Skip to comments.Can the NSA really listen to your iPhone’s microphone even when it is turned OFF? Possibly (video)
Posted on 06/10/2014 10:25:59 PM PDT by Swordmaker
Can the NSA really listen to your iPhones microphone even when it is turned OFF? Experts say it is possible - but reveal the trick to beat it
The NSA could technically listen in to the microphone of an iPhone even if it switched off, experts have revealed.
The claim was first made by Edward Snowden during an interview with Brian Williams of NBC Nightly News.
Today, experts confirmed the technique was technically possibly - and revealed a way to sidestep it.
The claim the NSA could technically listen in to the microphone of an iPhone even if it switched off was first made by Edward Snowden during an interview with Brian Williams of NBC Nightly News.
The claim the NSA could technically listen in to the microphone of an iPhone even if it switched off was first made by Edward Snowden during an interview with Brian Williams of NBC Nightly News.
Brian Williams of NBC Nightly News, holding his iPhone aloft during last Wednesdays interview, asked, What can the NSA do with this device if they want to get into my life? Can anyone turn it on remotely if its off? Can they turn on apps?
'They can absolutely turn them on with the power turned off to the device,' Snowden replied.
Security researchers claim the technique is possible, and that software could make the phone look like its shutting down but actually entering a low-power mode that leaves key communication chips on. . .
This 'playing dead' state would allow the phone to receive commands, including one to activate its microphone, Eric McDonald, a hardware engineer in Los Angeles told Wired.
(Excerpt) Read more at dailymail.co.uk ...
To ensure the phone is completely inoperable, it must be put into a sepcial DFU mode normal used to upgrade its software
Step-by-step guide on how to put iPhone in DFU mode
To enter DFU mode:
If you want on or off the Mac Ping List, Freepmail me.
Learn the battery consumption quirks of your device and be alert to changes. Kinda like on a pc, staying aware of your typical temperatures and resource usage patterns can reveal malware or developing hardware problems in time to be corrected easily.
if you have a strong baseline of normal operations, any changes will stick out like a sore thumb.
the answer is yes.
the one you should really come to grips on is...
with your computer off, they can power on your network card, upload software and have it open the mic and listen.
all without the machine booting up
If Apple allowed removable batteries, this could be avoided.
Heck, even the chinese produce better (and much cheaper) machines and more robust OS's!
keep your cameras taped when not explicitly using them. and keep the mike unplugged when not using it.
Not if it’s not plugged in.
What part of "This requires PHYSICAL ACCESS TO YOUR iPHONE TO INSTALL HARDWARE" do you fail to understand? Without having prior access to the iPhone, NSA cannot do this. If they can get physical access to your phone, they can install hidden power sources, hidden microphones, etc. All bets are off. Hell, if they've had access to your phone they OWN you.
If you worry about this, simply turn on AIRPLANE MODE. . . which turns off ALL RADIOS. This has been checked. No RF comes from the iPhones at all. Another solution. You want to talk about something you don't want the government to hear? Put your phone in your microwave oven. Excellent Faraday cage. Almost every home has one.
I think you can buy security software from the State Department that prevents the State Department from doing that.
On a Mac, you have to specifically allow "Wake for network activity" otherwise it will not happen. Also, Apple has hardwired the camera light on iMacs and MacBooks so that if the camera comes on, the light will light. No software way to avoid that.
I think the russians have better security software than that. :)
So physically disconnect it from the 120 and or the network.
We must all do microphone checks. Hold the phone near the toilet and fire off your salute of disapproval.
You should be good, right?
Absolutely. If your phone is powered off, it can't respond to the network. NSA proof!
But what if, thanks to having quietly installed an NSA firmware "upgrade" via whatever route, it didn't really power off?
The only way you'd know is if your phone's battery life is atypical. If it's still warm despite being turned off ... if you get droned!
I want the Chinese controlling my phone, much better than the NSA...
Most telling for the chinese though is if a virus or backdoor is discovered (usually by the 'nix crowd since the macophiles are usless for things like this) you can wipe it and have it secure again fairly quickly, unlike the US alphabet agencies who would most probably respond by kicking in your door in the middle of the night and shooting your dog(s) and then arresting you.
Unless you were a muzzie, arabic, related to the clintons or mrs bill (or eric-the-with-holder), or: one of the Sons Of Barak's (SOB's).
