[HN Gopher] Tell HN: Your Android carrier can remotely turn sett...
___________________________________________________________________
Tell HN: Your Android carrier can remotely turn settings on
My wife is currently in Germany and had cell broadcast warnings
disabled on her Android 11 device. Apparently, the local carrier
she uses turns them back on remotely. She gets notified of this.
"Settings changed by carrier." (1) Were you aware that carriers
can remotely override your settings like this? (2) Any strategies
to keep something like this from happening besides rooting the
device? (3) How do you feel about this type of remote control by a
third party? I must say I strongly dislike losing control over my
own device. It feels dystopian to me. I also couldn't find any
mention of this particular power of carriers apart from one lonely
Reddit post about someone trying to turn off Amber alerts [1].
---------------- EDIT: Additional info for clarity: The settings I
am referring to are under "Apps & notifications"/"Wireless
emergency alerts". They are about controlling whether to and which
alerts one wants to receive on their phone. It's an unlocked
Android One device. The carrier seems to be able to remotely change
these settings (see the referenced Reddit post as well), which I
would never expect. It seems to be because of the SIM the phone
uses and the network it connects to. No user-controlled software
change like updates. ---------------- [1] https://old.reddit.com/
r/GooglePixel/comments/zebvs4/settings_changed_by_carrier/
Author : brainchild-adam
Score : 189 points
Date : 2022-12-12 13:47 UTC (9 hours ago)
| _trampeltier wrote:
| Is there a full list, what carriers can do and change in your
| phone?
| hnarn wrote:
| It's very difficult for me, in all honesty, to even understand
| why the act of emergency alerts being re-enabled by a carrier
| leads to this kind of reaction.
| jmole wrote:
| I bought a Pixel 7 recently.
|
| When setting up the device, I was asked to insert my SIM card.
| Usually, I'd have skipped past this screen, but I thought "Ok,
| let me swap out my SIM", since I was trading in an older device.
|
| Worst mistake ever. Even on an unlocked phone, all the verizon
| crapware was silently installed in the background. This doesn't
| happen when you put in the SIM after setting up the phone.
|
| Such a backwards experience.
| thih9 wrote:
| Sneaky.
|
| Is it reversible? As in: can you eject the sim, reset the phone
| to factory defaults and restart the setup process, now
| inserting the sim card later?
| dustyharddrive wrote:
| Could this have happened on Graphene/Calyx/Lineage/Divest?
| 255kb wrote:
| 1) yes, but only got the warning once. 2) I think you need to
| root and disable OTA updates, but never tried. 3) Hate it, but I
| think it's a drop in an ocean of control, and probably way more
| harmless than depending on Google for everything (at least in my
| case). Not an Apple user, but apparently this is also a thing on
| Apple devices: https://www.vox.com/2015/2/12/11558938/what-is-
| this-carrier-...
| WirelessGigabit wrote:
| OTA updates are updates to the OS, not the settings.
| BanjoBass wrote:
| Pretty sure they're "required" in Germany and cannot be disabled
| by the user.
|
| You travel to other countries, you abide by their laws. This is
| no different.
| f1shy wrote:
| No required. In iOS can be disabled.
| Tomte wrote:
| The highest level cannot. We just had a nationwide test in
| Germany a few days ago.
| f1shy wrote:
| I have 2 phones. In one I disabled it, and did not get the
| alarm. The other one was enabled and received the alarm. It
| can be disabled. Period.
| vanillax wrote:
| What if you remove the sim card? What can they do?
| jamal-kumar wrote:
| In Germany people may not be as used to natural disasters and the
| like, but where I've travelled where the weather is way more
| extreme, these are like life saving emergency alerts so you don't
| get sucked into a tornado like a cow or die in a flood or
| tsunami. I love how jarring the alerts are, there was an incident
| in the USA recently where some way too close menu entry got hit
| at an emergency alert center for a nuclear bomb and people ended
| up taking cover thinking they were going to get nuked in Hawaii
| [1]. The USA system you can understand the technical workings of
| here [2] while this seems to cover more of the technical workings
| of the EU systems [3] - These are simply service area broadcasts
| [4]
|
| [1]
| https://en.wikipedia.org/wiki/2018_Hawaii_false_missile_aler...
|
| [2] https://www.youtube.com/watch?v=sdmkTkWB40Q
|
| [3] https://media.ccc.de/v/osmodevcon2019-107-production-
| grade-c...
|
| [4] https://osmocom.org/projects/cellular-
| infrastructure/wiki/Se...
| lotsofpulp wrote:
| You can turn off all the government alerts in iOS, in the US at
| least. I have had them all off for many years since one woke me
| up in the middle of the night for no reason.
| jcollins1991 wrote:
| Quite the opposite in Canada unfortunately, specifically
| Ontario but other provinces may be a joke as well... Can't
| turn off alerts, and we're well known for sending them out in
| the middle of the night, or just sending test alerts with no
| significant value. Thankfully silent mode turns them into
| vibrations, I feel sorry for those who use ringtones. Moved
| back here after living in SF for so long and this feels ass
| backwards, far preferred the optionality y'all are given.
| lotsofpulp wrote:
| That is unfortunate. The alert that caused me to turn them
| all off was even written about in the news that day.
| Millions of people in the entire NYC metro region had their
| sleep disturbed and were pissed.
|
| https://nymag.com/intelligencer/2013/07/ambert-alert-
| phone-4...
|
| I remember group chats of people discussing how to turn it
| off and my friends and I telling our parents how to turn
| them off.
| leephillips wrote:
| Can't you pull out your sim card when you go to bed?
| lotsofpulp wrote:
| Seems pretty inconvenient, plus the world is moving to
| eSIM. Although, I wonder if the alert system even cares
| about SIM. Presumably they would send it out to any
| device connected to the network, not just those with a
| SIM?
| WarOnPrivacy wrote:
| > there was an incident in the USA [where a mistake] at an
| emergency alert center had people thought they were going to
| get nuked in Hawaii
|
| I think your example is a powerful reminder why folks turn off
| alerts. For most of us tho, it was the bazillionth urgent
| notice of a non-applicable event.
| nicholasjarnold wrote:
| > I must say I strongly dislike losing control over my own
| device. It feels dystopian to me.
|
| Even with a rooted device where perhaps you personally coded up
| the ROM you are still missing a piece which is the binary blob
| that runs the baseband radio. That firmware is, afaik, not
| something which exists in any sort of open-source or rootable
| manner. It's a closed blob running proprietary software on your
| phone, and it runs at a lower level than the ROM/OS does. So,
| even if you go to great lengths to secure most of the software
| that runs on the device (a noble goal, it's your hardware after
| all!) then you still must contend with the uncertainty and
| perhaps risk (depending on your threat model) of that untrusted
| code running there. You can search around the web for articles
| covering baseband radio exploits that span the years...
| cameronh90 wrote:
| Moreover, some of these settings restrictions are encouraged or
| mandatory for the FCC/Ofcom/your-local-radio-regulator to
| certify your device. This is to prevent people from doing
| naughty things with the spectrum.
| holri wrote:
| For the PinePhone you can install a free OS running the
| Baseband Processor: https://hackaday.com/2022/07/12/open-
| firmware-for-pinephone-...
|
| Probably illegal and the firmware running the radio hardware is
| still proprietary.
| kube-system wrote:
| That's _partially_ open source software on the broader
| Quectel EC25-G modem, but not the Qualcomm's MDM9207 baseband
| that the modem uses.
|
| > Not everything is open in this firmware. The baseband
| firmware, aka the RF bits known as ADSP firmware, remains
| closed and not yet reverse-engineered by anyone - you're not
| gonna be running OpenBTS on this modem yet.
|
| > The TrustZone kernel remains closed too - my understanding
| is that it's signed by Qualcomm.
| kelnos wrote:
| I don't believe this is entirely true anymore. Yes, years ago,
| the baseband processor (and firmware) had full DMA capabilities
| to the RAM ostensibly managed by the OS, and could do nefarious
| things if it wanted to. But I believe nowadays the baseband is
| a bit more isolated, and communication with it is mediated by
| the CPU and OS.
|
| Some manufacturers likely still implement the "old"
| architecture, though.
| matheusmoreira wrote:
| How can I find out what peripherals my smartphone's baseband
| processor has access to?
| Sirened wrote:
| You would hope but to a large extent SMMUs are still not
| meaningfully deployed in consumer smartphones. Even when they
| do exist, the bounding enforced upon them are so expansive
| that it's essentially pointless. For example, one device I
| found had an SMMU in front of its BT/WiFi chip but,
| unfortunately, the driver on the AP side configured the SMMU
| to have access to all of system memory. Baffling.
| [deleted]
| mehdix wrote:
| IIRC in purism phones baseband is totally/mostly isolated and
| has no DMA.
|
| Edit typo
| yourusername wrote:
| I've disabled them on my phone because it's always either a test
| or some nonsense "it's too busy in <town> 10km away, stay away".
| Alerts they would never turn on the sirens for. I'd be very
| annoyed if my carrier re-enabled alerts.
| syntheticnature wrote:
| Where I am I've been fortunate that the weather alerts have
| generally been for critical situations such as tornadoes.
