yet, not, as you say "just to make working on . . . as difficult as possible. . ."? Why does Apple use a standard, easily available screwdriver, although not common, if they are trying to lock out techs. . . when the tech can buy one for under $10?

Could it be, Defiant, that the Apple devices have gotten so compact and layered with parts, that an amateur tinkerer should be discouraged from tinkering? Some devices do reach a level of such complexity. A recent IFixIt tear down of an Apple product warned readers that if they attempted the tear-down, they could easily tear a hidden ribbon cable connector off its circuit board if you didn't know where it was, under two other parts, and the cable had to be carefully disconnected before you removed those parts. Do you think, just perhaps, that might be why it's hard to open the cases?

Do you know that back in 1998 people were complaining about Apple using "proprietary cables" and using these strange proprietary peripherals that had to use those damn "proprietary USB connectors?" Where do you think innovation comes from? Apple is not using these connectors to lock out competition. They're better connectors.

You claim I respond as though I have been personally attacked. Defiant, when I respond like I have been personally attacked, it's because I HAVE BEEN personally attacked. Defiant, I have been the target of some of the worst invective, insults, and name calling on FreeRepublic merely because I use a Mac, iPhone, iPad and/or maintain the Apple/Mac/iPhone/iPad/iOS PING list and post articles for the list. Some of those attackers succeeded in getting themselves banned for life from FreeRepublic.

On this thread, a troll came on with the usual off hand insults to Mac users. . . Implicitly stating that Mac users are too stupid and inept to be able to find back doors and viruses. Then implying we are so stupid we buy overpriced hardware containing underpowered obsolete parts. I did not insult him. I showed him how his fallacious his assertion were with graphical proof. . . and challenged him to prove his assertions. For this. I was called an A$$hole, and you attacked me with more misinformed "facts" from the FUD mill. The SAME people keep coming onto these threads, spreading the same lies, despite being shown the facts over and over. Yet they will repeat the same thing the next time. I tried the polite approach. . . I still do. I have been getting this for TWENTY YEARS - I turned 65 last Friday and I just won't take it anymore. They are the trolls. They are the A$$holes. Read what you want into it. . .

44 posted on 06/12/2014 12:58:58 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 34 | View Replies]

To: Admin Moderator

In Alvin’s defense, the article is linked in the original reply. Thanks for moderating. I appreciate your hard work.


45 posted on 06/12/2014 1:12:18 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 42 | View Replies]

To: Admin Moderator
Please provide proper attribution and a working link...

Sorry if I it wasn't clear -- it's the Johns Hopkins technical report that I linked to in #35 above:

iSeeYou: Disabling the MacBook Webcam Indicator LED (Johns Hopkins University), which includes the full technical report as a PDF file.
46 posted on 06/12/2014 1:26:19 AM PDT by Alvin Diogenes
[ Post Reply | Private Reply | To 42 | View Replies]

To: Alvin Diogenes
Threat model. To mount our main attack where we capture video without any external indication to the victim, we assume that an attacker is able to run native code on the victim’s computer as an unprivileged user. Further, we assume the code is unencumbered by defenses such as Apple’s App Sandbox which is used for applications downloaded from the Mac App Store but by little else. This assumption is quite mild...

Thank you for pointing that out. I read through the entire paper except the citations. Amazing work though it is at best a Trojan in that they do have to get the user to install and run the malicious App so that part of it is activated in a VirtualBox in a virtual OS that is not OSX. One other caveat seems to be, reading between the lines, is that user had to have administrator privileges. . . and the attacker had to have it too because they mentioned the necessity to use SUDO. Had the victim user been operating as a Standard User as is the recommended practice, this would not have worked. Couple of other points. . . G5 computers cannot access the App Store, which they mention is a prerequisite for this to work, although there are other modalities to get the iSeeYou app on target G5. Biggest is the VirtualBox necessity to be running. . . That is a killer and sort of takes us back to the preparing the machine in advance to be invaded before it can be. How many Mac users are going to be running the appropriate guest OS under VirtualBox which has full root privileges (that's actually how the hardware reprogramming of the iSight camera EPROM is accomplished)?

47 posted on 06/12/2014 2:07:03 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 41 | View Replies]

To: Alvin Diogenes

Incidentally. . . Since their exploit requires VirtualBox to allow virtual machines to run on INTEL processor Macs, they are quite wrong that the exploit will work at all on a G5 iMac which uses a G5 PowerPC processor and not an Intel processor. Their only reason for claiming so is that the iSight camera exists on those models of iMacs. They’d have to write an entirely different code to have it work on a G5 iMac! LOL!


48 posted on 06/12/2014 2:13:40 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 46 | View Replies]

To: Gene Eric; sten
Without the system booted, what would execute the software?

I think Sten is referring to a sleeping or hibernating computer. . . The NIC card has a dumb processor on it capable of certain dedicated tasks, among which is sending a signal to the host computer saying "Hey! Sleeping Beauty! wake up! Someone wants to chat with you!" The NIC card is always listening for that incoming alert to the MAC address. . . unless it is powered down.

49 posted on 06/12/2014 2:19:08 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 43 | View Replies]

To: Defiant
Many of us know this and buy Apple products in spite of it. There are many things people like me love about Apple. But I, unlike you apparently, admit of the possibility that Apple may not be perfect. It is a choice, with tradeoffs, and one of those tradeoffs is, they HAVE to control everything. Including batteries. There are many reasons why a removable battery is nice, and NSA spying through the microphone (whether they have to have PHYSICAL ACCESS TO YOUR PHONE or not, is just one of many.

If you check my posting history, you will find that I have posted negative articles about Apple as well as positive articles. . . and I've also criticized them. Your unwarranted assumption that I believe Apple is perfect is totally wrong. I just prefer facts and truth over myth and revisionist history. . . and FUD.

Six years ago I was discussing suing Apple with my in house attorney. . . my wife died suddenly due to a massive heart attack. I was keeping her last voicemail message to me on my iPhone in my visual voicemail inbox and would listen to it daily. One morning it was gone! I frantically looked for it, called Apple support, went to the Genius Bar and was informed that Apple iPhones were set to retain voice mail for only 30 days and then automatically delete them!!! Why? No one knew why. There was no lack of memory. It was a completely arbitrary timed deletion put in by some anonymous programer. And no, voicemail is not backed up and at that time it couldn't be forwarded or copied to anything. It existed only on my phone. No, I found out, ATT did not have a copy. . . Or they wouldn't admit to having it.

A wrote a bitter, nasty letter to Steve Jobs. He called me personally to apologize for Apple's oversight and egregious error. . . and told me the issue was fixed and would be in the next iPhone update.

No, they are not perfect. They make mistakes. I decided not to sue. My lawyer said there were no economic damages and emotional damages are hard to prove.

My point is that I will correct misinformation, provide the correct data, and generally provide links to the proof. If you don't like that and think that's being a "fanboy" too bad. If you are interested in news about Apple and their products, if be glad to add your name to the ~560 other Freepers on the Apple/Mac/iPhone/iPad/iOS Ping list who have asked me to do what you have criticized me for doing: keep them appraised of what's happening in the world of Apple, and keep the fact straight when people post myths, lies, and FUD. I've been maintaining that list for almost ten years.

50 posted on 06/12/2014 2:55:53 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue...)
[ Post Reply | Private Reply | To 34 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-67 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson