[ art / civ / cult / cyb / diy / drg / feels / layer / lit / λ / q / r / sci / sec / tech / w / zzz ] archive provided by lainchan.jp

lainchan archive - /sec/ - 3941



File: 1485857419710.png (123.18 KB, 300x200, cooked_the_goose.jpeg)

No.3941

Just a friendly reminder your devices are listening.

While anything with a mic can potentially be hacked, its known that cell phones are mandated to have surveillance capabilities. This can bypass the OS, as the cell modems have direct memory access, and its mandated that LE has a backdoor they can use to spy on people, even if the phone is off. A battery disconnect will kill the mic.

Just reminder to treat all microphones plugged into a power source as live, unless known otherwise.

Simple countermeasures:

1. make a fairday cage. Get a box that can fit your electronics. Get some radio reflective paint. Get a box. Paint the box inside and out. Connect your phone to cell tower, blue tooth and wifi, put the phone in the box, ensure the connections die.

PROTIP: STOCK microwave ovens do not work. It should work if you spray the inside of a microwave oven. untested though.

http://www.all-spec.com/Catalog/Paints-Coatings/Coatings/Conductive-Coatings/841-340G-33018?gclid=CMG7neuQ7NECFYWCswodkfINrw

2. Step two - get a white noise generator. You can get these things at bed bath and beyond as well as target as well as the internet. They use these in doctors office to prevent people overhearing sensitive communications.

Put devices in painted box next to white noise generator.

Double pro-tip: remember security culture. If you use it like contraband, it is contraband. The entire point is to look non suspicious. If anyone asks about the items, you need plausible stories about what you are doing with them.

White noise generator is to help you sleep. They are sold as sleep aids. the RF paint is for your radio project.

Triple pro-tip: bug detectors should find people's cell phones and anything else that needs to go in the box for the conversation. Any electronics that has a wireless data interface of any kind needs to go in the box.

  No.3943

File: 1485864700789.png (146.98 KB, 200x150, reedswitch.png)

>>3941
How are you to receive calls?

I have been pondering this issue for some time. I feel the best way forwards is to open the phone unsolder the mic and insert a HW kill switch inline with the mic - size and locating of switch being the main issue. I don't think it is beyond to unsolder the mic from a phone MB - maybe just take it out all together and only use the phone with headset mic only?

Maybe see pic attached for possibly a better solution? (space allowing)

For camera I find bluetak works very well to block image - plus it keeps water and dust out, also cleans the lens, and stays in place very well... this also works for the facing camera - although because mine is not recessed I use a very thin smear of bluetak over the glass - it stays in place for about 4 weeks then needs replacing/resetting.

  No.3944

Unless they can find a way around the fact I remove the battery from my phone unless I need it, I have little to worry about. All the more reason to stop buying phones with battery packs that you cannot remove yourself. I charge it inside an aluminum foil lined wallet since it is small enough.

Oddly none of my current computers have microphones or cameras. I have taken them apart to be sure as well, since you never know for sure. If I am not using headphones they are unplugged.

>>3943
I would just cut the mic and speaker entirely (even a speaker can be used as a microphone) and use a wired (bluetooth is not secure) headset.

Personally I do not use my phone to communicate vocally so mine already has the mic and speakers disabled. I use black electrical tape to cover the camera, although I have considered simply poking it out entirely due to rarely needing it. I have ordinary ear buds If i wish to listen to music with it.

  No.3971

how can i tell where the microphone is located on my smartphone and laptop? do they always look the same? is it as simple as cutting a wire?

  No.3972

>>3943

You don't. The goal is having a "secure conversation". I should have mentioned this.

You summon everyone to a physical location, collect all electronic devices that have both

1. data interface
2. microphone, camera, etc...

Put them in box. Place the white noise generator near the box and turn it on.

Have conversation.

  No.3978

Are there alternatives to paint? Could I line a pouch with some sort of mesh? I read a DIY that said conductive fabric was all you needed for a faraday phone pouch.

  No.3981


  No.3984

>>3972
if you want to be cheap about it, you can just shove them in a drawer full of clothes and have the conversation in another room.

  No.3985


  No.3988

>Just a friendly reminder your devices are listening.
First i need talking instead typing.

  No.4276

That's why I never do anything stupid. I'm trying to take my knowledge into the professional field. But again, it kinda feels betrayed and freedoms ripped, but what can you do. Sometimes it's better to think what will happen in your next step than do something stupid.

  No.4923

File: 1490405053000.png (343.75 KB, 200x100, computers.png)

https://arstechnica.com/tech-policy/2017/03/senate-votes-to-let-isps-sell-your-web-browsing-history-to-advertisers/

https://www.macobserver.com/tmo/article/fbis-tor-vpn-targeted-warrants-amount-to-court-sanctioned-surveillance

if you are in the united states, what are your thoughts about the current changes to the cyberlandscape? are you doing anything becasue of this? (i.e. building community wide mesh nets etc.) where do you think this will go in the future?

  No.4924

>>4923
In regards to current cyber-landscape.. We've really gotta get our act together. It's clearly a war that is being waged against us and the little power we have isn't being used in our favor. There needs to be more community organized, spreading of information, teaching without pretentiousness, etc.. We need to inform and raise awareness of the existence of alternatives.

  No.4926

>>4923
wouldnt a community wide meshnet require directional antennas pointed directly at another node?

  No.4928

Its actually always a good idea to treat any microphones or cameras your around as live. That's just a good way to make sure that you don't get nailed by your own equipment. Should also make sure to keep the idea of cameras in mind when your in public spaces.

  No.4931

“We must be as stealthy as rats in the wainscoting of their society. It was easier in the old days, of course, and society had more rats when the rules were looser, just as old wooden buildings have more rats than concrete buildings. But there are rats in the building now as well. Now that society is all ferrocrete and stainless steel there are fewer gaps in the joints. It takes a very smart rat indeed to find these openings. Only a stainless steel rat can be at home in this environment...”
― Harry Harrison, The Stainless Steel Rat

  No.4932

headphones and speakers also work as microphones. You can do this yourself without even changing your ports in some drivers, intel will be able to just use the speakers. There is no escape from this kind of eavesdropping mic plugged in or not.

  No.4934

File: 1490449570188.png (149.52 KB, 200x125, cams.png)

My solution has been to use a 3g enabled dumb phone with the camera covered and mic muffled with plumbers putty. >>3943's bluetak might work better, i just used plumbers putty because i had it. I'm hoping i can find a 4g enabled dumb phone soon. For smart phone type features, at the moment i just use an old droid 2 with cyanogen flashed, the camera and mic blocked, connected to a vpn over the dumb phone's wifi. I just make sure not to store any personal data on it or do anything potentially incriminating or controversial. I'm not sure most people would be satisfied with my system though, the droid being an old phone sort of limits what i'm comfortable doing on it. The extent of my smart phone usage is monitoring the status of a few machines, fact checking and a sort of universal pocket reference guide, so I figured a modded phone was "good enough" for the moment. I'm thinking about building a little mobile computer to use instead. Something like the one N-O-D-E recently made from the RPi Zero, except maybe with a C.H.I.P. instead of the RPi.

  No.4935

>>3972
or just
"hey, we're gonna have a secure conversation, don't bring electronics"

  No.4936

File: 1490531462599.png (7.06 KB, 200x200, EOytppl.jpg)

>>3941
*Faraday.
I feel like its far more pragmatic to kill my phone at the end of the day, or just not take it with me powered up, than it is to paint up a special autism box i have to explain to friends.

as for the white noise generators? a raspberry pi perhaps. every time i set foot in a Bed Bath and Beyond I can almost hear the child labor.
http://karl.kranich.org/2012/12/10/raspberry-pi-white-noise-generator/

>>4935
This. let it be known youre talking about sensitive information before people show up with their facebook approved listening device.

another tip: Near a television? subaudibles are programmed into virtually every commercial to trigger a corresponding app on your phone. your ESPN app now knows when, where, and for how long you watched the clippers game and if you watched all the commercials or not.

  No.4974

>>4936
>another tip: Near a television? subaudibles are programmed into virtually every commercial to trigger a corresponding app on your phone. your ESPN app now knows when, where, and for how long you watched the clippers game and if you watched all the commercials or not.
Do you have a source on this?

  No.4975


  No.4986

>>4975
Ah, damn. I had no idea this was going on back in 2014. I'm kind of glad to have a flip-phone still.

Also, wouldn't it be simple to tell what sites and TV commercials use this kind of technology? Making or buying some kind of ultrasonic receiver would be the easiest way I'd think.

Lastly, here's an archive link: http://archive.is/leOwj

  No.4988

>>4986

One would need to compensate for incidental noise produced by many common household machines. A lot of them aren't silent in the higher frequencies. Those HF fingerprints might also have a rather tight bandwidth that'd make finding them more annoying.

  No.4990

>>4988
It's never as simple as it seems, is it? I think it'd be interesting to look into, at least.