|
| The Amber alerts, OTOH, have been usually across the state and
| of debatable usefulness[0].
|
| 0:
| https://www.tandfonline.com/doi/abs/10.1080/0735648X.2014.10...
| EastSmith wrote:
| We need Linux phone.
| diffeomorphism wrote:
| 1) seems pretty obvious. 2) you don't. 3) perfectly fine.
| qbasic_forever wrote:
| Wait until your learn what a country or local government/police
| can do remotely to the baseband firmware of your phone with a
| court order...
|
| 10-20 years ago the FBI was regularly remotely programming
| firmware to listen in and record cell phone microphones to
| capture conversations of suspects. IIRC a mafia case hinged on
| data gathered in this way so it is not some abstract theoretical
| or crackpot theory (https://www.cnet.com/news/privacy/fbi-taps-
| cell-phone-mic-as...).
|
| It's only gotten worse as phones have gotten more capable. You
| don't own squat about the device in your pocket at all times.
| Blue111 wrote:
| > It's only gotten worse as phones have gotten more capable
|
| I wish my cellphone would not have all those sensors for this
| reason...
| javajosh wrote:
| The camera and mic are pretty easy to destroy if you want to
| get rid of them!
| bonestamp2 wrote:
| That's not a bad idea... then just connect an external mic
| (headset) when you need one.
| dividuum wrote:
| Time to put on that tin foil hat and read:
| https://dl.acm.org/doi/abs/10.1145/3309074.3309076 :-)
| kasabali wrote:
| So drug lords throwing mobile phones out of the car window
| after each call is just a movie trope?
| nine_k wrote:
| Each phone takes time to be detected, identified, and
| tampered with. So it may make sense to activate a new burner
| phone, talk about something sensitive, and destroy it right
| afterwards, before the law enforcement understands what phone
| was that.
| at-fates-hands wrote:
| When I worked in a wireless repair shop in early 2000's, we
| handled the local FBI field office account. Field agents
| would come in and I'd chat them up as they sat and waited
| for me to fix their phones.
|
| This was also around the time remote meth labs were getting
| really common out in rural areas. Multiple agents were
| talking about how frustrated they were with getting access
| to burner phones since most of the companies were
| resellers. They said by the time they got a warrant to
| start recording the devices, they were already dead.
|
| I guess the bad guys knew their burner phones were only
| good for about two to three months tops. That was usually
| the timeframe from when the FBI got a read on a line, saw a
| judge and got the warrant processed, to contacting the
| carrier and getting access.
|
| Sounds like whatever was hampering them in the past has
| been fixed.
| vic-traill wrote:
| In The Wire, Lester sells Bernard tapped burners. It's
| the only way they could get up on the burners before they
| were thrown away.
|
| There are a tonne of reddit links on this one so I'll
| leave it to the Interested Reader.
| 1337biz wrote:
| Call me paranoid but I would assume that intelligence
| services keep a special eye on newly activated non-
| smartphones.
| izacus wrote:
| Ability to detect and correlate these switches has been
| documented in Snowden leaks years ago.
| jethro_tell wrote:
| Sure, but can they get a warrant and tap it in <24 hours?
| IDK, but that sure raises the barrier to entry.
| sgjohnson wrote:
| When have intelligence services used warrants? They
| gather evidence illegally and pass it to law enforcement
| who then do parallel construction.
| ethbr0 wrote:
| Whenever they don't want Congress up their ass. Four
| things can simultaneously be true, despite seeming
| contradictory:
|
| 1) Prudent opsec against nation-state adversaries
| dictates that you assume 0 time for them to have a tap on
| a device.
|
| 2) In reality, it takes >0 time, because people processes
| aren't instantaneous.
|
| 3) Intelligence services sometimes break the letter of
| the law.
|
| 4) Intelligence services usually follow the law, because
| it's less hassle.
| SpelingBeeChamp wrote:
| I am a reporter, and I cover crime. Occasionally, I cover a
| story whose publication might endanger people. Think cases
| involving gang violence and/or individuals cooperating with
| law enforcement. Before I publish those stories, I contact
| the lead detective on the case to ask whether that concern
| has merit, and whether certain people's names, for example,
| should be anonymized.
|
| In one of those conversations, I was asked to not publish
| details about the extensive cellular tracking data that had
| helped to make the case. According to the detective, despite
| the ubiquitousness of cellular tracking data in prosecutions,
| your everyday criminal is _not_ doing anything remotely like
| 'throwing mobile phones out of the car window after each
| call.' Quite the opposite, they are posting pictures of
| themselves with contraband to Instagram, and using their
| phones to facilitate crime as if they were untouchable.
|
| Perhaps drug lords are more careful than lower-level dealers,
| but I'm not so sure. Total conjecture here, but I suspect the
| money gets to their heads, which leads to a feeling of
| invincibility -- with consequent opsec failures.
|
| If you keep an eye on major arrests, criminals routinely get
| taken down in essentially the same ways as the criminals who
| were caught before them. Despite their belief that they had
| been taking precautions against those failure modes.
| whoopdedo wrote:
| > Perhaps drug lords are more careful than lower-level
| dealers
|
| At a certain level you stop buying burner phones and simply
| buy the whole phone company.
|
| https://www.npr.org/2011/12/09/143442365/mexico-busts-
| drug-c...
| david_allison wrote:
| I suspect this is survivorship bias: you're more likely to
| catch criminals who have bad opsec.
| mmastrac wrote:
| You'd think the criminals would at least watch The Wire for
| some basic OpSec.
| ethbr0 wrote:
| A big part of The Wire is the uniqueness of the
| discipline the criminals have, and ultimately how it
| stems from 1-2 people at the top.
|
| Also, public telephones are no longer an option.
| kornhole wrote:
| I rotate burner SIM's. I never make calls with the SIM. Instead
| I use jmp.chat if I need to use OTA calls or SMS. I am in
| airplane mode 99% of the time and use WIFI instead of cellular.
| I never activate cellular near my home. I am always connected
| to VPN so that the traffic cannot be analyzed. My phone is
| anonymous without any identifiers. I think all this mitigates
| the baseband attacks, but tell me if I am missing something.
| siftrics wrote:
| If the VPN is compromised, you're compromised.
| Scoundreller wrote:
| What are the odds of seven chained VPNs all being
| compromised?
| siftrics wrote:
| Doesn't matter. As long as one is compromised, you're
| screwed.
|
| VPNs cannot break TLS, (unless you're dealing with the
| intelligence apparatus of a major power, which probably
| can break TLS) so they cannot introspect most of the
| content you send and receive anyways.
|
| What they can do, however, is see the domain name of the
| HTTP requests you send when setting up TLS.
|
| Chaining VPNs doesn't add security by any metric.
| kevin_thibedeau wrote:
| They don't have to break TLS. They just use an exploit to
| get access to one of the unencrypted sides of the link.
| zer0x4d wrote:
| From my experience, people who do take this type of an
| exaggerated approach often end up exposing themselves more in
| ways that they don't even realize...
|
| How do you pay for jmp.chat? Do you trust their code to be
| bug-free and without possible exploits? Do they do regular
| security audits and code reviews? Do they have enough users
| and maintainers to be able to quickly detect and address
| security issues? Are you sure Airplane Mode turns off the
| baseband and cuts off all cellular communication? It doesn't,
| you can still emergency receive alerts in Airplane Mode. Your
| phone can tell exactly where you are by comparing your wifi
| search results + RSSIs to known public databases without even
| having to use GPS. How much do you trust your VPN provider to
| keep no logs? How do you pay for VPN?
| kace91 wrote:
| All that plus the fact that, under general surveillance,
| behaving in a way that is consistent with avoiding tracking
| at great inconvenience is a great way to get flagged.
| kornhole wrote:
| jmp.chat can be paid for with a virtual card and not tied
| to any ID. However I have it associated to my real ID in
| this case as it is the number everybody knows.
|
| I use the word 'mitigate' not 'solve' since closed source
| baseband modems are a problem. Cellular traffic is off in
| airplane mode, but the baseband could be exploited if
| someone wanted to find me AND knew which IMEI to target.
| Because the IMEI has never been associated to me, that is a
| challenge.
|
| I run my own VPN and share it with a few other people.
| MengerSponge wrote:
| I break into Tiffany's at midnight. Do I go for the vault?
| No, I go for the chandelier. It's priceless. As I'm taking it
| down, a woman catches me. She tells me to stop. It's her
| father's business. She's Tiffany. I say no. We make love all
| night. In the morning, the cops come and I escape in one of
| their uniforms. I tell her to meet me in Mexico, but I go to
| Canada. I don't trust her. Besides, I like the cold. Thirty
| years later, I get a postcard. I have a son and he's the
| chief of police. This is where the story gets interesting. I
| tell Tiffany to meet me in Paris by the Trocadero. She's been
| waiting for me all these years. She's never taken another
| lover. I don't care. I don't show up. I go to Berlin. That's
| where I stashed the chandelier.
| greggarious wrote:
| > _I break into Tiffany 's at midnight. Do I go for the
| vault? No, I go for the chandelier. It's priceless. As I'm
| taking it down, a woman catches me. She tells me to stop.
| It's her father's business. She's Tiffany. I say no. We
| make love all night. In the morning, the cops come and I
| escape in one of their uniforms. I tell her to meet me in
| Mexico, but I go to Canada. I don't trust her. Besides, I
| like the cold. Thirty years later, I get a postcard. I have
| a son and he's the chief of police. This is where the story
| gets interesting. I tell Tiffany to meet me in Paris by the
| Trocadero. She's been waiting for me all these years. She's
| never taken another lover. I don't care. I don't show up. I
| go to Berlin. That's where I stashed the chandelier._
|
| The bridge you called in a tip to the FBI, an you vowed to
| destroy (or at least split into one focused on counter
| intel and another on criminal matters) from under collapses
| a little under a year after you marched down to the site of
| a world famous FFRDC with a weapon on your hip, produced a
| business card, and told one of your contacts to tell the
| FBI to stop busting dark net markets and take down these
| pedophiles, possibly leading to a raid to lead to the
| biggest loss of life since 9/11 because they didn't learn
| from Steven Paddock and check for as ring. Your long lost
| cousin appears in the cafe you've been doing your morning
| Tor OSINT session over a cute little cortado in (paid in
| cash, of course), white as a sheet that you were absolutely
| serious when you screamed so loudly into your encrypted
| line that you're sick of these Nazis and pedophiles that
| they made the woman on the other end a senior adviser to
| NATO and told the rest of the crew that due to COVID, the
| queen might not be dead but London Bridge has absolutely
| fallen, the chicken fingers loving autist from Skidgey's
| now has more Counter Strike ability than at least one
| Korea, that he's unrepentantly willing to use it if he
| thinks folks are abusing their access, and that just like
| he joked back during the Summer of Snowden: they couldn't
| have caught Ted Bundy without breaking the law and that
| someone may have taken him up on the wish he expressed on K
| Street to never work in the White House, but just be the
| person who tells the people who work there what to do, and
| and while "they" know you didn't bomb it, it _is_ ambiguous
| if it was an accident and that knowledge _is_ terrifying.
|
| (I appreciate the reference[1] parent, but maybe spend more
| time writing your own copy? the above is a sample of a
| creative nonfiction essay I worked on during my daily 20
| minutes of writing rather than copying and pasting from
| others, and it's all based on my lived experiences.
| Practice makes perfect!!)
|
| [1] https://www.youtube.com/watch?v=BfXdByo3XWw [2] https:/
| /wrd.as.uky.edu/sites/default/files/1-Shitty%20First%...
|
| 2a26de4d792ccb7c12e488ba81ba65c4
| bullion9872 wrote:
| >maybe spend more time writing your own copy eh, I think
| people find popular culture references funny because they
| are already familiar with them
| cutler wrote:
| What on earth does this have to do with the parent post?
| Please enlighten me.
| aussieshibe wrote:
| It's a monologue from The Office which uses similarly
| extremely short sentence structure as seen in the GGP
| comment.
|
| It's also possible GP is referencing GGPs arguably
| paranoid position on phones, relating it to similar
| paranoias held by Dwight (the character who delivers the
| monologue).
|
| https://youtu.be/PlIzKaGBeHk
| ww520 wrote:
| They're both wild tales. /s
| [deleted]
| lgdskhglsa wrote:
| it's a reference to The Office,
| https://www.youtube.com/watch?v=PlIzKaGBeHk
| texasbigdata wrote:
| Absolutely lost it at the coworking place. Luckily it
| wasn't too packed. Thank you kind sir.
| squokko wrote:
| What's your threat model?
| jorgesborges wrote:
| Just curious and I admire your commitment, but is there some
| aspect of your life that demands this diligence, or are you
| simply principled?
| kornhole wrote:
| I just don't like people following me around. It is creepy.
| ethbr0 wrote:
| A person's gotta have a hobby and an ethos. More power to
| you for the dedication.
| RektBoy wrote:
| So you're detected just by Wifi. Ok. Your phone is
| transmitting every network you saved. As OSINT you can pretty
| much fingerprint everybody with just that. And even since
| phones are using randomized MACs, there are methods to leak
| true MAC.
| Zigurd wrote:
| You are going in the wrong direction. Lean into the
| surveillance. Use it to create an alibi.
| 2OEH8eoCRo0 wrote:
| Why?
| bengale wrote:
| I've always assumed that behaviour like this is so unusual is
| would motivate a closer look by security services.
| kornhole wrote:
| The only thing it evidences is that someone is smart and
| values their privacy.
| EVa5I7bHFq9mnYK wrote:
| Criminals the security services are looking for are not
| that smart. If they were, they wouldn't have been criminals
| in the first place.
| RussianCow wrote:
| > If they were, they wouldn't have been criminals in the
| first place.
|
| What does intelligence have to do with whether someone is
| a criminal? There are dumb criminals and smart criminals;
| I'm not sure what the correlation here is.
| ActorNightly wrote:
| Excluding ideological motivators, if you are technically
| competent to pull off a cybercrime and escape unseen, you
| are technically competent enough to work at a tech
| company making 300k+ a year while only doing about 10
| hours of actual work per week.
|
| Treating this just like investments, over your lifetime,
| its a no brainer on which is the better path to take.
| EVa5I7bHFq9mnYK wrote:
| I think most criminals are dumb. Quick google search
| shows average IQ of a criminal is 85.
| sgc wrote:
| Probably not directly related, but mainly due to fewer
| opportunities. This is one of the reasons I strongly
| agree with universal basic income. The capitalistic game
| is harder than many people are capable of playing. They
| shouldn't have to suffer enormously because of that, and
| neither should society. Otherwise, should we assert that
| ethics are inherently easier for some people, yet
| penalize all people the same regardless of their
| capacities?
| generalizations wrote:
| Average IQ of all criminals, or criminals that got
| caught?
| was_a_dev wrote:
| > if I am missing something
|
| It's the day you miss something that your effort was
| pointless. Even if your solution is always secure, it only
| takes one slip up to ruin everything
|
| Any threat as large as youre trying to protect against, if
| interested in you, can just wait for you to make a mistake.
| archi42 wrote:
| In theory: 1. Wait until you enable the cellular again 2.
| push an update to the baseband firmware 3. when you
| disconnect, the new firmware will tell the OS that the
| baseband is disconnect, in reality, it's doing nasty stuff.
| You'd only notice it due to the battery draw.
|
| You need burner phones to cycle after each usage.
|
| TBH, seems you cranked up the paranoia to 11. The VPN has to
| terminate somewhere, so if I was a state actor attacking you,
| I'd figure out where that is. WiFi+BT firmware isn't bullet
| proof, either, and hypothetically an exploit chain could be
| found to enter via WiFi and stealthy enable cellular. In
| practice XKCD #538 applies: https://xkcd.com/538/
|
| For most of us the attacker is someone trying to make some
| money by scamming, stealing CC or installing a malicious app.
| greggarious wrote:
| >I rotate burner SIM's. I never make calls with the SIM.
|
| Do your family and friends do that?
|
| Maybe it's better to blend in with the noise.
| bobsmooth wrote:
| Wrap your phone in aluminum foil when you're not using it.
| cvbrty wrote:
| Airplane mode doesn't shut off your baseband. It just sends
| it a message saying "go into airplane mode". The firmware is
| still running. It could still be receiving and sending data
| for all you know.
| ghostoftesla wrote:
| From my understanding, when installing an alternate OS (ie
| lineage) you can dive deeper into the partitioning of the
| device's os and see all components/folders. Under `vendor`
| you can choose not to install firmware for different kinds of
| stuff (wifi, baseband).
| jvanderbot wrote:
| Your location data. Tower associations can still happen with
| data "off", since there's plenty of "listen" components. All
| your home wifi connections are well Geo-located, thanks to
| other Android users picking up the ESSID as they walk / ride
| / drive past your house. Your shopping / outings? Forget it,
| fully known.
|
| VPNs hide the content of connections, at least from MITM /
| eavesdroppers, but server-side data scrapes are quite
| effective at figuring out who you are (or what your phone is
| ... see below). Nothing really does a good job of hiding the
| fact that you are connected to a VPN except TOR, and where
| that connection originates (e.g., your wifi network, which is
| well Geo-located, remember?). And de-anonymization of VPN
| connections to identify downstream connections are possible,
| IIRC. Details about your phone are well recorded (MAC, SID,
| etc)
|
| And always remember, your phone can be implicated based on
| location data, which will implicate you once it's discovered
| you own the phone. And that's as simple as looking up the SIM
| purchase / use.
| kornhole wrote:
| From https://grapheneos.org/faq: "Connecting to your
| carrier's network inherently depends on you identifying
| yourself to it and anyone able to obtain administrative
| access. Activating airplane mode will fully disable the
| cellular radio transmit and receive capabilities, which
| will prevent your phone from being reached from the
| cellular network and stop your carrier (and anyone
| impersonating them to you) from tracking the device via the
| cellular radio. The baseband implements other functionality
| such as Wi-Fi and GPS functionality, but each of these
| components is separately sandboxed on the baseband and
| independent of each other. Enabling airplane mode disables
| the cellular radio, but Wi-Fi can be re-enabled and used
| without activating the cellular radio again. This allows
| using the device as a Wi-Fi only device."
|
| When I am at home, I am WIFI only. When I am out, WIFI &
| bluetooth are off. This takes some discipline at first but
| then just becomes habit. I know the spot on my commute home
| where I switch my settings.
| sgc wrote:
| I would never trust that. It is how thing are supposed to
| work, not the way they necessarily will. Just buy a phone
| with physical disconnect switches if it is important
| enough for you.
| kube-system wrote:
| The baseband is an entirely separate SoC that is a
| blackbox outside of the control of GrapheneOS. And your
| radios are solely under the control of that system.
| GrapheneOS just asks it nicely to do things on its
| behalf.
|
| All of these privacy focussed phone OSes tread lightly on
| the fact that there are a grand total of _zero_ modern
| open source basebands in existence.
| jvanderbot wrote:
| I appreciate the extra information. I'm still skeptical
| on any phone except the OS/HW combo the faq was written
| against (which by the way was not in your original post)
| MengerSponge wrote:
| BTW habitually switching at the same time and place is
| terrible opsec. It leaks a ton of information.
| kornhole wrote:
| It is the same general location about half a mile from
| home where I flip over. This is to ensure location from
| cell tower triangulation does not identify my home and
| therefore me.
| Retric wrote:
| It's all about your threat model.
|
| Suppose you wanted to find someone that aways turned on
| their phone on at ~8:15 AM and found someone that always
| turned their phone off at ~8:10 AM within 15 miles. How
| difficult would you say it was to make this connection?
| thewataccount wrote:
| Yeah I'm not sure what information this really protects
| assuming you're only communicating over encrypted
| channels (https) already.
|
| In theory it could protect location data from the carrier
| for locating you with a wild amount of opsec practice but
| I highly doubt you could pull that off for a daily
| driver.
|
| Having wifi/bluetooth off in public isn't a terrible idea
| though as those are generally much easier attack surfaces
| and are leakier.
| RektBoy wrote:
| In my country, this one girl is buying prepaid SIMs and
| selling them on darknet. Which is fully legal. Still she
| got notified from our intelligence agency, lol. They're
| butt-hurt a lot from this.
| matheusmoreira wrote:
| Are attacks like these still possible? I've read here on HN
| that hardware makers are isolating the baseband processor as
| much as possible to prevent attacks like these. Surely there
| are countermeasures?
| ActorNightly wrote:
| Most modern phones have signed firmware for everything, so
| the FBI would have to go to the manufacturer and court order
| them to hand over the signing key. Or take advantage of a
| leaked key.
| matheusmoreira wrote:
| What I meant was chips are increasingly being isolated at
| the hardware level so that they cannot access other
| peripherals directly. This would make them resistant to
| compromised firmware attacks.
|
| People are discussing that in this thread:
|
| https://news.ycombinator.com/item?id=33958252
|
| It looks like the implementation isn't perfect yet but it's
| a start.
| zizee wrote:
| I was talking to someone who was charged with a fairly minor
| crime, and they said the first advice their very
| expensive/experienced lawyer gave them is to no longer trust
| their phone is not recording them, as the local police
| (australian) use this ability quite freely.
| neets wrote:
| Ah so that's the hack they were doing in the show Person of
| Interest
| abdullahkhalids wrote:
| Are you saying that a phone manufactured in 2022 can have its
| firmware remotely changed to record microphones?
|
| Specifically can your whatsapp/signal audio calls be recorded
| by FBI remotely in this manner?
| smoldesu wrote:
| Honestly, a phone manufactured in 2006 is probably vulnerable
| to a similar attack. The larger point is that state-sized
| threat actors (and the carriers they work with) have a
| _crazy_ level of control that cannot be underestimated.
| Especially in 2022, it 's hard to look at any sufficiently
| complex smartphone and assume it's not vulnerable to
| sufficiently motivated threat actors.
| qbasic_forever wrote:
| > Are you saying that a phone manufactured in 2022 can have
| its firmware remotely changed to record microphones?
|
| Yes, court records show the FBI has and continues to
| explicitly do this. Leaks from folks like Snowden show the
| NSA/CIA have done this too.
|
| > Specifically can your whatsapp/signal audio calls be
| recorded by FBI remotely in this manner?
|
| The baseband firmware is at a level 'below' the operating
| system of the phone. It can directly access peripherals and
| intercept them, so it could be reading your microphone and
| passing it along to the higher level OS at the same time.
| WhatsApp/Signal thinks it's secure, and if you look at its
| app signature or anything else it looks exactly like the
| normal app you expect. However your data is still getting
| intercepted at the lower level and recorded for a
| state/government actor.
| ActorNightly wrote:
| No?
|
| Baseband firmware is the firmware for the modem. It has no
| relation to the SoC that runs the phone, unless there is
| some sort of exploit that allows it direct hardware/memory
| access. To listen to the mic or capture video, it has to
| interface with the ADC chip which is not directly connected
| to it.
|
| There may have been phones in the past that allowed DMA to
| the SoC from the baseband chip which hypothetically would
| have allowed a properly crafted exploit on a per app basis,
| but its not longer the case, as pretty evident by the FBI
| asking Apple to unlock the phones (if they could access the
| memory from baseband, they would not need to)
| abdullahkhalids wrote:
| I am not at all familiar with the hardware design of
| phones, so I want to be very clear in my understanding.
|
| Are you saying that the electrical signals from the
| microphone and to the speakers pass through the baseband
| chip before/after going to the main chip on the phone? Or
| that the baseband chip has separate access to the
| microphone and speakers?
| kube-system wrote:
| There are varying architectures, so it depends. But at a
| minimum, the baseband at a minimum has low level access
| to anything that goes over the network. In some
| implementations, the baseband can just read straight from
| main system memory if it wants.
| nix23 wrote:
| >whatsapp/signal
|
| Hint, it's not the application you use but the
| microphone/speaker itself.
| supermatou wrote:
| I'm experiencing the opposite; my wife and I have the same iPhone
| model (13), with the OS up to date. When we bought the phones, 18
| months ago, I customized them to have identical settings; while
| doing that, I also disabled the Amber Alerts. Still, a few weeks
| ago, our phones started to emit an unheard (til then) sound in
| the middle of the night: it was an Amber Alert. WTH? did any of
| the OS updates enable the AA? I looked at the phones and - hey,
| where did that setting go? the alerts are no longer visible in
| Notifications. What's weird, is the fact that you can type
| "Govern" (for Government Alerts) in the Search field, and
| Notifications comes up - but, when you go into Notifications,
| there's nothing there.
|
| I googled the issue and it's affecting quite a lot of people.
| It's unclear whether the culprit is the provider or a long-
| standing bug in iOS (the first mention I found is a few years
| old). Some people suggested that you take out the SIM and the
| options would reappear. Didn't work in my case.
| warkdarrior wrote:
| On my iPhone 12 running iOS 16, the "Government Alerts" section
| is at the bottom of the Notification settings screen, just need
| to scroll down for it.
| ddalex wrote:
| It's part of the mandated law in certain countries so it's normal
| to be implemented there.
| brainchild-adam wrote:
| I was not aware this could be done remotely explicitly going
| against settings the user himself has set.
| ddalex wrote:
| Phone (call, data) interception is mandated in a lot of
| countries (i.e. operators have to do it is presented with a
| judicial mandate) against the wishes of user too. This
| setting is in the same vein, in order to allow authority
| controlled public broadcasts.
| TreeRingCounter wrote:
| Governments hijacking infrastructure is not remotely the
| same as governments hijacking personal devices.
| ratg13 wrote:
| It's a carrier setting, you are merely expressing a
| preference.
| Doorstep2077 wrote:
| Doesn't surprise me tbh, although I'm curious if different
| countries have different policies regarding this. E.G. in
| privacy-centric countries like Iceland, are there stricter rules
| / regulations?
| wintogreen74 wrote:
| what the?
| lizardactivist wrote:
| Not sure if it's related or just Apple's data-greed and malice,
| but on a previous iPhone, iMessage and FaceTime would turn on by
| itself every time the phone was restarted, again 24 hrs later,
| and one final time 48 hrs after that.
| brainchild-adam wrote:
| That sounds horrible.
| 7steps2much wrote:
| (1) I wasn't aware of it, but I am not surprised that something
| like this was written into the standard (presumably. I doubt
| carriers rolled their own thing)
|
| (2) All the ways I can think off are significantly harder than
| rooting, so essentially no.
|
| (3) I don't really mind that much, I have Google services running
| on my phone and I am certain those can do far more than my
| carrier could ever dream off. I have begrudgingly accepted those,
| so it would be a bit hypocritical to complain about my carrier
| turning cell broadcast back on. Especially since "turning cell
| broadcast back on" is a use case that I can see the argument
| behind.
|
| It you care about this then I suggest you look up the relevant
| standard documents, probably you will find this behavior
| documented there.
| michaelmior wrote:
| > written into the standard
|
| What standard are you referring to?
| sumtechguy wrote:
| Parts of it are in the GSM, CDMA, CDMA2000, '3g', LTE, 4g/5g
| standards. They are thousands of pages long. They do quite a
| bit. Usually baked into the firmware from whoever makes the
| chipset.
