United States, couple years ago my friend in his mid-thirties was feeling depressed after his mom died. Came over to hang out, and wasn’t responding to his sisters calls.
His sister called in a welfare check on him and suddenly I have three cops knocking at my front door. They ask for him by name, say he isn’t in trouble. I go get him; he asks “how did you know where I was?” and the cops say “we pinged your phone”. What that entails exactly I have no clue.
Later I pulled up the video of them arriving on my cameras, they didn’t approach any of my neighbors houses first. It was just right to my front door like they knew exactly where he was. Kinda spooky.
> the cops say “we pinged your phone”. What that entails exactly I have no clue.
The cell phone infrastructure knows where your phone is. It has to in order for it to operate. The police routinely ask cell phone companies for locations of cell phones. Many (most?) not only won't require a warrant, but provide an official portal the police can use to conduct their queries without having to get a phone company employee to do it.
Note that it is not just police. The core of GPS network, SS7 system, is more than 50 years old in this point. It is often exploited by authoritarian states, sometimes to the end to get human right activists and journalists murdered.
Correct me if I'm wrong, but cell phone companies only know which tower you are currently connected to. So it's pretty inaccurate. The only thing that is "house accurate" is the GPS on your phone. That means they need access to your phone to get that info.
Remark that GPS doesn't need to be turned on. Google mapped all Wifi's and so can locate you without GPS.
Despite all the technology in the world the majority of police work is still plain old-fashioned knocking on doors and making phone calls. People will always voluntarily give up all the information in the world to be seen as good citizens. In your friend's case I'm willing to bet that they asked the sister for the names of his close friends and acquaintances and yours matched up.
No. They can locate anyone's phone on demand. The services that do this can generate a likely street address from GPS or tower triangulated location.
This is how many criminals now get caught while on the run. It isn't magic police work but rather the personal tracking device everyone carries. Likewise some spree killers have been tracked down by geofencing phones known to be around all crime scenes and zeroing in on the one that shows up at all/most of them.
> Despite all the technology in the world the majority of police work is still plain old-fashioned knocking on doors and making phone calls. People will always voluntarily give up all the information in the world to be seen as good citizens. In your friend's case I'm willing to bet that they asked the sister for the names of his close friends and acquaintances and yours matched up.
Sure, but that doesn't pass the smell test in this situation:
1. That's a lot of work, which would take a lot of time to do. For instance, does the sister know the OP's number. His full name? His first name? Are they going do all the work to piece together fragmentary information for a wellness check?
2. The technology exists and is widely deployed for the police to straightforwardly take a quick shortcut around all that work.
Pursuant to 5 U.S.C § 2703(c), a provider “may divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by subsection (a)(1) or (a)(2)”…“to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of information relating to the emergency.”
The police can access all call logs; if they found your number among his last calls, starting from your house would have been among the first things to do in normal investigation.
Not really, best in class network probes will regularly give you positions that are wrong by a few km, you need quite a bit of cleaning to reconstruct accurate paths.
That's why something like MDT was added to 3GPP standards and emergency calls trigger a hard GPS fix.
They could at least have the decency to just secretly do it and then pretend like they aren't, like our government does. This is why physical switches and removable batteries are the only way forward.
> This is why physical switches and removable batteries are the only way forward.
You'd gain nothing. What are you going to do, remove the battery for a couple hours per day?
And then if there's any crime, the police is going to immediately suspect anyone who had the battery removed from their cell phone at the time, which they can trivially detect.
they have no doubt been doing it, they're just using the panic of a brainwashed population thinking they're on the brink of Islamic revolution to normalize it
I feel it's significantly better to know that someone is doing the spying and all that. Why should they hide that they can spy on whoever they choose? When they don't make clear what happens, we end up in a position where everyone's uncertain. And, as history has shown, it makes things significantly more difficult.
Meh, phones with removable batteries are still being made. Samsung's Galaxy Cover line has plenty of phones with removable batteries. Some even feature the much feared IP68.
