I used to have a higher degree of confidence

February 7, 2021, 4:34 am
I used to have a higher degree of confidence
I used to have a higher degree of confidence that airplane mode would actually give you some degree of realtime location privacy. But there are problems: it doesnt cover GPS (GNSS), so apps on your phone (esp. Google) are keeping an eye on your location if you gave permission.

Threat model, I mean You dont want to be carrying around your smartwatch to track your daily workouts if youre worried that your location info could be used against you. But also, not having that info means it cant be used for pro-social purposes, like virus contact tracing.

GPS is strictly a one way communication. So if you turn on airplane mode no one can track you until you turn off airplane mode. Apps can do what they want. But they cant send it anyway in real time.

Infosec community is wiresharking wifi & SDR based cell for clues, but evil lies in out of specifications. And truly, there is not much we can do about it. Except not use cellular tech in COMSEC equipment. App`s & user controlled UI switch are just for look. dogma

learned about this when i worked on an M-PESA integration - installs directly to the SIM

Entirely justified paranoia: the aircraft band is literally right above the FM broadcast band, and navaids like VOR and ILS are in the bottom of the airband. 112.8 10.7 = 102.1

my understanding is it could be done from the SIM card and circumvent the OS (including accessing the radio) - is that no longer true?

@je_au The airlines used to forbid you from using AM/FM radios in flight, but I think that was mostly paranoia that interference from the intermediate frequency carrier waves used in the superheterodyne circuit might leak and interfere with navigation equipment. Airplane mode is transmitters off, not receivers, so its still fair game for WiFi radios to scan for BSSIDs that provide location

Interestingly, Airplane Mode NOT turning off GPS in iOS was done at the request of pilots! Many private pilots wanted to be able to use the GPS on their devices while flying, and you can`t legally have a phone using the cellular network when in a plane.

Agreed. Anyone ever makes a phone without Intel / AMD back-door chips and with a physical switch that cuts off all power to all radios and gps, I will buy all of them.

I just finished my Android project. I`ll get on this tomorrow.

Simple solution: wrap the phone in cotton, then 3 layers of heavy duty tin foil to create a faraday cage. of the Android phones have the modem and app processor combined on one chip, usually made by Qualcomm. But Apple designs their own SoC that has everything except the modem stuff, running that from a separate chip. I know theyd prefer to put it all on one Apple-designed chip.

Im pretty sure one of the reasons Apple is motivated to design their own baseband and modem stack for future phones and laptops is that they dont trust the existing ones to be as secure as they would like. (The other reason is not wanting to pay for separate modem chips.)

If you can exploit the modem firmware on the baseband processor side, then you can do all sorts of evil things with smartphones without Apple or Google or anyone just looking at the application processor side would even be aware was happening. And Ive only worked on the AP side.

Ive always been slightly skeptical of Ed Snowdens claim that the NSA has ways to turn any smartphone into a microphone, or be used to spy on you when turned off, and I still dont think theres some generic backdoor or exploit to do so. But there are ways to implant malware.

So all of the location information that was captured while you were in airplane mode could be used against you later. Also, todays phones sometimes silently turn on other radios, like Bluetooth (classic or LE), for various reasons. Your phone could have malware on it, too.

Sponsored links