| willyt wrote:
| I can totally understand why Americans would want to silence
| these. I'm from the UK and I was in Central Park with my wife and
| kids when we got an 'Amber Alert' which said something like
| 'Black Ford SUV reg XYZ123' or something equally cryptic. It was
| not long after the terrorist attack in Nice where a guy drove a
| truck thorough a crowd of people walking beside the beach.
| Everyone's phones started going at the same time and we assumed
| it was some kind of disaster warning (the second worst level of
| disaster after a Red Alert?) as did many other tourists in the
| park! It went off again on the subway on the way back to the
| apartment and all the New Yorkers were totally unfazed by it. I
| asked the woman next to me what it was, she just said ignore it.
| I googled it later and it turned out an ex boyfriend had not
| showed up from picking their daughter up from school in a small
| town at the other end of New York state a couple of hundred miles
| away. Talk about crying wolf, I hope they have a different sound
| for when there actually is an inbound rogue North Korean nuke,
| otherwise 20 million people are going to think 'fuck's sake' and
| silence their phones without looking...
| uhtred wrote:
| I don't seem to get these alerts since I switched to a de-
| googled version of android
| i_am_jl wrote:
| >I can totally understand why Americans would want to silence
| these.
|
| Oh, it gets better. We also, by default, get alerts for
| severe/extreme weather. Nothing like getting an emergency alert
| because a tornado touched down on the other side of the state,
| or a flash-flood warning while you're at home, 300' above the
| nearest body of water.
| jenkstom wrote:
| That's really not at all fair, the NWS has put a lot of
| effort since the Joplin tornado into localizing warnings as
| much as possible to the affected area. They may geolocate the
| warning based on the tower rather than the phone, but that's
| still a long way away from "across the state". And you maybe
| should look into it, but flash floods have nothing to do with
| bodies of water. You could be 1k feet above a lake on the
| side of a mountain, but that mudslide caused by torrential
| rain might be a problem for you.
| r00fus wrote:
| On iOS you can opt out of almost all of these. Concerned people
| can keep them on. Defaults may be an issue here, but it's
| nowhere near as concerning as government having hooks in the
| baseband.
| petee wrote:
| Ex boyfriend disappearing with a child is totally worth an
| Amber Alert, and a couple hundred miles is only a couple hours
| drive by the time they put the alert out...its easy enough to
| just keep an eye out for a license plate.
|
| Nobody is going to know for sure if its a false alarm, or if
| we'll wind up with a murdered child until after the fact, so
| why wait or ignore it?
| javajosh wrote:
| Clearly you haven't been involved in a child custody case. If
| you had, you'd know the kinds of tricks people will play, up-
| to-and-including falsely claiming the child has been
| kidnapped and is under threat. Family court never, and I mean
| NEVER, holds anyone accountable for false accusation, and
| there is a subset of family law attorneys in every town who
| knows this and uses it, if they get a chance. The collateral
| damage, "boy who cried wolf" style, is just another unhappy
| side-effect of this practice.
|
| As for the risk of a murdered child, well, if that argument
| works for you, then why stop there? Why should police have to
| wait for a search warrant...what if we end up with a murdered
| child? Why should police have to avoid using deadly force to
| stop a fleeing suspect...what if we end up with a murdered
| child? Of course, we already have a (rather large, vocal)
| group of people who believe exactly this, which is why CPS is
| called on parents who, for example, run into a bakery, with
| their minivan idling with 6 kids in it, and get arrested for
| child endangerment.
|
| It's easier to take an extreme, confident position when you
| don't know anything about it.
| mikelward wrote:
| IIRC they are just as loud and annoying as an earthquake
| alert. This makes earthquake alerts less useful.
|
| Amber/Silver/Blue alerts should be more like a regular
| notification.
| burkaman wrote:
| Just want to go against the grain and say that I agree with
| you and disagree with fellow commenters comparing their phone
| buzzing once in a while to unwarranted police raids or
| government-sponsored mass murder.
| izacus wrote:
| The phone "buzzing once in a while" teaches everyone to
| ignore this buzzing and makes this massively counter
| productive - people will ignore it when serious disaster
| happens.
| burkaman wrote:
| I guess I just don't believe you, and it will take more
| than people complaining to convince me. In the situation
| described in this thread, I cannot imagine everyone in
| Central Park dismissing this notification without anyone
| saying "hang on everyone, it says missile instead of
| amber this time". I have lived in several big cities in
| the US and have gotten these alerts less than once a
| month, sometimes with years in between. It is not a
| scourge on society. I do think you should be able to
| disable them, but I think that even if explicitly given
| the option, most people would leave them on.
| Brian_K_White wrote:
| Then again, many bad things happen at a constant rate
| somewhere within a 400 mile circle. If all of those bad
| things generated an alert to all people within that circle,
| and then consider that every square inch is part of infinite
| other overlapping such circles... Evereyone but a few
| researchers in Antarctica would have useless phones that
| don't do anything but scream these alerts at all times.
|
| The idea doesn't scale unless the events are actually quite
| selective, and a missing person that isn't even necessarily
| missing yet probably shouldn't qualify.
|
| Even if you are sympathetic and care about that kid, it
| doesn't matter because it doesn't work anyway. Everyone just
| ignores the alert. It's just not a reasonable balance between
| how much some bad thing matters and how many people's
| attention are commandeered for it. Every single death even
| from peaceful old age after a rich full life is a tragedy,
| but the rest of the world can not care about it. Literally
| can not, because it doesn't scale. Those tragedies are
| happening at a constant rate of many new ones every second of
| every day at all times. Instead there are a much smaller set
| of people who care about or who's job is to care about each
| one, and that set is smaller than "everyone in a 400 mile
| circle". The fact that a person can drive 200 miles in any
| direction in a few hours doesn't change that.
|
| It's probably a good thing for the system to exist, but if
| it's used the wrong way, it's entire utility and reason for
| existing is sabotaged and nullified.
|
| However the real point not about the alert system but about a
| carrier's ability to control your device more than yourself,
| even if you own your device outright, that I do not say is a
| good thing that it exists. I accept that there's not much to
| do about it. I do have a rooted phone running LineageOS,
| which gives me a bit more control, but I don't kid myself
| that that really means much. But I don't think it's good or
| right.
| eastbound wrote:
| So one child which might have died is the same as nuking NYC?
| (and 99% it's custody dispute, no harm done)
| 95014_refugee wrote:
| Reductio ad absurdum, wouldn't it be better just to have
| everyone's phone explode? Chances are pretty good the
| (alleged) killer will have one on them, so let's just blow
| everyone up.
|
| If you don't, we'll end up with a murdered child, so why not?
| burkaman wrote:
| Reductio ad absurdum, why not make all communication
| illegal without the explicit written consent of the
| recipient? Then you'll never have to be bothered by anyone
| ever again.
| matheusmoreira wrote:
| Is that supposed to be an absurd proposition? Because
| that is something I want. Stuff like advertising should
| be straight up banned, and it should be considered abuse
| to get a phone call from someone you have not explicitly
| whitelisted, especially corporations and governments.
|
| No one should presume they have an IRQ line to your brain
| and attention. They don't get to interrupt you with
| bullshit you couldn't care less about.
| burkaman wrote:
| Ok, what about an air raid siren? Someone speaking to you
| on the subway? A letter from the government about an
| upcoming election? A road sign warning of closures?
| Someone with a megaphone directing traffic?
| brainchild-adam wrote:
| I'd argue it's about the level of intrusion and your
| options in dealing with it.
|
| My phone blaring at me at any time w/o warning and with
| no way to control this behavior seems quite a bit more
| intrusive to me than your examples.
| placatedmayhem wrote:
| There are significant questions about the efficacy of AMBER
| Alerts, which is concerning given the massive disruption and
| potential for negative conditioning for other government-
| originated alerts (severe weather, terrorism, etc.). Here's
| one paper from 2014 that analyzes AMBER Alert cases compared
| to those without an alert:
|
| https://www.tandfonline.com/doi/abs/10.1080/0735648X.2014.10.
| ..
| sph wrote:
| Do we have Amber Alerts in UK? I never got one, and I'd like to
| be told if I'm about to get nuked or an asteroid is imminent.
| david_allison wrote:
| Emergency alerts (not Amber) are planned in 2023. Apparently
| there was a test today on some networks.
|
| https://www.gov.uk/alerts
| bonestamp2 wrote:
| There are two different levels of these alerts. The phones
| allow people to silence Amber Alerts. The higher level is a
| National Alert, and those cannot be silenced.
|
| They shouldn't be sending out Amber Alerts for something a
| couple hundred miles away, because as you said, that causes
| people to ignore them. In my area, we only get very localized
| Amber Alerts, which makes them pretty rare... 1-2 per year.
| precommunicator wrote:
| Similar thing is with call recording, as one of my SIM card is
| from Germany my phone doesn't allow me to enable call recording,
| but, as I don't live in Germany, and it's legal to do so here, I
| have a manufacturer-specific app (3rd party, ofc) that basically
| runs in background and periodically and on boot, re-enables this
| setting. Wonder if something similar could be made, or exists for
| your phone.