I regret getting a pixel, and not a fairphone with a removable battery
With the current level of oversight on the police (police of police is a meme by now), and the level of cybersecurity at the government, everyone's phones will be activated within a few months.
At least some government agent will have fun watching what ppl visit on the internet during their spare time, and can enable the camera to watch what they're doing when they review the content.
The fight against crime is ramping up !
I don't get why they don't hire back more detectives and accountants to really investigate actual evidence, instead of just listening to potential criminals for hours.
They have been reducing the force for 15 years (especially the forces that investigated financial and workplace crimes)
Who knows if Framework[0] survive long enough, they might create a phone with choices like GrapheneOS[1] etc. Their 16" laptop reminds me of Project Ara[2].
A Pixel phone probably gives you the best chance of resisting this sort of attack. The most vulnerable phones are the older, cheaper phones that run outdated versions of Android. Pixel phones are generally the first to get security updates, and so the quickest to get patches when spyware companies start using new bugs.
Wouldn't a Pixel phone be vulnerable to USA giving Google a 'national security letter' saying to make your phone remotely accessible with a personalised update, say? Google seem like they could - and if paid, would - readily do that whilst other companies could hide behind lack of resources or whatever.
I just assumed that USA three letter agencies paid larger companies upfront to implement back doors; seems to fit with past form. Why would they not do that. Indeed it always struck me the debacle with Huawei where USA government smeared then to prevent their equipment being used in UK was so that USA-manufactured equipment with USA-controlled backdoors would be implemented instead ... it might only have been financial protectionism but it just seemed too big a protest.
Nexus/Pixel devices literally come out of the box with Verizon background crapware installed that you cannot disable or remove even if you're not a Verizon customer.
There's always the faraday bag or simply not taking it to your meeting/activity that have been the recommended options for opsec even when phones had removable batteries.
Regarding the Faraday bag, as I mentioned in another comment, that is not useful because the phone could be recording your audio anyway and then just transmit it later when you take it out of the bag. What you'd really want is some kind of soundproof box, but I'm not sure if an effective one exists because microphones can be sensitive and audio recordings can be amplified.
Faraday bags are not effective against all frequencies. Specifically the 5G frequencies are known to be very difficult to block with a cage ( but do have relatively short ranges)
They're already allowed to shoot you if you don't stop your car, all in the name fo fighting terrorism, so I'm not surprised they can snnop at your camera and microphone.
I'm quite sure this is linked to the recent protests.
Je suis Charlie > je suis la gendarmerie > l'etat, c'est moi. Back to 1655 in three easy steps.
I am confused. Are they mandating a backdoor, or is there already a backdoor, or are they allowing the police to exploit zero days? If it is the latter, it is sad that the authorities assume weak security as a given.
They may have access to backdoors in the baseband firmwares.
The baseband is an opaque binary blob that operates outside of the phone's main OS, and its contents are usually considered a trade secret by the manufacturer since it handles low-level hardware interactions with the main radios/etc.
Personally, I would be surprised if those systems weren't compromised by agreement. It's already common to see criminals and dissidents get busted because they think that turning a phone off stops it from reporting location data.
> It's already common to see criminals and dissidents get busted because they think that turning a phone off stops it from reporting location data.
That’s an incredible claim to make with no source. It seems unreasonable to suspect Apple and google would allow some chips they don’t access to battery even when powered off.
Do the cameras/microphones need to be controlled by the baseband? Naively they seem like they should be at a slightly higher level than the main radios, and should be controlled exclusively by the OS. I'm guessing from your comment there's some reason that's not the case though?
They are already doing via exploits, or via carrier injection, but this might have been illegal given the various anti-hacking laws around. So the legislature is granting explicit permission for the police to do this.
Governments regularly have a steady flow of zero days to use, but once it's used it's "burned" so it's not something they throw around willy nilly. I would guess they are going to force manufacturers to play ball, and I would gues that the manufacturers will.
