While the number of mobile devices is outclassing the number of desktop ones, the concern about the surveillance activities conducted by governments is growing as never before also thanks the Snowden revelations.
Mobile devices, often unprotected, manage a trove of data on the end users and are a powerful tool through which spy on us.
News of the day is that the NSA whistleblower Edward Snowden has designed an anti-surveillance device, called Introspection Engine, for iPhone devices with the support of the popular hacker Andrew “Bunnie” Huang.
The Introspection Engine, that is now planned for iPhone 6 models, would monitor radio components inside the smartphone to alert the user in case they are exploited to exfiltrate data when a user has put the device into airplane mode. The hardware is designed to be independent of a specific smartphone.
In the post published by the duo are described the risks related to the user even when the mobile device is in plane mode.
“Turning off radios by entering airplane mode is no defense; for example, on iPhones since iOS 8.2, GPS is active in airplane mode. Furthermore, airplane mode is a “soft switch”–the graphics on the screen have no essential correlation with the hardware state.” states the blog post. “Malware packages, peddled by hackers at a price accessible by private individuals, can activate radios without any indication from the user interface; trusting a phone that has been hacked to go into airplane mode is like trusting a drunk person to judge if they are sober enough to drive.This work aims to give journalists the tools to know when their smart phones are tracking or disclosing their location when the devices are supposed to be in airplane mode.”
The Introspection Engine is a mini-computer composed of open source modules, giving a look the images posted by Snowden and Bunnie, it is equipped with its own battery and a screen allows the user to see real-time the status of the mobile device.
The device will warn when a malicious code or technical glitch is causing the leakage of information like the user’s location. The Introspection Engine monitors the status of the radios for cellular, Bluetooth, GPS, and Wi-Fi functions.
The experts started the design of the Introspection Engine by the analysis of the repair manuals of the iPhone that includes blueprints for the phone’s layout.
The duo downplayed the risk of an attack based on the NFC due to the difficulty of the attack and the way to prevent it by separating the antenna from the main logic board.
“For NFC, we decided that the risk/reward of selectively enabling and monitoring Apple Pay is not worth it. In other words, we do not expect journalists operating in conflict zones to be relying on Apple Pay to get their work done. Therefore, to simplify the effort, we opt to fully disable Apple Pay by disconnecting the RF front end from its antenna.” added the duo.”Fortunately, the NFC’s antenna is connected to the main logic board via a single screw. By removing this screw and separating the antenna from the main logic board, we hope to substantially and selectively reduce the sensitivity of the NFC radio. Further testing is required to determine if this is sufficient to guard against attacks by adversaries using high-power amplifiers to query the Apple Pay NFC feature.”
The design was presented at the MIT Media Lab’s Forbidden Research event. Let’s hope the support by the Freedom of the Press Foundation will allow a large-scale production of the Introspection Engine as soon as possible.
(Security Affairs – Introspection Engine, Snowden)