| msingh_5 wrote:
| These are emergency broadcast alerts. Different countries have
| different laws on these - and in some countries you might not
| even be able to disable them.
|
| Just because its listed under "Apps & notifications"/"Wireless
| emergency alerts", it doesn't mean they are "user settings". Its
| not necessarily the local "carrier" that turned the settings on,
| its more that connecting to a cell tower in a particular
| jurisdiction can enforce receiving emergency alerts.
|
| More on the EU alerts systems: https://en.wikipedia.org/wiki/EU-
| Alert
| Scoundreller wrote:
| Can't easily disable them in Canada. And all alerts are sent at
| "presidential" level, while the issuers fail to geo-target
| them, so you get alerts for "abducted" (usually child custody
| dispute) several hundred km away.
|
| Buuuuut, these alerts are LTE/5G only, so I've set up an iPhone
| automation to switch my phone to 3G in the evening and back to
| whatever in the morning to avoid alerts at night. I'll cry when
| 3G gets shutdown.
| matheusmoreira wrote:
| It doesn't really matter what the laws say. When I tell my
| computer to do something, I expect it to be done, no questions
| asked. If I tell it to violate a law, I expect that law to be
| violated. I have free will and the computer must obey that
| will, not impose somebody else's will on me.
| withinboredom wrote:
| You're using a utility and you must accept the terms to use
| that utility. There's probably some verbiage in your carrier
| agreement about it.
|
| You can't disable 911/112 just because you don't like it
| either.
| Scoundreller wrote:
| 9-1-1 doesn't usually call me at odd hours though.
| matheusmoreira wrote:
| I don't care what the carrier agreement says. If they want
| to send me the warnings, fine. My phone is perfectly
| equipped to receive them and will happily display them
| should I choose to allow it. What's unacceptable to me is
| forcing my phone to do anything. It doesn't matter to me if
| there's some piece of paper saying I can't turn them off, I
| will turn them off and I will resist them if they try to
| force it on.
| bjt2n3904 wrote:
| Just because another country has a law does not mean my phone
| should disregard what I told it to do.
|
| This absolutely is a user setting.
|
| How far we've fallen from sharing the DeCSS flag, to arguing
| that users shouldn't have control over their devices, and
| governments and carriers should.
| throwaway0x7E6 wrote:
| my brother in Christ, where do you think you are?
| tristor wrote:
| People keep failing to understand that if you can't make your
| device do something that is illegal, it's not /your/ device.
| It's that simple. Politically crafted laws are not physical
| laws of the universe, they not only can be violated, they
| often /should/ be violated. Laws are not a moral imperative.
| This particular law (emergency alerts) might not be an issue,
| but the fact that your device will follow the government's
| mandate over the user's choice is all we really need to know
| about that device.
| 95014_refugee wrote:
| > all we really need to know about that device.
|
| Namely, that it's created by a party / parties also subject
| to (and abiding by) these laws?
|
| I'm not sure what you plan to do with this information;
| certainly a law-abiding supplier is more likely to remain
| in business, so perhaps it's indicative of a better chance
| of receiving long-term support for the device...
| mschuster91 wrote:
| It's not the default of the device though.
|
| We need to get rid of those in power who decide on things
| they have no fucking clue about it. The easiest way to do
| that is to not just go vote, but educate everyone else
| about who is running and why they are/are not a good
| choice. The harder way is also (at least for the US folks)
| showing up and engaging at primary votes and holding the
| primary candidates accountable, which takes a lot more
| effort but has the advantage that your vote is amplified in
| its effects.
| iforgotpassword wrote:
| Just root the device, then you can disable it. And don't
| give me any of this "it should be possible to do this
| without rooting the phone"
|
| Smartphones are already locked down in a million other ways
| compared to eg a desktop Linux install. Why is this
| different?
| josephcsible wrote:
| > Smartphones are already locked down in a million other
| ways compared to eg a desktop Linux install. Why is this
| different?
|
| It's not, but it's bad that smartphones are locked down
| like that, so we should be pushing back on it at every
| opportunity.
| iforgotpassword wrote:
| I'm with you there and in general, it just feels like a
| rather minor point even just compared to the excessive
| tracking Apple and Google do. I'm just thinking of the
| recent news where it was discovered iphones still send
| tracking data home even if disabled in the settings.
| That's way more concerning to me at least.
| msingh_5 wrote:
| You enter a new country, in case Germany, you're
| automatically opted in to the emergency broadcast
| notifications, as any other local laws.
|
| The EU legislation allows "opt out" from level 2/level 3
| notifications, but is based on the notion that messages are
| received "without the need for the public to have to opt-in".
|
| So for compliance sake, you're opted in. Maybe this should
| only happen the first time you enter EU or a member state,
| and then either your phone or cell service provider should
| remember your preference (which is probably not worth the
| resources to implement for the cell service provider, but
| maybe your phone already does?).
|
| I'd be interested to see if this already exists, i.e. do you
| only need to opt out in Germany once? Does that opt-out at EU
| level?
|
| When your wife disabled notifications, she merely opted out
| of notifications in whatever jurisdiction she was in
| (presumably US?), but opting out of something in US doesn't
| mean you opted out of every other similar law from every
| other nation state.
| brainchild-adam wrote:
| She actually opted out already being in Germany, and once
| she noticed the reverted settings, she turned them off
| again. Only to find they get turned back on by the carrier,
| enforcing a specific set of settings against her will.
| Which is when she told me about it. In this case it's more
| about the principle. At least for now.
| isodev wrote:
| The local (EU) law about emergency broadcast is clear in that
| it applies to both residents and visitors, and alerts are to
| be delivered without the need for "opt-in". In other words,
| if you're in range of local services, you must receive the
| alerts (which, you know, is handy in case of an actual
| emergency).
| bjt2n3904 wrote:
| Gotcha. I'll just draft a law saying all devices must
| automatically unencrypt themselves when they enter my
| country's borders.
|
| Hey, it's the law! You must comply, and for your
| convenience, your phone will do that automatically for you!
|
| Good grief.
| warkdarrior wrote:
| If you do not like the regulation, fight to change it. Do
| not expect your devices to do the fighting for you.
| kelnos wrote:
| A better response to these laws would be that the device
| should just stop working if the settings I have selected
| conflict with local law. The cell towers are free to
| refuse to allow my phone to connect. They should send
| some sort of message to me to tell me what I'd need to do
| in order to comply with local law and be allowed on the
| network.
|
| But of course, that wouldn't be convenient, and a lot of
| people would be confused, and that would generate costly
| support calls, so they'd rather just violate the sanctity
| of the things we apparently don't really own and put
| intrusive hooks into "our" hardware and software.
|
| In the case of this particular requirement -- that
| wireless alerts be enabled -- I would almost certainly
| just enable them and go about my day. But reaching into
| my device and changing things without my consent crosses
| a line.
| MichaelZuo wrote:
| You can do that now with nearly all of the big carriers
| around the world.
|
| You just need to sign a service level agreement along
| with paying for them to develop that feature and deploy
| it on your phone.
| TreeRingCounter wrote:
| My devices should absolutely work on _my_ behalf, and
| only my behalf, i.e. "do the fighting for me".
| oarsinsync wrote:
| Given that the fight is between megacorps, megastates and
| ~mega~individuals, it feels like a slightly uneven fight.
|
| The people who have the power to make the phones vs the
| people who have the power to make laws and prevent the
| makers from selling, vs a few individuals who actually
| care and a large majority who do not have the time to
| care.
|
| I'd love to vote with my wallet, but I live in a country
| that 90%+ votes against me, so my vote is meaningless.
| Wowfunhappy wrote:
| If you are in fact the monarch of a sovereign nation, you
| can indeed give companies a choice: "either design your
| products to automatically decrypt themselves when they
| enter my territory, or don't do business in my country."
|
| Companies will then be forced to make a decision based on
| the market size of your country. Or they will break the
| law, and you will have to deal with enforcement.
|
| Most companies would like to do business in the EU.
| mschuster91 wrote:
| > Companies will then, of course, be forced to make a
| decision based on the market size of your country.
|
| And as we've seen time and time again, China can get away
| with a lot of bullshit with demands anywhere from tech to
| culture (e.g. MCU films that ended up censored). At least
| now, Apple has woken up and begun moving off production
| to Vietnam, and Marvel has decided to ignore Chinese
| demands after all.
| TreeRingCounter wrote:
| My device should serve me, not the EU. If I choose to
| violate EU emergency alert laws, that's on me.
| iforgotpassword wrote:
| Then you probably don't have one of those fancy new
| things called smartphones, as they are all very locked
| down and don't allow you to access or modify a lot of
| system settings, limit access to files apps create, don't
| allow to move some apps to the SD card, some of them even
| disallow you from installing apps from anywhere but their
| own app store. _Certainly_ you don 't have one of those
| devices that treat the user in a completely patronizong
| way.
|
| Of course, you can liberate yourself quite a bit from the
| draconian rule of the manufacturer by rooting the device,
| but then you're also able to disable cell broadcasts
| permanently...
| TreeRingCounter wrote:
| Notice that I used the word "should", not "does". And, in
| fact, I am deeply concerned about the war on general
| purpose computing.
