
Edward Snowden interview: 'Smartphones can be taken over' - mhandley
http://www.bbc.co.uk/news/uk-34444233
======
junto
Everybody talks about the OS, buy nearly everyone forgets about the base band,
the hidden OS on every phone that you have almost no control over.

Whilst the media is worrying about Apple iCloud and phone encryption, GCHQ are
quietly delving into your base band and enjoying the smoke and mirrors.

To use analogy, we are worrying about the government looking under our
clothes, whilst in fact they are peeling back or skin and skulls and peering
into our humanity.

~~~
mike_hearn
People talk about it less these days because modern modem/baseband chips are
sandboxed. In older phones they had bus master access and could do whatever
they wanted, hence their frequent targeting by unlockers. But they didn't need
all that access and have since been locked down a fair bit. Also, Qualcomm at
least got more serious about security and started hardening their firmwares.

Also, intelligence agencies tend to be after stuff that the baseband doesn't
have any convenient access to, like photos and files on disk. Even though an
un-sandboxed baseband could theoretically access the hardware, it'd be doing
so in parallel with the real OS and that'd be super painful to implement.

Finally, why bother when the OS is such a bigger surface area? The IC's aren't
magic, even if they developed some impressive tricks under the cover of
secrecy. They attack systems in the same way as your average defcon presenter
does.

------
patrickaljord
Of course they can. Even the iPhone, Apple can easily push an invisible update
and install a bot on your phone if asked by the government. As long as you
don't control the backend and even the frontend, you're at the mercy of
whoever controls it (Apple in this case). That's why all the Apple talks on
privacy lately sounds like not much more than good marketing to me.

~~~
mtgx
Google can do that, too, through the "Play Services" framework, in case others
weren't aware of it. We know this because Google has already used these
"powers" to uninstall apps/malware from phones (non-Nexus).

~~~
shostack
Yeah--reading the Ars Technica review of Marshmallow terrified me with some of
the things they are doing there. Like the fact that users have more granular
control over permissions now, but internet is always on for apps no matter
what, there's a whole slew of permissions that aren't exposed through the
user-controllable permissions that are pretty bad, and there's new stuff in
there that allows screenshots to be sent from an app to Google for "searching
in the app." I try to read this stuff without a tinfoil hat, but they sure
don't make it easy.

~~~
biafra
What permission are you referring to, that allows apps to send screenshots to
Google?

~~~
shostack
Not sure it is actually a permission so much as a feature of Google Now.

Paragraph 2 of this page:
[http://arstechnica.com/gadgets/2015/10/android-6-0-marshmall...](http://arstechnica.com/gadgets/2015/10/android-6-0-marshmallow-
thoroughly-reviewed/3/)

------
rm_-rf_slash
None of this should be a surprise. We should expect that any device with
Internet access can be hacked by someone, regardless of their intentions. If
it isn't the NSA it's Chinese "patriot hackers" or Russian cyber-criminals
operating with the consent of their governments. Or many others. Instead of
seeing this security state as a binary, we should always consider two
questions:

1: How much do we value our privacy and security versus the needs of society
(in the case of backdoors and so on), and,

2: How much do we trust the people whose business is having the ability to
break into our phones? I don't like how invasive our security agencies are but
if they end up preventing major crimes or terrorist attacks I can't say what
they do is wrong.

At the end of the day, I want the people defending me to be more powerful than
the people attacking me, but I don't want my defenders to use their same tools
against me.

~~~
kaonashi
> I don't like how invasive our security agencies are but if they end up
> preventing major crimes or terrorist attacks I can't say what they do is
> wrong.

What if they're just using the information to further their own personal power
and fortune and forestall any potential rivals?

~~~
tripzilch
Depends.

If it's the Chinese or the Russians then it's bad. And you never hear about
_them_ being in the business of preventing major crimes or terrorist attacks.

If it's the NSA then it's either hype, speculations without any real evidence,
right up until there is, and then it's "not surprising".

------
cryoshon
"Describing the relationship between GCHQ and its US counterpart, he said:
"GCHQ is to all intents and purposes a subsidiary of the NSA.

"They [the NSA] provide technology, they provide tasking and direction as to
what they [GCHQ] should go after." "

This is the juciest part. This is the confirmation we've been suspecting for a
long time: CGHQ is the NSA, and all of their programs are shared. This means
that we can pin the worst abuses of GCHQ onto the NSA, and also confirm that
US citizens are directly targeted by even the most outrageously invasive
surveillance efforts-- there is no exempt population, proving the NSA's PR
lies once again.

~~~
rhino369
Snowden wasn't a liaison between CGHQ and the NSA. How would he know if it
were a subsidiary of the CGHQ. If it's from documents he took, then were is
the documents showing it?

I'm sure there is a lot of cross sharing of information, but to call it a
subsidiary is a bold claim.

Snowden was a database admin, not John Brennan.

~~~
cryoshon
I don't have the ultimate answer here, but why were the (highly classified,
some marked "no foreign national viewing") GCHQ slide decks on NSA servers?

I also assume that their slides reference each others programs frequently.
Maybe this is incorrect.

~~~
rhino369
They obviously work together very closely. I'm just objecting to the idea that
the UK spy agencies are just American outposts and that each agency is
responsible for the mistakes/crimes of the others.

Maybe they are really pushed around by the US, but I'd have to see more than
Snowden making unfounded statements about it. In the past, he's made some
illogical leaps based on some of the information he took. It's very easy to do
that when you expect the worst of someone/thing.

~~~
TazeTSchnitzel
> I'm just objecting to the idea that the UK spy agencies are just American
> outposts and that each agency is responsible for the mistakes/crimes of the
> others.

The UK agencies aren't US outposts and the US agencies aren't UK outposts.

They're all AUSCANNZUKUS/Five Eyes outposts.

------
verytrivial
My understanding may be dated, but I have often wondered if the battle for
privacy is a lost cause in the mobile phone space. Even with a ground-up open
platform for the phone and OS, current regulation requires blob of 'certified'
hardware and software between you and the antenna/network. Short of using my
phone to acoustically-couple a 2400baud cryto-stream (the call meta-data of
which still being snitched), I'm really not sure if privacy is possible.

~~~
webXL
Not total privacy since the network knows who's on both ends, or at least that
you're on one end, but as long as you can tunnel encrypted traffic over it via
a hotspot, I'm not sure how that could be cracked.

~~~
shostack
One way that I've been wondering about is all these new keyboards coming on
the market. Things like Swype, Swiftkey etc.

They have cloud storage for storing data to feed predictive algorithms, but it
essentially becomes a cloud-based keystroke logger.

So you may be sending encrypted traffic via hotspot, but your keyboard process
running in the background has the raw input data and is feeding that to a
server.

I'd love to read a more detailed writeup on the security of such apps, which
ones are trusted (ie. only using local encrypted storage, no phoning home),
etc.

------
mixmastamyk
I would be surprised if Apple has let a vulnerability of "send text message,
pwn phone" linger for very long. Article doesn't mention brands or versions,
but it is quite important to fully understand.

Or does this work at a lower level? I've heard the radio chips themselves are
untrustworthy, but how would they control the main OS on another chip?

~~~
endymi0n
Enter "the baseband". A dark, undocumented, hardly accessible, obfuscated
piece of code that has access to your microphone, GPS, battery management and
lots of other gimmicks.

[https://news.ycombinator.com/item?id=6722292](https://news.ycombinator.com/item?id=6722292)

If I were a three-letter-agency I knew where to hide dead bodies while
everyone was arguing over operating system security.

~~~
username223
That sure goes a long way toward showing how powerful Stingrays are, and why
Harris and the government really, _really_ don't want information about them
getting out. I got a chuckle out of this near the end of the article:

> Whenever someone does dive into baseband software, many bugs and issues are
> found, which raises the question just how long this rather dubious situation
> can continue.

Well, the baseband software was written in the 90s, the article was written in
2013, and I'll bet nothing has changed in the last two years.

~~~
shostack
Really have to wonder how many of these bugs and issues are "bugs" and
"issues."

------
shostack
What about 3rd party keyboards like those that have recently made their way to
iPhones and have been on Android for a while?

All of them (even Samsung's swype style keyboard) seem to have some sort of
cloud-based storage for your data so it can remain equally predictive across
your devices. Is there any good security research out there on how safe these
keyboards are and which ones are the worst offenders? Seems like it is
essentially a user-installed cloud-based keystroke logger ripe for abuse.

I love the functionality of some of them, but man do they terrify me.

------
wicket
I'm surprised HN readers don't already know this. It still astonishes me how
so many so called "tech savvy" users are content with surrendering their
privacy and freedoms to Google or Apple so that they can run the latest
"apps".

This is why I'm backing the Neo900[1]. It might be a bit pricey and low
spec'ed by today's market (a consequence of it catering for a niche market
meaning it won't be mass produced) but in my opinion that's a small price to
pay to actually own your phone (it's actually more akin to a mobile computer
than a phone).

[1] [http://neo900.org/](http://neo900.org/)

~~~
raverbashing
You're not accomplishing what you want to accomplish with this

> are content with surrendering their privacy and freedoms to Google or Apple
> so that they can run the latest "apps".

You have the choice of not running apps. Get a feature phone.

You can create a fake account on Google (or even better, get an Amazon fire
phone, or some Chinese one that is based only on stock Android). Or just
Ubuntu Phone/Cyanogen mod it

> it's actually more akin to a mobile computer than a phone

Based on the original N900 let me say it is going to be a _much worse_
experience than your Average android phone, especially running Debian and
having a resistive touchscreen.

And the phone company will still know your location

~~~
pessimizer
> Based on the original N900 let me say it is going to be a much worse
> experience than your Average android phone, especially running Debian and
> having a resistive touchscreen.

The N900s resistive touchscreen is more sensitive and accurate than any
capacitive touchscreen I've ever used. Also, unlike capacitive screens, you
can use it when your fingers are sweaty, wet, or gloved, and anything in arm's
reach can be a stylus, rather than having to wait for Apple to grant you one.

Using a capacitive screen after getting used to the N900s resistive one feels
like I'm navigating with my elbow. And that elbow had better be completely
dry, and not a pencil eraser.

I have no idea how Apple managed to force the meme that capacitive screens are
not shit compared to resistive ones. Maybe at some point there was a glut of
cheap Chinese tablets and phones with crappy resistive screens?

~~~
raverbashing
Maybe because of the n900s form factor resistive screens were better

I remember other Nokia phones with resistive screens and they were passable at
best, and not comparable with capacitive ones (at least most of them, I
remember seeing a Motorola phone with an awful capacitive screen)

You don't need to wait for Apple for a stylus, really

Swiping on a resistive screen is a frustration as well

~~~
pessimizer
> Swiping on a resistive screen is a frustration as well

Not on a ancient N900. I can't imagine that this is an area in which
technology flows backwards.

------
meapix
What strike me most is the amount of people around me who don't care about
this.

~~~
r00fus
Well, it's a sort of institutionalized resignation... I mean, if there's
nothing you can do about it, what should you be doing? Switching to a
blackphone? What if your organization doesn't support a truly secure option?

It's like hearing that Microsoft and the NSA had a backdoor 20 years ago - at
the time I didn't have an option for my work machine, so I just grunted and
went along.

------
DanBlake
"Nosey Smurf is the 'hot mic' tool. For example if it's in your pocket, [GCHQ]
can turn the microphone on and listen to everything that's going on around you
- even if your phone is switched off because they've got the other tools for
turning it on."

Are they implying that all/most smartphones still communicate with cell towers
when turned off? (obviously this isnt happening) - Or do they pwn the device
before hand to have it fake that its turning off while remaining on?

~~~
niutech
Well, it can happen: [http://www.tomsguide.com/us/nsa-remotely-turn-on-
phones,news...](http://www.tomsguide.com/us/nsa-remotely-turn-on-
phones,news-18854.html)

and
[http://www.osnews.com/story/27416/The_second_operating_syste...](http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone)

~~~
r00fus
Next up: Explosion of sales of Faraday cases for smartphones (and the
subsequent banning of sales through ITC and/or legislation).

Oh, who am I kidding.

~~~
mike_hearn
When Snowden met Greenwald+Poitras he apparently just used a fridge to store
the phones.

------
madez
I’m trying as good as I can to protect myself against such attacks. My android
smartphone is permanently in airplane mode and I don’t use a sim card. Do you
still see a security risk?

~~~
blazespin
I keep the battery out at all times, even when I'm using it. Just to be safe.

------
venomsnake
If a device is known it can be hacked. Anonymity is the key. Use roaming sim
card (it will require some cooperation of the remote operator, so kinda makes
it harder). What to do to mitigate - no sim card. If have to use sim card -
imei randomizer. Wifi mac address randomizer.

------
sigmar
It seems strange to me that the Snowden is only now mentioning the "text
message" attack vector, after everyone already knows about Stagefright. Is he
out of things to leak? or did he mention it before and go unnoticed?

~~~
sweden
The kind of attacks that he is referring are located at the lower levels of
the phone, at the SoC level, not at the operating system level.

It's something that neither Apple nor Google can control.

~~~
aaronbrethorst
Allow me to quote the first sentence from the Wikipedia article linked to
below:

    
    
        Apple Inc. has developed a range of
        "System on Chip" (SoC) as well as
        "System in Package" (SiP) to power
        their mobile consumer devices.
    

[https://en.wikipedia.org/wiki/Apple_system_on_a_chip](https://en.wikipedia.org/wiki/Apple_system_on_a_chip)

~~~
spacemanmatt
That's still only the processor that runs iOS. They don't make their own cell
processor.

~~~
sigmar
what? By "cell processor" do you mean radio hardware? Because that is indeed
contained within the SoC.

~~~
saurik
If you pull up a tear down of an iPhone 6 you will see the Qualcomm MDM9625M
is clearly an entirely separate chip from the Apple A8, and is halfway across
the circuit board.

------
daenz
> Mr Snowden said GCHQ could gain access to a handset by sending it an
> encrypted text message and use it for such things as taking pictures and
> listening in.

Are there hardware GCHQ keys in the phone for verifying the encrypted text? I
imagine there would have to be, otherwise anybody (with enough time and
research) could construct one of these messages to gain control of the phone.

~~~
noir_lord
> otherwise anybody (with enough time and research) could construct one of
> these messages to gain control of the phone.

Which is exactly one of the strongest arguments against building backdoors
into products, eventually you won't be the only one with the keys.

------
blazespin
The question I have is the issues around crashing a device via texts[1]. Was
that part of this scheme? Was it put in there on purpose?

1\. [http://www.techtimes.com/articles/55893/20150527/one-text-
me...](http://www.techtimes.com/articles/55893/20150527/one-text-message-
crash-iphone-heres-fix.htm)

~~~
rtkwe
That's doubtful, 'effective power' (incidentally that bit of the text was
completely arbitrary) was (seemingly) a hard crash caused by an error in the
text shortening for the banner notification pop down. Tom Scott has a good
speculation video on what might be going on that seems pretty sound.

[https://www.youtube.com/watch?v=hJLMSllzoLA](https://www.youtube.com/watch?v=hJLMSllzoLA)

------
nick_name
Looks like Vysk's QS1 is aiming to mitigate the baseband hacks -
[http://www.theguardian.com/technology/2014/jul/25/startup-
cl...](http://www.theguardian.com/technology/2014/jul/25/startup-claims-to-
have-built-an-un-hackable-phone-case-that-encrypts-your-calls)

------
btbuildem
HN regulars may well be aware of all these things, but it's good to see this
on the pages of the mass media.

------
cdnsteve
The all seeing eye...

------
tdaltonc
Top Comment Paraphrase: "I knew about this before it was cool."

When someone posts a new python/lua/lisp feature intro, no one says "I knew
that already!" or "No new info here!" But if it's about security or privacy,
the HN zeitgeist wants to denigrate it as "old news."

~~~
seiji
Nerds tend to operate in a sphere of "once I know something, nobody must ever
tell me again."

So, they know something and, just by feelings, assume everybody else knows it
too. They assume hearing repeated information wastes the time of _everybody._

The truth is, average people don't even pick up on ideas until the 5th or 8th
time they hear them.

Even the Snowden revelations weren't _revelations_ per se. We knew about
Carnivore before and about the AT&T splicing room and even in the 90s people
would half joke half serious comment about how the government watched all
online communications.

The Snowden documents just solidified the nerd fears. Plus, since the 90s, the
Internet grew so big and so popular that people just kinda gave up on the idea
that it could even be monitored or tapped en masse. The benefit of the Snowden
dump was showing it _is_ possible and it _is_ happening (instead of just being
conspiracy theories) and you can't do squat about it.

~~~
tdaltonc
I see the mechanism you're talking about, but as I said, this doesn't seem to
happen with technical information. For example, if some one writes an intro to
AsyncIO, there are basically never comments like "this should be obvious to
anyone who read the PEP," or "there's nothing here that you couldn't infer
from the source." It seems to be something about privacy/security stories.

I think that it stems more from a nihilist-chic then a borderline autistic
inability to understand that other minds contain other information.

~~~
seiji
_nihilist-chic_

Yeah, as this comment node pointed out, the whole " _I_ knew about it first"
force is in full effect here.

The other root cause here: when people have self-pride over the information
they are sharing as if it were new, but you knew the new information a long
time ago, and you just want to knock them down a few prideful rungs.

Or, just [https://xkcd.com/1053/](https://xkcd.com/1053/)

------
coldcode
As much as I admire Mr. Snowden for what he did, he is not an expert outside
of the documents he took with him. He isn't privy to anything happening now.
He didn't build anything or code anything. All he did was steal from some
idiots that should have known better how to secure information. This does not
make him omniscient.

~~~
brianpan
What are you arguing here? Is something he said incorrect? I don't think
anyone is claiming he is a deity.

------
jgrahamc
Old, old news: [http://www.theguardian.com/world/2014/jan/27/nsa-gchq-
smartp...](http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartphone-
app-angry-birds-personal-data)

~~~
epistasis
Yes, but it certainly bears repeating, until it is also widely known.

~~~
cheepin
Personally, I did not remember this capability until I saw this article, and
I've followed the whole deal a lot closer than my circle of friends. People
either don't know or don't care and don't know that they _should_ care.

In the presidential debates and primary campaigns, how many times did you see
someone say that this is a major issue? I can definitely point to presidential
hopefuls making the opposite point, however.

------
djyaz1200
Edward Snowden is not a hero IMO, anyone who cared to look knew for years the
government had vast surveillance powers. Is anyone else tired of seeing his
headlines? The guy seems to really want to be a celebrity? Does he deserve
that? I'm not trying to be rude, only suggesting we rethink our attention to
him.

~~~
bdamm
He's the one who provided the evidence. Without evidence you're just a
conspiracy theorist. (Note the theory part.)

And frankly he doesn't deserve the fame, and I don't particularly think he
wants it either. But the data he provided (illegally, at continuing risk to
himself) opened up a much-needed conversation.

~~~
vezzy-fnord
_He 's the one who provided the evidence._

The evidence was there for a while. Most people could not suspend their
disbelief long enough to take it seriously.

