Ed Snowden And Bunnie Huang Design Phone Case To Warn You If Your Phone Is Compromised

from the busy-day dept

Bunnie Huang is having quite a day — and it’s a day the US government perhaps isn’t too happy about. Huang has worked on a number of interesting projects over the years from hacking the Xbox over a dozen years ago to highlighting innovation happening without patents in China. This morning we wrote about him suing the US government over Section 1201 of the DMCA. And now he’s teamed up with Ed Snowden (you’ve heard of him) to design a device to warn you if your phone’s radios are broadcasting without your consent. Basically, they’re noting that your standard software based controls (i.e., turning on “airplane mode”) can be circumvented by, say, spies or hackers. But their tool is designed to actually determine if the radios are broadcasting for real:

The aim of that add-on, Huang and Snowden say, is to offer a constant check on whether your phone?s radios are transmitting. They say it?s an infinitely more trustworthy method of knowing your phone?s radios are off than ?airplane mode,? which people have shown can be hacked and spoofed. Snowden and Huang are hoping to offer strong privacy guarantees to smartphone owners who need to shield their phones from government-funded adversaries with advanced hacking and surveillance capabilities?particularly reporters trying to carry their devices into hostile foreign countries without constantly revealing their locations.

They’ve published a paper describing the product and it’s a good read.

Front-line journalists risk their lives to report from conflict regions. Casting a spotlight on atrocities, their updates can alter the tides of war and outcomes of elections. As a result, front-line journalists are high-value targets, and their enemies will spare no expense to silence them. In the past decade, hundreds of journalists have been captured, tortured and killed. These journalists have been reporting in conflict zones, such as Iraq and Syria, or in regions of political instability, such as the Philippines, Mexico, and Somalia.

Unfortunately, journalists can be betrayed by their own tools. Their smartphones, an essential tool for communicating with sources and the outside world?as well as for taking photos and authoring articles?are also the perfect tracking device. Legal barriers barring the access to unwitting phone transmissions are failing because of the precedent set by the US?s ?third-party doctrine,? which holds that metadata on such signals enjoys no legal protection. As a result, governments and powerful political institutions are gaining access to comprehensive records of phone emissions unwittingly broadcast by device owners. This leaves journalists, activists, and rights workers in a position of vulnerability. Reporter Marie Colvin?s 2012 death is a tragic reminder of how real this vulnerability can be. A lawsuit against the Syrian government filed in 2016 alleges she was deliberately targeted and killed by Syrian government artillery fire. The lawsuit describes how her location was discovered in part through the use of intercept devices that monitored satellite-dish and cellphone communications.

Of course, at this point, all that exists is the paper explaining how this will work. They haven’t yet built the actual system. But given Huang’s history of hardware hacking and his relationships in Shenzhen, it seems likely that he could get it made pretty quickly if there was demand.

Huang, who lives in Singapore but travels monthly to meet with hardware manufacturers in Shenzhen, says that the skills to create and install their hardware add-on are commonplace in mainland China?s thriving iPhone repair and modification markets. ?This is definitely something where, if you?re the New York Times and you want to have a pool of four or five of these iPhones and you have a few hundred extra dollars to spent on them, we could do that.? says Huang. ?The average [DIY enthusiast] in America would think this is pretty fucking crazy. The average guy who does iPhone modifications in China would see this and think it?s not a problem.?

Again, who knows if people will actually end up using this, but it’s still good to see solutions like this being explored and tested.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Ed Snowden And Bunnie Huang Design Phone Case To Warn You If Your Phone Is Compromised”

Subscribe: RSS Leave a comment
Uriel-238 (profile) says:

Does anyone remember the phone charms that would flash if your phone was ringing?

I’d like a phone charm that flashed on detection of radio output.

Amusingly, Robocop 2014 features a moment where a bad-guy is located by an unprotected phone in use (via 3rd party doctrine or dubious search) but we’re supposed to cheer it on because Alex Murphy is good and the phone is owned by the henchman of an arms dealer.

John Fenderson (profile) says:

Re: Does anyone remember the phone charms that would flash if your phone was ringing?

A hobby project I’m working on right now will react to cell phone, wifi, and bluetooth radio signals that are nearby (to allow an illuminated art piece to change its output according to events such as a cell phone ringing, etc.)

It might be possible to scale this down to something that could fit in a key fob.


John Fenderson (profile) says:

Re: Re: Re: Does anyone remember the phone charms that would flash if your phone was ringing?

Why for?

I have no interest in getting a patent of something I think shouldn’t be patentable (like this), and even if an aspect of this is already patented, the nature of this particular project is such that I wouldn’t be in violation of it anyway.

Rich Kulawiec (profile) says:

Great, but...

…this isn’t how it’s done. Data can be (and is) exfiltrated while the phone is transmitting normally, just by embedding it in other data. There’s zero need for an adversary to activate the transmitter at other times. And as the volume of “normal” data steadily increases, the ability of adversaries to conceal clandestine data in it with low probability of detection also increases.

Anonymous Coward says:

Re: Great, but...

The problem being solved is not exfiltration of data, but rather the phone being turned into a tracking device, even when its radios are supposedly switched off, as tracking a is only possible if it is transmitting. Note, the phone does not transit its location, but rather it is located through the receiver that can see it to allow its position to be triangulated..

WP says:

Re: Options

A Faraday cage is useless.

Easy test: place your phone in a cage and dial its number.
A Faraday cage that should be perfect:
A microwave!
A microwave works at 2.4Ghz
it is build as being a faraday cage by design.
(make sure it is plugges in and earthed for having a nicely grounded Faraday cage)

Now the real surprice, the phone IN the Faraday cage will ring!. How can that be? It is within a grounded cage, far away from a cell tower. And still it rings! 😀

Have fun…

Anonymous Coward says:


If you want to stop the phone being used to track you, why buy an expensive phone cover, why not just pull out the battery and drop both phone and battery into a Faraday bag.

(some state actors have put extra surprises in phones. A certain middle-east state with a mediterranian coast).

I think the fob would be better, It would tell you if your travelling companions were comprimized.

Stretch1931 (profile) says:

Aluminum Foil Hat Conversation

I understand the concern with knowing if someone is tapping your wireless signals, but what about the possibility that they can simply track and listen to you through the cell towers themselves? This is a known issue, since they’re using legacy technology (common denominator) to process billing across networks. And it’s this method that they can listen to your conversation and locate your whereabouts (by cell tower triangulation). So unless EVERYTHING is off, you can still be found. And if someone was really nefarious, they could simply know what cell tower you’re at, and enable other non-protected phones in the same vicinity to listen to your conversations.

So you’d pretty much have to live in a cave (without cell reception or GPS) to avoid anyone from snooping.

John Fenderson (profile) says:

Re: Re: Re: Aluminum Foil Hat Conversation

Wow, a Daily Mail article that isn’t actually that far off. I’m actually surprised.

But the article is talking about the SS7 hack, not cell phones. And the SS7 hack is only possible because of poor security on the part of the telecoms.

It does not have anything to do with being able to track the whereabouts of cell phones. The cold, technical fact is that if your cell phone can’t send a radio signal out, it cannot be tracked. There’s literally nothing to track in that situation.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...