| [deleted]
| isodev wrote:
| For other use cases, I'd probably agree with you. But you
| being startled and confused during an emergency because
| you didn't see the instructions on time can be very
| dangerous for everyone around you. It's not just on you.
| t0bia_s wrote:
| If there is emergency, I'm sure you'll find out very soon
| that something is happening. We are usually not living in
| lone solitudies.
| TreeRingCounter wrote:
| The marginal upside to everyone else is not even close to
| worth the marginal downside to me. It's my choice to
| make. If a government wants to force messages on me so
| badly, they can set up something like an air raid siren
| (and they typically do, for actual emergencies).
| brainchild-adam wrote:
| For people suffering from certain mental health issues,
| the alert itself can cause significant problems for them
| and others.
|
| If you suffer from panic attacks, for example, and these
| alerts trigger them, they do not help you, no matter how
| well intended.
|
| If you suffer from (C)PTSD, and these alerts trigger
| flooding, they actually make everything worse.
|
| If this were to happen while you are driving, you might
| even cause an accident.
|
| The world is sadly too complex for simple solutions that
| assume something to be always good or helpful.
|
| Which is why I believe it's important for the user to
| eventually control his device.
| SketchySeaBeast wrote:
| I guess if we're at a point where the law says the phone must
| have a function and the user doesn't want that function to
| operate, the only real option is that the phone just not
| function in that region?
| kelnos wrote:
| If it's not a user setting, then it shouldn't be listed with
| all the other user settings, and labeled as something the user
| has control over. At the very least, any setting that can be
| overridden by the carrier should have a note or warning next to
| it, stating that.
|
| The fact that it's so unclear leads me to wonder what _other_
| settings -- perhaps some related to my security or privacy --
| the carrier can modify without my knowledge.
| Dma54rhs wrote:
| Hide number setting is something telcos can change remotely,
| at least its common.
| [deleted]
| N_A_T_E wrote:
| IMHO, carrier settings are a small portion and not super
| impactful part of the phone configuration you see in the settings
| list. This is actually a somewhat cool feature. Imagine going to
| another country, jumping on another network and your phone
| automatically knows what cell bands and towers to connect to.
|
| Carriers can't change regular settings like language, lock screen
| code or background. Just what cell towers you connect to and a
| short list of telephony related features. Please correct me if
| I'm wrong.
| melony wrote:
| How much of the baseband driver do they have access to on your
| device?
| kelnos wrote:
| > _Imagine going to another country, jumping on another network
| and your phone automatically knows what cell bands and towers
| to connect to._
|
| They already do that. Or, rather they don't need to "know"
| anything; a phone with no signal will scan through all the
| bands it has a radio for, and will find a network to connect
| to. If a network rejects the connection, it'll move on to
| another.
|
| This is also something that traditionally has been
| configurable: you can tell your phone _not_ to do this, if you
| want, and it will obey your command. But allowing the carrier
| to change settings on the phone after a connection is
| established is pretty intrusive, IMO.
| brainchild-adam wrote:
| The part you mention I was aware of and am actually thankful
| for. This, at least to me, goes much further. Hence the shock.
| Updated my post w/more details so it makes more sense
| (hopefully).
| unilynx wrote:
| I don't know if this happens in The Netherlands, but if they
| forced your phone to receive NL Alerts it would seem very
| reasonable to me. Only the government issues those.
|
| I've understood cell broadcasts are also used for
| advertisements/otherwise spammy stuff in eg. the US? Then I
| could understand you considering cell broadcast being turned
| on being unreasonable
| pfoof wrote:
| > Only the government issues those.
|
| Just wait when your neighbor repeats the packet at night,
| locally and undetected
|
| https://en.m.wikipedia.org/wiki/Wireless_Emergency_Alerts#S
| e...
| michaelt wrote:
| The fact the government issues the alerts doesn't mean the
| government won't get pressured into sending spammy
| messages.
|
| For example, what politician could turn down the grieving
| parents of a kidnapped child, when they call for using the
| emergency alert system for missing children?
|
| But if I work from home, and there aren't any kidnapped
| children in my home, then waking me up at 5am with a
| missing child alert just inconveniences for no benefit to
| anyone.
| orhmeh09 wrote:
| You can turn it off. Shouldn't be too inconvenient if
| it's important to you.
| anigbrowl wrote:
| This entire thread is about the fact that in some case
| the carrier can override your decision and turn it back
| on.
| isodev wrote:
| Amber alerts are a well-defined category of messages you
| can receive. The regulation about what constitutes a
| legitimate case for an emergency broadcast are very
| strict and subject to public review, so pretty hard to
| misuse for unrelated purposes.
| xnyanta wrote:
| Yet, no one is forcing governments to use the system as-
| designed. In Quebec, on my phone, I can disable quite a
| few types of cell broadcast alerts like AMBER alerts,
| Test alerts, etc. The only hidden setting is the one for
| presidential alerts.
|
| Well guess what? The Quebec government sends every type
| of alert, even the regular test ones, with the
| presidential alert severity which makes all of these
| settings useless and does nothing but irritate the
| population with spammy messages. Recently, they sent out
| an AMBER alert that was supposed to be localized in some
| area and, instead, sent it everywhere in Quebec except
| for the affected area. This is exactly why people have
| the right to remain skeptical about alert systems like
| this one.
| VLM wrote:
| > inconveniences for no benefit to anyone.
|
| Everyone will be forced to see how much they care which
| proves how good they are, like it or not!
|
| Stranger than waking people up from sleep for a custody
| disagreement, is when they'd broadcast those on TV... The
| purpose of those is not to find the kid, but to send a
| message to TV viewers, none of whom would be of any
| assistance in finding the kid.
|
| You see this display of "care" with storm sirens being
| set off after the storm already passed the area.
| happyopossum wrote:
| > I've understood cell broadcasts are also used for
| advertisements/otherwise spammy stuff in eg. the US?
|
| Err, no - emergency alerts aren't used for advertising
| here.
| jjgreen wrote:
| (1) No, but not surprised, (2) don't have a phone, (3) I don't
| like it, that's why I don't have a phone.
| brainchild-adam wrote:
| How do you manage w/o a phone?
|
| Some of our bank accounts require using an Android (or iPhone)
| app, for example. Messengers like Signal don't work w/o a
| smartphone. COVID-related apps for traveling. I could continue.
|
| Genuinely curious.
| aliqot wrote:
| I don't use or carry a phone. The long and short of it boils
| down to things working just the way they do with a phone,
| just more human involvement, like requesting a paper menu, or
| handing someone money directly. You make plans to be at a
| place at a time, then you just show up.
| mdp2021 wrote:
| > _bank_
|
| Choosing your bank according to the provision of acceptable
| services.
|
| > _messengers_
|
| You just need an OS somewhere (not necessarily a smartphone)
|
| > _travelling_
|
| Cannot really help: if some administration requested a
| smartphone, I would either try to avoid it or buy some
| provisional, temporary thing.
| jjgreen wrote:
| Note really an issue, I've never had one. Banking is mostly
| on paper, sometimes I phone them up. Not bothered with
| messengers, travelling in the EU, there was always a paper-
| form alternative for that. The main upside is the looks of
| disbelief (and occasional panic) when you respond "don't have
| one" to a demand for mobile number :-)
| mFixman wrote:
| Back in the day my phone carrier in Argentina would send me
| ultra-high-priority alerts with ads several times a day.
|
| A lot of people in this thread are understandably okay with good
| carriers doing this for good reasons, but it's very easy to abuse
| if there aren't strong enough communication laws. From the amount
| of spam I got when I lived there, I'm surprised this is not
| happening in America.
| matheusmoreira wrote:
| Wow, that's obnoxious. I'm sorry you had to suffer that. I live
| in Brazil and I get _constant_ advertising and phisshing SMS
| messages, it got to the point I had to kill SMS notifications
| and forget it even exists. I still get robots trying to call me
| at random times during the day, there seems to be no way to
| turn off telephony but it 's less disruptive. If my phone had
| unblockable advertising disguised as high priority disaster
| alerts I think I'd throw it off a bridge.
| burritas wrote:
| A little tangential, but carriers and hackers can execute
| arbitrary code on your device through OTA updates with the
| baseband modem. It's even been done on 5G.
|
| Which also reminds me how the NSA has intentionally crippled
| standards in the past so they could eavesdrop or inject code
| without having to go through the carrier. This means Johnny
| Scriptsalot can do it too.
| Fradow wrote:
| (1) Yeah, though I definitely forgot. In my country, it used to
| be really hard to find a plan with mobile hotspot, which used to
| be a xEUR/month (don't remember the number) option that would
| just hide the setting. That was a very long time ago since I saw
| on but I think some plans still have those restrictions and use
| that method to enforce it.
|
| (2) Changing to a device that doesn't have that feature. Which
| probably means no Android and no iOS. I would not be willing to
| do so, I'd change carrier instead if it was problematic enough to
| me.
|
| (3) I don't mind when it's to set settings for a good reason. I
| assume some settings are configured that way for the phone to
| properly work on the carrier network. On the other hand, I hate
| it when it's to enforce a stupid thing or extract more money from
| a built-in feature.
