[cryptome] How the NSA Could Bug Your Powered-Off iPhone, and How to Stop Them

  • From: Jeremy Compton <j.compton@xxxxxxxxxxx>
  • To: "cryptome@xxxxxxxxxxxxx" <cryptome@xxxxxxxxxxxxx>
  • Date: Wed, 11 Jun 2014 01:09:37 +1200

How the NSA Could Bug Your Powered-Off iPhone, and How to Stop Them


Whilst we are talking about this and Snowden talked about it. He basically said 
that if this same organisation wanted to they could have your phone. Or words 
to that effect. Not my words. I think the old advice was pull the battery and 
the sim card.

By Andy Greenberg  06.03.14  |  6:30 am  |  Permalink
Just because you turned off your phone doesn’t mean the NSA isn’t using it to 
spy on you.

Edward Snowden’s latest revelation about the NSA’s snooping inspired 
an extra dose of shock and disbelief when he said the agency’s hackers 
can use a mobile phone as a bug even after it’s been turned off. The 
whistleblower made that eye-opening claim when Brian Williams of NBC Nightly 
News, holding his iPhone aloft during last Wednesday’s interview,
 asked, “What can the NSA do with this device if they want to get into 
my life? Can anyone turn it on remotely if it’s off? Can they turn on 

“They can absolutely turn them on with the power turned off to the device,” 
Snowden replied.

Snowden didn’t offer any details on this seemingly magical feat. But a
 group of particularly cunning iPhone hackers say it’s possible. They 
also say you can totally and completely turn off your iPhone so no 
one—not even the NSA—can use it to spy on you.

Your Phone Is Playing Dead
Like any magic trick, the most plausible method of eavesdropping 
through a switched-off phone starts with an illusion. Security 
researchers posit that if an attacker has a chance to install malware 
before you shut down your phone, that software could make the phone look
 like it’s shutting down—complete with a fake “slide to power off” 
screen. Instead of powering down, it enters a low-power mode that leaves
 its baseband chip—which controls communication with the carrier—on.

This “playing dead” state would allow the phone to receive commands, 
including one to activate its microphone, says Eric McDonald, a hardware
 engineer in Los Angeles. McDonald is also a member of the Evad3rs, a 
team of iPhone hackers who created jailbreaks for the two previous 
iPhone operating systems. If the NSA used an exploit like those 
McDonald’s worked on to infect phone with malware that fakes a shutdown,
 “the screen would look black and nothing would happen if you pressed 
buttons,” he says. “But it’s conceivable that the baseband is still on, 
or turns on periodically. And it would be very difficult to know whether
 the phone has been compromised.” (Excerpt)


Other related posts: