>From - Sat Mar 02 00:57:26 2024
X-Received: by 10.182.243.166 with SMTP id wz6mr11992584obc.19.1384290874193;
Tue, 12 Nov 2013 13:14:34 -0800 (PST)
X-BeenThere: tscm-l2006_at_googlegroups.com
Received: by 10.49.6.228 with SMTP id e4ls328521qea.94.gmail; Tue, 12 Nov 2013
13:14:29 -0800 (PST)
X-Received: by 10.236.136.199 with SMTP id w47mr1034730yhi.56.1384290869085;
Tue, 12 Nov 2013 13:14:29 -0800 (PST)
Return-Path: <jm..._at_tscm.com>
Received: from smtpauth02.mfg.siteprotect.com (smtpauth02.mfg.siteprotect.com. [64.26.60.136])
by gmr-mx.google.com with ESMTP id e8si3191247igg.0.2013.11.12.13.14.28
for <tscm-..._at_googlegroups.com>;
Tue, 12 Nov 2013 13:14:28 -0800 (PST)
Received-SPF: neutral (google.com: 64.26.60.136 is neither permitted nor denied by best guess record for domain of jm..._at_tscm.com) client-ip=64.26.60.136;
Authentication-Results: gmr-mx.google.com;
spf=neutral (google.com: 64.26.60.136 is neither permitted nor denied by best guess record for domain of jm..._at_tscm.com) smtp.mail=jm..._at_tscm.com
Received: from Waiting-For-A-Blue-Bird-3.local (unknown [96.233.6.151])
(Authenticated sender: jm..._at_tscm.com)
by smtpauth02.mfg.siteprotect.com (Postfix) with ESMTPA id 7455B62DEEDD
for <tscm-..._at_googlegroups.com>; Tue, 12 Nov 2013 15:14:28 -0600 (CST)
Message-ID: <52829A33.8080904_at_tscm.com>
Date: Tue, 12 Nov 2013 16:14:27 -0500
From: "James M. Atkinson" <jm..._at_tscm.com>
Reply-To: jm..._at_tscm.com
Organization: Granite Island Group
User-Agent: Thunderbird 3.0a1pre (Macintosh/2008022015)
MIME-Version: 1.0
To: tscm-l2006_at_googlegroups.com
Subject: Re: [TSCM-L] {6523} tracking powered down cell phones
References: <528287B4.6090107_at_tscmusa.com>
In-Reply-To: <528287B4.6090107_at_tscmusa.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-CTCH-Spam: Unknown
X-CTCH-RefID: str=0001.0A020206.52829A34.0131,ss=1,re=0.100,fgs=0
The article in question, and the inquires it quotes are misleading.
For example Samsung is reported to have said "...without the power
source..." but most Samsung cell phones do not have the ability to
actually disconnect the power when you turn them off, to the statement
my President Kim is misleading.
Apple, (for example) does not actually disconnect the battery on a power
down, neither does RIM/Blackberry, or a half dozen other companies
phones that I personally have examined in a lab. The methodilogy that I
used as to open the phone to access the battery on a copper to copper
and to place a current shunt (low value resistor) between the battery
and the phone and then to use a high speed multi-channel analog to
digital recorder across this shunt to very carefully measure the current
flow over a period of many weeks. The use of a multi-channel A/D
convertor was important as I needed to also carefully document RF
activity out of the phone and to isolate the RF activity into multiple
bands specific to that model/version of phone (separating uplink and don
link channels as well as a few phones are capable to transmitting over
the receiving channel). Some phones also have internal FM band
modulators, Blutooth, WiFi, and other circuits, so the circuit and the
chips on the phone have to be explored with test equipment to find the
cute circuits and filters that were in place on many phones and PDA's.
I also attached a DSSO (high speed digital oscilloscope) across the
shunt to watch current draw to and from the battery, and to capture RF
that might be below thresholds that might otherwise not be noticed, when
the phone shoudl not be operational (like when "turned off").
I also figured out a way to covertly provoke the cell phone carriers to
access the phone when it was turned off, and in some cases to provoke
the cell phone carrier into causing the phone to give up a GPS position
when the main battery was actually removed from the phone. I also
figured out a way to provoke the carrier into updating software over the
air when the phone as actually "turned off" but the battery was still
connected or the battery charger as in use.
Bottom line: No modern cell phone is actually "turned off" and inside
the batteries in most phones is a section of memory, and most phones can
access this battery hidden memory, and in most cases it is large enough
in storage capacity to hold eavesdropping software. Also, do not trust a
cell phone until you bake it by placing it into a microwave oven and
"baked out the evil" for a good half hour of so with the oven on high
(or until the fire trucks shows up) and then to dump the charred remains
into the ocean, and maybe not even then.
-jma
Mitch Davis wrote:
> good read, we all need to stay on top of cell phones and capabilities.
> Just as lethal as a 20 yr old fisher price baby monitor, or AID wing
> bang:
> http://arstechnica.com/security/2013/11/samsung-nokia-say-they-dont-know-how-to-track-a-powered-down-phone/
>
>
--
James M. Atkinson. President and Sr. Engineer
Granite Island Group
http://www.tscm.com/
(978) 381-9111 jm..._at_tscm.com
http://www.linkedin.com/profile/view?id=15178662
https://www.facebook.com/james.m.atkinson1
Received on Sat Mar 02 2024 - 00:57:26 CST