| ddtaylor wrote:
| Carriers can actually send arbitrary AT commands which are more
| or less arbitrary modem commands. Depending on how deep you think
| the integration between the broadband controller and the CPU are
| they could potentially also do much more. I wouldn't trust much
| on any phone.
| tehCorner wrote:
| I used to work for a carrier and yes, there are some settings
| that can be changed. If your phone is locked to a carrier it can
| even hot-replace applications without you noticing (useful for
| embedded carrier applications that donwload a full APK when you
| open the one installed in the device by default)
|
| I believe these varies by country, since this was done for a
| limited set of countries my Company sas operating on
| amazon_illegal wrote:
| sumtechguy wrote:
| If you can do it, or your phone is able to do it. Then it can
| be done remotely by the carrier and sometimes the ODM. Usually
| initiated by SMS that you will never see.
| kornhole wrote:
| If you are using the Android OS originally installed on the
| phone, you can deactivate many of these at the OS level (not
| baseband) using ADB. This does not require rooting. An easy way
| to find and deactivate these codes is to use the UAD (Universal
| Android Debloater) found on Github.
| brainchild-adam wrote:
| Thank you for pointing me in this direction. I will have a look
| at this.
| zulban wrote:
| Yes. I can confirm this worked on a non rooted phone in Canada.
| GUI settings were being ignored. I think the first alert I
| confirmed not getting was for a weather warning 500 km away.
| mehdix wrote:
| Not-surprisingly, my rooted Android 9 phone didn't receive any
| alert, while my non-root device did.
| MiddleEndian wrote:
| Doesn't surprise me, Android lets carriers and manufacturers
| install all sorts of garbage you can't remove. It's a pretty
| terrible operating system. I just disable amber alerts when I get
| a new phone, never gotten any other type of alert in the US,
| haven't ever gotten an alert in another country. I also hear that
| Canada sends out amber alerts with an unblockable "presidential"
| priority, so if I were ever to move to Canada, I would figure out
| how to disable that type of alert as well.
| doubled112 wrote:
| Tornado? Nuclear strike? Missing child? It's all the same level
| of danger, right?
| pfoof wrote:
| Related, specification from 2019.
|
| https://www.etsi.org/deliver/etsi_ts/102900_102999/102900/01...
|
| Check Security Considerstions in 5.5.
| brainchild-adam wrote:
| Thank you.
| lotux wrote:
| I think carriers can inject apps via sim card too
| https://www.reddit.com/r/GalaxyNote8/comments/71of1t/carrier...
| remram wrote:
| Leaving the evil carrier issue aside, how much security is there?
| I know GSM security is not very good, as older protocols are kept
| around for decades.
|
| Is there strong crypto preventing anyone who's not a carrier or
| government from changing settings on device?
| ppcdeveloper wrote:
| Absolutely they can. Carriers have access to the system partition
| aka We do what we want (hopefully they do what makes sense). This
| is how bloatware is installed (the things you can't get ride of).
| counttheforks wrote:
| Your thinking is tainted by the american model where you buy
| carrier locked phones. But no, that is not usually how it
| works. The system partition can be modified by the party who
| issues system updates. Normally this would be the company
| making the phone, such as Samsung. But in the US, some carriers
| sell modified phones locked to their network, and in that case
| the carrier is also the one shipping updates.
| ppcdeveloper wrote:
| Worked at Sprint back in the day and we (I) had to do this.
| Special certificates to produce a special OS build with the
| right privileges (carrier specific). The carriers and
| builders (Samsung etc) work together to get this in place.
| That on top of zero rating data being sent out for tracking
| allow the carrier (or builder) to do what they want.
| fgeiger wrote:
| Are you sure this is the case? All the carrier app loading
| implementations that I am aware of (this is a small number)
| explicitly whitelist some carriers or even some apps by certain
| carriers. For instance, the implementation I worked on myself
| (as a reviewer) only granted a single carrier to load one of
| their apps when the SIM card was inserted.
|
| With that implementation, it would not be possible for any
| random carrier in a foreign country to load random bloat onto
| my phone just by me crossing the border to that country.
| petodo wrote:
| Yes, I am aware carrier can control carrier/network settings
| since those are loaded from network anyway, you can try to
| override them, but obviously if it's something like Cell
| Broadcast, call forwarding/barring or caller ID and others,
| carrier can decide to use different settingh from yours.
|
| I feel like you are confusing local Android settings with carrier
| settings loaded from network. For instance carrier is not going
| to change setting of your default keyboard or ringtone without
| (carrier customized) system update.
| brainchild-adam wrote:
| Thank you. I should have been more explicit.
|
| The settings I am referring to are under "Apps &
| notifications"/"Wireless emergency alerts". They are about
| controlling whether to and which alerts one wants to receive on
| their phone.
|
| This not only seems very user-facing to me, it's also something
| I definitely would want to have control over.
|
| It's an unlocked Android One device. The carrier seems to be
| able to remotely change these settings (see the referenced
| Reddit post as well), which I would never expect. It seems to
| be because of the SIM the phone uses and the network it
| connects to. No user-controlled software change like updates.
|
| Does my surprise make more sense now?
| petodo wrote:
| It doesn't really matter under what setting it's placed in
| the OS, but "emergency alerts" or CB is clearly network
| setting/service, so it's not surprising carrier can control
| status of this setting/service and override what you set in
| the phone.
| theCrowing wrote:
| It's a carrier side setting...lol.
| exabrial wrote:
| If you don't have root access to your phone (or baseband), you
| have no control over it. That's Google and Apple's plan. In
| Apple's own words "It's their platform"
| Kiboneu wrote:
| Absolutely, they can change this setting, in lots of different
| ways. Originally emergency services were set up by fields offered
| by the SIM. Occasionally these settings change, so an update
| mechanism had to be established. - Android comes
| with a list of carriers and their required configurations; when
| the MNC and MMC provided by the SIM match a carrier on that list,
| Android uses the configuration from that list. This list updates
| with Android updates, and so SIM don't have to be reprogrammed.
| - Modern SIMs just Java cards with a SIM app (especially if they
| offer IMS). The Java cards also have a secure storage element to
| hold subscriber keys and mitigate tampering to change these keys.
| They also contain signing public keys which is queried by Android
| whenever /Carrier Privileges/ are requested. That way, an app
| signed by a carrier can very against the carrier's SIM in order
| to get access to this configuration. - There are
| remote configuration protocols, so Android will have a bare
| configuration for carriers just to fetch the latest configuration
| from them (to then use it).
|
| This has been happening for quite a while. If you use(d) a
| carrier app for voicemail or setting up the service for the first
| time, you've used this. Except nowadays it seems Android actually
| /informs/ you about it.
|
| https://source.android.com/docs/core/connect/uicc
|
| https://source.android.com/docs/core/connect/carrier
|
| One could probably write a rooted Android ROM that filters /
| requests user permission / logs changes to carrier settings, and
| there's utility in that since it may be a vector for espionage /
| traffic redirection (provided stolen keys or an exploit of the
| SIM's certificate storage machinery). SIM cards are usually
| directly connected to the CPU, not to the baseband.
| matheusmoreira wrote:
| What about the Android derivatives like LineageOS? Can't they
| just patch these stupid "features" out?
| brainchild-adam wrote:
| Thank you for the detailed pointers.
| nanidin wrote:
| See the Verizon OMA-DM spec[0] for one of those remote
| configuration protocols. It's mostly used for configuring APN's
| and other carrier specific settings to get the phone working on
| the network.
|
| [0]
| https://opendevelopment.verizonwireless.com/content/dam/open...
| izacus wrote:
| Yes, Cell Broadcasts are controllable by carriers and that's even
| mandated in some countries (e.g in USA the carrier can send out a
| broadcast that will ignore all "silent phone" settings and scream
| loudly no matter what you've set and where). This will happen on
| all phones allowed to be used in those regions - whether Apple,
| Google, Samsung, Nokia or even Huawei.
|
| You can attempt to disable it, but you need to be aware that in
| many places it's outright illegal for phone manufacturer and
| carrier to allow that.
| happyopossum wrote:
| > e.g in USA the carrier can send out a broadcast that will
| ignore all "silent phone" settings and scream loudly no matter
| what you've set and where
|
| My iOS settings and experience differ from this rather greatly
| - can you cite any such laws or regulations?
|
| I have clear settings on my up to date ios device in the US, on
| a large American carrier that allow me to a)ignore emergency
| alerts, b) get them but silently if my phone is in silent mode,
| or c) allow them through at full blast.
| izacus wrote:
| There are types of broadcasts even in US (IIRC Presidental
| broadcasts, but don't quote me on that) that will ignore your
| settings.
|
| See https://support.apple.com/en-us/HT202743 - note the
| little "3" note where it says that some broadcasts in some
| regions can't be disabled?
| TEP_Kim_Il_Sung wrote:
| iPhone too, not just Android. At least in Germany, and Israel.
| f1shy wrote:
| No required. In iOS can be disabled. Also in Germany.
| Tomte wrote:
| No, the highest level cannot be disabled.
___________________________________________________________________
(page generated 2022-12-12 23:01 UTC)