Or gay, if Barky found out.
I think I would prefer an audio disapproval... RRRRIIIIIIIPPPPPP!
Perhaps one of these days our phones will have the ability to detect aromomatic inputs? That would be even better. . . hmmmmm It would be good if their reproduction of that input were, shall we say, high definition?
Your “RRRRIIIIIIIPPPPPP!” is what I meant by a “salute of disapproval.” If I had it in me, a 21 gun salute!
They do listen, archive and index everything.
Think of like this; just 15 years ago it cost $1,000 for a 1 gigabyte hard drive.
Today, you can purchase a 64 gigabyte thumdrive for $50 bucks!
What is the cost for storing 1,000,000 times more information? And how much “zero” “real estate” will it take to store your life, a meta file or cycle?
Launch one. ..x
If you think your phone is off but it isn’t, you will have decreased battery life because the phone really isn’t off.
I wish it were true that only hippies, hipsters, and those smug “fair traders” at Starbucks used Apple phones, and that the NSA didn’t know how to wiretap other smartphone brands. That way, I would be confident that the NSA isn’t trying to spy on upstanding citizens, and that it would actually be doing something useful with our tax dollars.
Oh? Really? Were you aware that 98% of the malware for mobile devices is for Android, a 'nix derivative. The other 1.9% is for Symbian and Mobile Windows Phone and RIM. . . with iOS, a subset of UNIX, bringing up the final 0.1% and that is only for JAILBROKEN iPhones? And you think that "Macophiles are useless for things like this" do you? What about these Macophiles?
Of course, these Macophiles couldn't be bothered to look for discovering backdoors into their devices. . . they are too busy doing real work rather than doing "things like this."
Not to mention forever marketing overpriced by at least 2x machines that continually lag behind others in the market.
Please, Utilizer, tell me what computer is ½ the cost of this Apple MacPro computer that is also far ahead of it? Make sure you make an effort to match your components as closely as possible. This is a workstation grade machine, not a bottom of the barrel computer. It uses an Intel XEON grade processor and comes with 12GBs of 1866GH DDR3 ECC RAM as well as a high end SSD. . . and has the ability to connect 39 external devices at 20GB/sec transfer rate as well as three 4K displays, or six 2560 X 1600 simultaneous displays through dual AMD FirePro 300 graphic cards with 2GB of GDDR5 SDRAM each providing 2 Teraflops each of computing power. Oh, it also comes with a complete suite of software, including Apple's word processor Pages, spreadsheet Numbers, and Keynote presentation software. . . all of which are MS Office file read/write compatible. . . plus the entire suite of software in OSX.9 Mavericks. This computer can also run every version of Windows and Linux. It is a fully certified POSIX compliant, UNIX and can run all that software, out of the box. Oh, and under load its sound level is under 10 Decibels according to Ars Technica's review. Anything you come up with should be able to do all that as well.
If not jail broken? No. Positively no. Anyone who thinks so, also likely believes in “chemtrails” and aliens being held at Area 51.
You sure come off as an a$$hole sometimes.
Just my 2 cents.
Definition of the pejorative term:
"Anyone who consistently overwhelms the FUD of BBB333 and his slimy ilk with hard, cold facts."
ANY speaker can be a microphone, this isn’t news. The vibration of the speaker when noises are being made by something around it is enough to generate its own electricity and that can be used to power a transmitter.
This isn’t something unique to any smart phone, its been around for just less time than the modern speaker system existed.
I guess you are one, too.
The point is the dentist could be a bit more pleasant.
Do I have a Mac? Yes, 2.25 TB of internal storage on two internal HDs, running Windows 7 via Parallels 8.
iPhone? Two, thank you for asking.
Apple TV? Two as well.
Should I overlook the dentists a$$holeisness?
No, and neither should YOU!
i didn’t say the machine was waking up. just that you can power on the nic card
Congratulations on surviving a whole year on FR...
And yet, if I mention that it would be nice if iPhones have a removable battery, you go ape and respond as though your honor had been personally attacked. Get a grip, man! Steve Jobs told people who had antenna problems that they were holding the phone wrong. You suggest putting the phone in the microwave. Both ridiculous of course. The fact is, Apple makes such choices to prevent the user from having more control over the device, and of course, to maximize profits. Apple hates when third parties make accessories that allow them to make a buck, and so they create proprietary cords and work hard to make working on an iPhone, iPad or Macbook Pro as difficult as possible for non-Apple techs.
