I’m confused. How would this not defeat a stingray? They would know your phone is there. But they wouldn’t see who you’re talking to, they wouldn’t hear your phone call, they wouldn’t see your encrypted messages. They wouldn’t see the traffic on your phone. What’s left?
Your IMEI, your carrier IP, your packet timing, any DNS your phone leaks, the IP of your VPN endpoint, your transmitter chipset, your likely OS kernel, any unreleased zero-days known to them (and maybe an exploit for them), and also a way to ack TCP packets it never intends to forward in order to sever your connection while letting your device keep taking for as long as possible, which might buy them a little extra time before you realize they’ve captured your session and cut you off.
Everything you said is true, but that is a reduced surface area versus the scenario where you’re sending your traffic naked over the wire. Including your voice traffic. Using a VPN while attached to a stingray is strictly a smaller risk surface.
AProfessional@lemmy.world
on 16 Sep 2023 08:19
collapse
Even that isn’t enough. The wireless modules of normal phones have direct access to system memory and, by law, have proprietary firmware. Some exploits have been found over the years. This needs to be isolated to avoid backdoors/bugs.
jet@hackertalks.com
on 16 Sep 2023 10:15
nextcollapse
By law? Which law?
narc0tic_bird@lemm.ee
on 16 Sep 2023 10:46
collapse
Not saying you’re wrong, but I’d love to read the sources to your claims.
elderflower@lemmy.world
on 16 Sep 2023 17:17
collapse
Yes, the baseband is isolated on all of the officially supported devices. Memory access is partitioned by the IOMMU and limited to internal memory and memory shared by the driver implementations…Earlier generation devices we used to support prior to Pixels had Wi-Fi + Bluetooth implemented on a separate SoC. This was not properly contained by the stock OS and we put substantial work into addressing that problem.
Baseband modems were not isolated from kernel memory in stock Android, GrapheneOS had to do it themselves using the IOMMU. We do not know for sure due to the proprietary/closed-source nature of baseband modem drivers, but we have no reason to assume any OEM (Samsung, Xiaomi etc) implemented proper isolation of baseband modem and system memory.
narc0tic_bird@lemm.ee
on 17 Sep 2023 07:59
collapse
That’d be a huge oversight on their part. Thanks for the clarification.
alphapuggle@programming.dev
on 16 Sep 2023 14:16
nextcollapse
Disable 2g by default
???
Profit?
I’m not sure what’s so hard about this, I get that 2g goes further for emergencies but it’s basically useless for anything else, have it be enabled if needed (and communicate that with users when first disabling it)
Google Apple and Samsung are all working on / have satellite SOS, which should replace the long term need here
flyoverstate@kbin.social
on 16 Sep 2023 16:11
collapse
No it wont be enough because anything being done by the tech giants is probably at least 5 years behind what the FBI/NSA/CIA/DHS has in their toolbox
threaded - newest
Never going to be enough, use a VPN, and only use end to end encryption for calls…
Or use a VOIP service like google voice for the calls, at least force your monitors to get a warrant to google, make them do some leg work
None of these will fight a stingray
.
They don’t care about the data. They want the metadata. That’s the whole point of these things
I’m confused. How would this not defeat a stingray? They would know your phone is there. But they wouldn’t see who you’re talking to, they wouldn’t hear your phone call, they wouldn’t see your encrypted messages. They wouldn’t see the traffic on your phone. What’s left?
Your IMEI, your carrier IP, your packet timing, any DNS your phone leaks, the IP of your VPN endpoint, your transmitter chipset, your likely OS kernel, any unreleased zero-days known to them (and maybe an exploit for them), and also a way to ack TCP packets it never intends to forward in order to sever your connection while letting your device keep taking for as long as possible, which might buy them a little extra time before you realize they’ve captured your session and cut you off.
Everything you said is true, but that is a reduced surface area versus the scenario where you’re sending your traffic naked over the wire. Including your voice traffic. Using a VPN while attached to a stingray is strictly a smaller risk surface.
Even that isn’t enough. The wireless modules of normal phones have direct access to system memory and, by law, have proprietary firmware. Some exploits have been found over the years. This needs to be isolated to avoid backdoors/bugs.
By law? Which law?
Not saying you’re wrong, but I’d love to read the sources to your claims.
Example: grapheneos.org/faq#baseband-isolation
Baseband modems were not isolated from kernel memory in stock Android, GrapheneOS had to do it themselves using the IOMMU. We do not know for sure due to the proprietary/closed-source nature of baseband modem drivers, but we have no reason to assume any OEM (Samsung, Xiaomi etc) implemented proper isolation of baseband modem and system memory.
That’d be a huge oversight on their part. Thanks for the clarification.
Disable 2g by default ??? Profit?
I’m not sure what’s so hard about this, I get that 2g goes further for emergencies but it’s basically useless for anything else, have it be enabled if needed (and communicate that with users when first disabling it)
Google Apple and Samsung are all working on / have satellite SOS, which should replace the long term need here
No it wont be enough because anything being done by the tech giants is probably at least 5 years behind what the FBI/NSA/CIA/DHS has in their toolbox