> But lawmakers agreed to the bill late Wednesday as Justice Minister Eric Dupond-Moretti insisted the bill would affect only “dozens of cases a year.”
Technically he is not lying or naive, because any number, including large numbers like 66 million, can be expressed in units of dozens.
Yeah dozens my ass, another round of massive anti-government protests or Paris streets on fire, or some terrorist attack and they will not be very selective about this because "security". We know how messed up people with such powers are, it doesn't matter which country, for them 1984 is not some bad utopia but just first step in such direction
it most likely really will only be a small number of cases
BUT that doesn't matter
it being abused against just one or two times in very important contexts (political, human right activists, etc.) can already be a major negative impact
for laws like that the "it's just a few" argument was always worthless even if true
I dunno, I think the number will increase above dozens. They certainly won't start out doing dozens a year, then pare it down to one or two, and eventually realize the don't even really need it. More likely, the number of uses per year will creep up, until eventually it's not as controversial as it used to be, at which point it'll jump dramatically. As a comparison, in the U.S., no-knock warrants were controversial when they were first implemented, and they were stated as being only for very special circumstances—ya know, terrorists and such—and now they happen about 70,000 times a year, mostly for dangerous activities like marijuana possession or distribution. The ratchet only goes one way, which is why it's dangerous to grant the premise of "we'll only use this in exigent circumstances, we pinky swear".
Linguistically dozens of cases is vague less then 200 and definitively less then 1000, because then it would be hundreds of cases.
Through there is no legal requirement for the statement to be true in any form or way. Even if they would have explicitly said less then 50 cases, it's not a constraint in the law, so it's meaningless.
Through see my other comment for why even if that statement is fully true in a linguistic sense it still is very bad.
>"[Though] there is no legal requirement for the statement to be true [...]"
This is a major flaw in Western democracies. A person acting for the government, making a statement that the public would see as official, should be bound by law to tell the truth; or at least not lie nor commit deception.
People like UK ex-PM Johnson are effectively committing treasonous fraud, by lying to the public, and getting off scot-free.
what tech does this even use? Do they mean using Pegasus or similar malware that the govt has to first get onto the suspect's devices, or is this via Google/Apple or the device manufacturers that makes 'remotely and secretly activating a microphone' even possible?
This bill AFIK only covers the "they are allowed to do it" part but not the "how do they gain the capability to do it" part.
But spyware which can do so exists in endless amounts, including from companies focused on selling it to governments.
Hence also why in recent years physical microphone switches, or e.g. stuff like (I think it was) Apple laptops "physically" disconnecting the microphone/camera if you close the lid have been become increasingly more common and in demand. (Through the demand comes more from bad actors using it then from people being afraid the government spies on them AFIK, but technically there is 100% no difference)
Also, I recall that the green light on the apple camera is controlled by the camera's firmware, making it more difficult to turn on without the light come on. (You'd need to overwrite the camera firmware.)
> The bill allows the geolocation of crime suspects, covering other devices like laptops, cars and connected devices, just as it could be remotely activated to record sound and images of people suspected of terror offences, as well as delinquency and organised crime.
For the very strange who accept driving the new "smartphones with wheels".
Including, note, the cars with the embedded telephone as mandated by the european union past 2018 - the e-call systems. Some articles went "there could be privacy issues, but it is a remote eventuality": now you see that someone could push as normal an eavesdropper in your car.
My memory may be failing me or confusing things so please correct me, but I seem to recall reading somewhere that the baseband lives segregated (with only a narrow communication cannel, kinda as if it were a remote machine) from the remainder of the hardware, so while it could be made to run stuff itself it has no way to physically access to main cpu, ram, mic, nor cams (barring, of course, any vulnerability on the comm channel that would land an exploit in the main OS+hardware).
GPS is another matter, but then again it's baseband so it gotta communicates with towers, so that's a done deal already that does not even require baseband access.