Many of us know this and buy Apple products in spite of it. There are many things people like me love about Apple. But I, unlike you apparently, admit of the possibility that Apple may not be perfect. It is a choice, with tradeoffs, and one of those tradeoffs is, they HAVE to control everything. Including batteries. There are many reasons why a removable battery is nice, and NSA spying through the microphone (whether they have to have PHYSICAL ACCESS TO YOUR PHONE or not, is just one of many.
Have a great day.
--written on Macbook Pro Retina
But where's Howard Wolowitz?
Did you read the part in your links specifying the so-called vulnerability was a PROOF OF CONCEPT?
It is not, as you imply, an out of the box, easy exploit applicable to every Apple Mac out in the wild.
This is déjà vu for me because I have posted this explanation before sometime ago when it first was publicized.
For this "vulnerability" to be exploited requires the person who turns off the LED have remote administrator privileges. This requires, Alvin, that the Mac which is to be exploited has to have been physically in the hands of someone for them to set it up FOR remote administrator privileges to be granted. While this person had possession of the targeted Mac, he would have to have super user access, which is even a higher access than administrator! because the Mac's iSight Camera module EPROM has to be reflashed to by-pass the software lockout so the remote administrator can controllably turn on the camera without the LED. This cannot be accomplished with only an administrator access.
Once all of that has been accomplished, your Peeping Tom, wanting to watch some one in her boudoir, has to log in to her prepared Mac with the administrator's name and password before he can do diddly squat about surreptitiously turning on her camera.
In other words, Alvin, it was NOT "broken in software" without a lot of preparation of the Mac to be "broken."
I posted this on FreeRepublic back when Miss Teen USA came out about the invasion of her privacy. . . and it turns out that although the media used this as a reason to talk about whether Apple Mac cameras could be turned on remotely, Miss Teen USA, it turns out owned an HP computer! It was not even an exploit of a Mac that started all of this hoopla!
Why? Because I challenged a troll who came on an Apple thread and INSULTED every Apple user on FreeRepublic by showing him that his A$$holic assumptions were WRONG and challenged him to prove his assertions? That makes me an A$$hole?!? Let him put facts where he put his mouth. I do. In case you didn't notice, I did not insult him or call him names. I challenged his facts.
I've given up with abiding rudeness including YOURS! You get no change from your 2¢
Where did you study electronics?!?! The micro-currents generated from a speaker moving through the SEMICONDUCTORS of the amplifier circuits that drive it, many of which are going to be DIODEs (read UNIDIRECTIONAL, passing current only one way) will not be sufficient to power any kind of transmitter, once you encounter any form of tuned circuit, ignoring that would be the output of the phone's Audio circuitry or CPU! This is an absurdity. Or are you thinking there is some switching circuitry between the speaker and the CPU and the transmitter that the micro current can bootstrap itself to switch from speaker mode to microphone to transmitter without a CPU being powered on? Yes, an engineer can design a speaker that will double as a microphone, but it will neither be a good speaker, nor a good microphone. . . But an unpowered speaker will never provide the wattage to send a radio signal any appreciable distance. Pardon me while I stop and gasp for breath.
Threat model. To mount our main attack where we capture video without any external indication to the victim, we assume that an attacker is able to run native code on the victims computer as an unprivileged user. Further, we assume the code is unencumbered by defenses such as Apples App Sandbox which is used for applications downloaded from the Mac App Store but by little else. This assumption is quite mild...
We stress that our main result disabling the iSight LED only applies to the first generation internal iSight webcams and we make no claims of security or insecurity of later models...
Please provide proper attribution and a working link which goes directly to the published material in your post. In fact, always provide proper attribution, including a working link to the site of original publication each time you post any published material.
Without the system booted, what would execute the software?
You get your own grip, Defiant. You just spouted a load of mythological based FUD yourself. A lot of what you just said simply is not true. First of all, please link me to a thread on FreeRepublic where I have gone "Ape" over anyone suggesting it would be "nice if iPhones have a removable battery." Please.