"...the cellular carrier can send blobs of FORTH code right to the radio. The radio firmware also seems to have an IP stack (with TCP) so it can do its own interesting things (both bad and good)..." https://boston.conman.org/2013/01/22.2
"...easily spotted loads and loads of bugs, scattered all over the place, each and every one of which could lead to exploits – crashing the device, and even allowing the attacker to remotely execute code. Remember: all over the air. One of the exploits he found required nothing more but a 73 byte message to get remote code execution. Over the air..."
"... It’s kind of a sobering thought that mobile communications, the cornerstone of the modern world in both developed and developing regions, pivots around software that is of dubious quality, poorly understood, entirely proprietary, and wholly insecure by design." https://www.osnews.com/story/27416/the-second-operating-syst... (archive: https://archive.is/FOR5V)
It's insecure by design because the NSA has for decades purposefully degraded the security of everything they can get their hands on to make it easier for them and law enforcement to spy on.
They don't want you listening in on John Q. Senator's phone calls, but they sure do...
part of it is already being done: judges in France just ask companies like FAANG
for location data, including live location.
E2E encryption is the only way for companies to be able to refuse (and this is why there’s been a strong governmental push against it).
The scary new part is the turning on the camera/mic.
"They want EU rules on the use of spyware by law enforcement, which should only be authorised in exceptional cases for a pre-defined purpose and a limited time."
> what tech does this even use? Do they mean using Pegasus or similar malware that the govt has to first get onto the suspect's devices, or is this via Google/Apple or the device manufacturers that makes 'remotely and secretly activating a microphone' even possible?
It would have to be after compromise, which would mean its likely only used on a very small number of cases due to the sensitivity and cost of the technology involved.
This bill could be step one. Step two could be a requirement for SW/HW manufacturers to add a backdoor since this is not really effective to fight crime this way. I'm not saying it is planned or there's some conspiracy for establishing a totalitarian state.
But we can't really predict the future and more loose rules could be introduced by the next government with a totally different agenda who might thank for the previous one for creating this legal framework.
Also, this section is weird too:
> They said sensitive professions, including doctors, journalists, lawyers, judges and MPs, would not be legitimate targets.
Apparently software engineering is not a sensitive job.
Can we get the European Union to mandate physical toggles and shutters for mic and camera, now that they're also pushing for user-replaceable batteries?
Are you talking about the European Union that wants to permanently dismantle end to end encryption and full access to any and all texts sent between any number parties?
Readit News
His sister called in a welfare check on him and suddenly I have three cops knocking at my front door. They ask for him by name, say he isn’t in trouble. I go get him; he asks “how did you know where I was?” and the cops say “we pinged your phone”. What that entails exactly I have no clue.
Later I pulled up the video of them arriving on my cameras, they didn’t approach any of my neighbors houses first. It was just right to my front door like they knew exactly where he was. Kinda spooky.
The cell phone infrastructure knows where your phone is. It has to in order for it to operate. The police routinely ask cell phone companies for locations of cell phones. Many (most?) not only won't require a warrant, but provide an official portal the police can use to conduct their queries without having to get a phone company employee to do it.
https://attack.mitre.org/techniques/T1430/002/
Our crook friends in Israel sell this as a service
https://privacyinternational.org/examples/3429/nso-group-off...
Remark that GPS doesn't need to be turned on. Google mapped all Wifi's and so can locate you without GPS.
This is how many criminals now get caught while on the run. It isn't magic police work but rather the personal tracking device everyone carries. Likewise some spree killers have been tracked down by geofencing phones known to be around all crime scenes and zeroing in on the one that shows up at all/most of them.
Sure, but that doesn't pass the smell test in this situation:
1. That's a lot of work, which would take a lot of time to do. For instance, does the sister know the OP's number. His full name? His first name? Are they going do all the work to piece together fragmentary information for a wellness check?
2. The technology exists and is widely deployed for the police to straightforwardly take a quick shortcut around all that work.