There are excellent engineering reasons for not having a removable battery which I understand and appreciate. These choices made by Apple engineers are why our iPhones and iPads are as small, thin, and light as they are, yet still have industry leading battery lives. Ask yourself, Defiant: "What does it take to add a user replaceable battery?"
Not having a user replaceable battery allows Apple engineers to use caseless battery cells that can be as flat as they need them, in any shape that best fits the available volume and space. . . or even use two or more separate battery packs in different locations inside the body of the phone to maximize the energy availability in the space availability, and increase the operational time. . . all while minimizing size and weight, on which consumers put a premium.
All that would have to be given up for a small minority who, like you, who have been carping for seven years about not having replaceable batteries. You want more time? Buy a Mophie case and double the power.
No, Defiant, this is a decision that makes sense every way you look at it. . . Adding a user-replaceable battery makes no sense unless you want to add cost, size, weight, problems, more customer dissatisfaction, and, in the long run, shorten the longevity of your product.
Is that going "ape" or is that explaining why Apple made a reasonable product design decision that I like that makes the product overall a better product?
You picked up on more FUD on "Antennagate" and Steve Jobs' comment. Jobs made an off the cuff joke to a guy he thought would have a sense of humor, before he went on to explain there really was no problem. And there wasn't. . . but the guy had no sense of humor, didn't believe Jobs, and spread the comment around the world. The iPhone4 went on being sold WITHOUT any antenna changes or redesign in the rest of the world, Defiant, and no antenna complaints were registered in any other market or carrier. Articles, which I posted on FR, from Australia were asking "what antenna problem?" and the iPhone 4 actually, when tested against competitors, was found to have the best reception performance of them all. The issue was a carrier based problem with AT&T only, with too many customers and not enough bandwidth causing dropped calls in certain urban areas. The unchanged iPhone 4, has been resurrected by Apple this year for sale in third world countries and STILL no antenna issues.
And I was quite serious about putting a phone (not just an iPhone) in a microwave oven. . . Even if it is a humorous solution. But I see you have no sense of humor like the guy Jobs was chatting with.my point was that if you are so damn paranoid and worried that someone can eavesdrop on you from a turned off phone and you must talk about something sensitive, put the damned thing in a microwave oven. A microwave oven is impervious to the radio wavelengths. . . nothing in, nothing out. Then you should probably have your chat in Klingon.
Your claim that "Apple hates when third parties make accessories that allow them to make a buck, and so they create proprietary cords and work hard to make working on an iPhone, iPad or Macbook Pro as difficult as possible for non-Apple techs" is absolutely ludicrous and demonstrates you don't know what you are talking about. If Apple hates this so much, why are they the leaders in meeting system standards? What is "proprietary" about Intel's Thunderbolt? How come Apple licenses over 10,000 authorized accessory manufacturers for Apple accessories? Why has Apple paid out over $10 Billion to independent App developers? Why do Macs work with industry standard peripherals? Why does Apple make adapters available for all standard cables? Why does Apple publish the specifications for their "proprietary" connectors which they've adopted to be able to make their devices even thinner yet, not, as you say "just to make working on . . . as difficult as possible. . ."? Why does Apple use a standard, easily available screwdriver, although not common, if they are trying to lock out techs. . . when the tech can buy one for under $10?
Could it be, Defiant, that the Apple devices have gotten so compact and layered with parts, that an amateur tinkerer should be discouraged from tinkering? Some devices do reach a level of such complexity. A recent IFixIt tear down of an Apple product warned readers that if they attempted the tear-down, they could easily tear a hidden ribbon cable connector off its circuit board if you didn't know where it was, under two other parts, and the cable had to be carefully disconnected before you removed those parts. Do you think, just perhaps, that might be why it's hard to open the cases?
Do you know that back in 1998 people were complaining about Apple using "proprietary cables" and using these strange proprietary peripherals that had to use those damn "proprietary USB connectors?" Where do you think innovation comes from? Apple is not using these connectors to lock out competition. They're better connectors.
You claim I respond as though I have been personally attacked. Defiant, when I respond like I have been personally attacked, it's because I HAVE BEEN personally attacked. Defiant, I have been the target of some of the worst invective, insults, and name calling on FreeRepublic merely because I use a Mac, iPhone, iPad and/or maintain the Apple/Mac/iPhone/iPad/iOS PING list and post articles for the list. Some of those attackers succeeded in getting themselves banned for life from FreeRepublic.