And most importantly:
3. The police said they took that shortcut.
Pursuant to 5 U.S.C § 2703(c), a provider “may divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by subsection (a)(1) or (a)(2)”…“to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of information relating to the emergency.”
Looking at call logs may require less.
That's why something like MDT was added to 3GPP standards and emergency calls trigger a hard GPS fix.
You'd gain nothing. What are you going to do, remove the battery for a couple hours per day?
And then if there's any crime, the police is going to immediately suspect anyone who had the battery removed from their cell phone at the time, which they can trivially detect.
1. Most native English speakers are in the US, so the accidental assumption that someone is American is more often than not correct.
2. The internal voice that reads text to me has a generic male American accent.
I feel it's significantly better to know that someone is doing the spying and all that. Why should they hide that they can spy on whoever they choose? When they don't make clear what happens, we end up in a position where everyone's uncertain. And, as history has shown, it makes things significantly more difficult.
There's no decency in that.
Probably that's why the batteries are not removable in the phones...
https://www.europarl.europa.eu/news/en/press-room/20230609IP...
With the current level of oversight on the police (police of police is a meme by now), and the level of cybersecurity at the government, everyone's phones will be activated within a few months.
At least some government agent will have fun watching what ppl visit on the internet during their spare time, and can enable the camera to watch what they're doing when they review the content.
The fight against crime is ramping up !
I don't get why they don't hire back more detectives and accountants to really investigate actual evidence, instead of just listening to potential criminals for hours. They have been reducing the force for 15 years (especially the forces that investigated financial and workplace crimes)
That would be more effective.
[0]: https://frame.work/
[1]: https://grapheneos.org/
[2]: https://en.wikipedia.org/wiki/Project_Ara
I just assumed that USA three letter agencies paid larger companies upfront to implement back doors; seems to fit with past form. Why would they not do that. Indeed it always struck me the debacle with Huawei where USA government smeared then to prevent their equipment being used in UK was so that USA-manufactured equipment with USA-controlled backdoors would be implemented instead ... it might only have been financial protectionism but it just seemed too big a protest.
/tinfoilwrappedforfreshness
Google long sold out, friend.
They will eventually just be heavily armored SWAT teams that just go to whatever house the AI flagged and arrest everybody.
I'm quite sure this is linked to the recent protests.
Je suis Charlie > je suis la gendarmerie > l'etat, c'est moi. Back to 1655 in three easy steps.
https://calyxos.org/
The baseband is an opaque binary blob that operates outside of the phone's main OS, and its contents are usually considered a trade secret by the manufacturer since it handles low-level hardware interactions with the main radios/etc.
Personally, I would be surprised if those systems weren't compromised by agreement. It's already common to see criminals and dissidents get busted because they think that turning a phone off stops it from reporting location data.
That’s an incredible claim to make with no source. It seems unreasonable to suspect Apple and google would allow some chips they don’t access to battery even when powered off.
Deleted Comment
Technically he is not lying or naive, because any number, including large numbers like 66 million, can be expressed in units of dozens.
I find it funny that "dizaines" (tens) got translated to "dozens" (which would be "douzaines", but is rarely used except for eggs).
In this context they're largely interchangeable, but "tens" is much more clunky and probably a worse translation.
BUT that doesn't matter
it being abused against just one or two times in very important contexts (political, human right activists, etc.) can already be a major negative impact
for laws like that the "it's just a few" argument was always worthless even if true
Through there is no legal requirement for the statement to be true in any form or way. Even if they would have explicitly said less then 50 cases, it's not a constraint in the law, so it's meaningless.
Through see my other comment for why even if that statement is fully true in a linguistic sense it still is very bad.
This is a major flaw in Western democracies. A person acting for the government, making a statement that the public would see as official, should be bound by law to tell the truth; or at least not lie nor commit deception.
People like UK ex-PM Johnson are effectively committing treasonous fraud, by lying to the public, and getting off scot-free.
But spyware which can do so exists in endless amounts, including from companies focused on selling it to governments.