On this thread, a troll came on with the usual off hand insults to Mac users. . . Implicitly stating that Mac users are too stupid and inept to be able to find back doors and viruses. Then implying we are so stupid we buy overpriced hardware containing underpowered obsolete parts. I did not insult him. I showed him how his fallacious his assertion were with graphical proof. . . and challenged him to prove his assertions. For this. I was called an A$$hole, and you attacked me with more misinformed "facts" from the FUD mill. The SAME people keep coming onto these threads, spreading the same lies, despite being shown the facts over and over. Yet they will repeat the same thing the next time. I tried the polite approach. . . I still do. I have been getting this for TWENTY YEARS - I turned 65 last Friday and I just won't take it anymore. They are the trolls. They are the A$$holes. Read what you want into it. . .
In Alvin’s defense, the article is linked in the original reply. Thanks for moderating. I appreciate your hard work.
Thank you for pointing that out. I read through the entire paper except the citations. Amazing work though it is at best a Trojan in that they do have to get the user to install and run the malicious App so that part of it is activated in a VirtualBox in a virtual OS that is not OSX. One other caveat seems to be, reading between the lines, is that user had to have administrator privileges. . . and the attacker had to have it too because they mentioned the necessity to use SUDO. Had the victim user been operating as a Standard User as is the recommended practice, this would not have worked. Couple of other points. . . G5 computers cannot access the App Store, which they mention is a prerequisite for this to work, although there are other modalities to get the iSeeYou app on target G5. Biggest is the VirtualBox necessity to be running. . . That is a killer and sort of takes us back to the preparing the machine in advance to be invaded before it can be. How many Mac users are going to be running the appropriate guest OS under VirtualBox which has full root privileges (that's actually how the hardware reprogramming of the iSight camera EPROM is accomplished)?
Incidentally. . . Since their exploit requires VirtualBox to allow virtual machines to run on INTEL processor Macs, they are quite wrong that the exploit will work at all on a G5 iMac which uses a G5 PowerPC processor and not an Intel processor. Their only reason for claiming so is that the iSight camera exists on those models of iMacs. They’d have to write an entirely different code to have it work on a G5 iMac! LOL!
I think Sten is referring to a sleeping or hibernating computer. . . The NIC card has a dumb processor on it capable of certain dedicated tasks, among which is sending a signal to the host computer saying "Hey! Sleeping Beauty! wake up! Someone wants to chat with you!" The NIC card is always listening for that incoming alert to the MAC address. . . unless it is powered down.
If you check my posting history, you will find that I have posted negative articles about Apple as well as positive articles. . . and I've also criticized them. Your unwarranted assumption that I believe Apple is perfect is totally wrong. I just prefer facts and truth over myth and revisionist history. . . and FUD.
Six years ago I was discussing suing Apple with my in house attorney. . . my wife died suddenly due to a massive heart attack. I was keeping her last voicemail message to me on my iPhone in my visual voicemail inbox and would listen to it daily. One morning it was gone! I frantically looked for it, called Apple support, went to the Genius Bar and was informed that Apple iPhones were set to retain voice mail for only 30 days and then automatically delete them!!! Why? No one knew why. There was no lack of memory. It was a completely arbitrary timed deletion put in by some anonymous programer. And no, voicemail is not backed up and at that time it couldn't be forwarded or copied to anything. It existed only on my phone. No, I found out, ATT did not have a copy. . . Or they wouldn't admit to having it.
A wrote a bitter, nasty letter to Steve Jobs. He called me personally to apologize for Apple's oversight and egregious error. . . and told me the issue was fixed and would be in the next iPhone update.
No, they are not perfect. They make mistakes. I decided not to sue. My lawyer said there were no economic damages and emotional damages are hard to prove.
My point is that I will correct misinformation, provide the correct data, and generally provide links to the proof. If you don't like that and think that's being a "fanboy" too bad. If you are interested in news about Apple and their products, if be glad to add your name to the ~560 other Freepers on the Apple/Mac/iPhone/iPad/iOS Ping list who have asked me to do what you have criticized me for doing: keep them appraised of what's happening in the world of Apple, and keep the fact straight when people post myths, lies, and FUD. I've been maintaining that list for almost ten years.