Hence also why in recent years physical microphone switches, or e.g. stuff like (I think it was) Apple laptops "physically" disconnecting the microphone/camera if you close the lid have been become increasingly more common and in demand. (Through the demand comes more from bad actors using it then from people being afraid the government spies on them AFIK, but technically there is 100% no difference)
Not just phones looks like.
For the very strange who accept driving the new "smartphones with wheels".
Including, note, the cars with the embedded telephone as mandated by the european union past 2018 - the e-call systems. Some articles went "there could be privacy issues, but it is a remote eventuality": now you see that someone could push as normal an eavesdropper in your car.
My memory may be failing me or confusing things so please correct me, but I seem to recall reading somewhere that the baseband lives segregated (with only a narrow communication cannel, kinda as if it were a remote machine) from the remainder of the hardware, so while it could be made to run stuff itself it has no way to physically access to main cpu, ram, mic, nor cams (barring, of course, any vulnerability on the comm channel that would land an exploit in the main OS+hardware).
GPS is another matter, but then again it's baseband so it gotta communicates with towers, so that's a done deal already that does not even require baseband access.
https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...
https://jon.oberheide.org/blog/2010/06/28/a-peek-inside-the-...
---------------------
Google Play Services spyware discussion
https://forum.xda-developers.com/t/guide-insanely-better-bat...
https://forum.xda-developers.com/t/app-disable-service-guide...
---------------------
"...the cellular carrier can send blobs of FORTH code right to the radio. The radio firmware also seems to have an IP stack (with TCP) so it can do its own interesting things (both bad and good)..." https://boston.conman.org/2013/01/22.2
"...easily spotted loads and loads of bugs, scattered all over the place, each and every one of which could lead to exploits – crashing the device, and even allowing the attacker to remotely execute code. Remember: all over the air. One of the exploits he found required nothing more but a 73 byte message to get remote code execution. Over the air..."
"... It’s kind of a sobering thought that mobile communications, the cornerstone of the modern world in both developed and developing regions, pivots around software that is of dubious quality, poorly understood, entirely proprietary, and wholly insecure by design." https://www.osnews.com/story/27416/the-second-operating-syst... (archive: https://archive.is/FOR5V)
https://news.ycombinator.com/item?id=6722539
https://news.ycombinator.com/item?id=6722732
https://news.ycombinator.com/item?id=6722648
https://news.ycombinator.com/item?id=6738066
https://news.ycombinator.com/item?id=6724034 <-- Seems to be higher risk with Qualcomm basebands where everything is integrated
-------------------
SIM card reader chips have their own operating system https://en.wikipedia.org/wiki/SIM_card#Design
Rooting SIM cards https://archive.is/3ZohQ
https://news.ycombinator.com/item?id=6722896
https://news.ycombinator.com/item?id=6724215
https://news.ycombinator.com/item?id=6723236
-------------------
They don't want you listening in on John Q. Senator's phone calls, but they sure do...
The scary new part is the turning on the camera/mic.
https://www.europarl.europa.eu/news/en/press-room/20230609IP...
"They want EU rules on the use of spyware by law enforcement, which should only be authorised in exceptional cases for a pre-defined purpose and a limited time."
It would have to be after compromise, which would mean its likely only used on a very small number of cases due to the sensitivity and cost of the technology involved.
But we can't really predict the future and more loose rules could be introduced by the next government with a totally different agenda who might thank for the previous one for creating this legal framework.
Also, this section is weird too:
> They said sensitive professions, including doctors, journalists, lawyers, judges and MPs, would not be legitimate targets.
Apparently software engineering is not a sensitive job.
Is it sensitive to compromise a phone, now that there is a national law allowing it, passed through a democratic process?
[0]: https://www.france24.com/en/europe/20230705-macron-s-call-to...
he thinks he's smarter than everyone, and he therefore feels justified ramming his policies down everyone's throats.
[1]: https://news.ycombinator.com/item?id=36615378