Analysis of the FBI’s Anom Phone
Motherboard got its hands on one of those Anom phones that were really FBI honeypots.
The details are interesting.
Comments
wiredog • July 13, 2021 7:02 AM
“The calculator theoretically opens chat but it doesn’t work anymore. They said it requires entering a specific calculation,”
Huh. About 15 years ago I worked on a Windows PocketPC app that had a hidden communications app (in a hidden partition) that was opened exactly that way. It used steganography to hide the (lightly, not much processor power on phones then) encrypted message and could only do small text messages because the images weren’t very large.
The calculation was configurable so that each device could use a different one. Very slick, and I thought it was completely OTBE’d. Interesting to see the idea reused here.
Clive Robinson • July 13, 2021 11:12 AM
Currently the details are only “surface deep”…
I wonder how long before somebody seriously starts to reverse engineer one and either uses it as the basis for the next “secure phone” or just publishes the data for all to see and use.
As noted in the article these apps had to be real to use, it was only that extra little encryption that went back to the FBI that made them any different…
vas pup • July 13, 2021 5:37 PM
@Clive said
“I wonder how long before somebody seriously starts to reverse engineer one and either uses it as the basis for the next “secure phone” or just publishes the data for all to see and use.”
Let’s imagine somebody create really “secure phone” – I guess such phones already made by government and used by ICs.
Otherwise, if feds found such phone in your possession (not made with their awareness), they will assume it was made either by potential terrorist/radical group or foreign government (you know usual suspects). Then you would be guilty by accusation.
Try to tell them burden of proof is not on you, but on them…
echo • July 14, 2021 7:14 AM
I’m not a high rolling criminal nor one of those tart careerist types so have no use for a “duck and roll” secure phone.
ADFGVX • July 14, 2021 11:10 AM
@ echo • July 14, 2021 7:14 AM
I’m not a high rolling criminal nor one of those tart careerist types so have no use for a “duck and roll” secure phone
In other words you’re poor. A dollar or two to your name, you’ve got a cell phone, and your I.D. isn’t stolen, thieves haven’t drained all your bank accounts, and they’re not going to put you in prison? Because guess what, when they steal your I.D. from your phone it’s theirs and you’re the one going to prison.
ADFGVX • July 18, 2021 7:36 PM
Private Israeli
spyware used to
hack cellphones
of journalists,
activists worldwide
NSO Group’s Pegasus spyware, licensed
to governments around the globe,
can infect phones without a click
https://www.washingtonpost.com/investigations/interactive/2021/nso-spyware-pegasus-cellphones/
Subscribe to comments on this entry
Leave a comment
Sidebar photo of Bruce Schneier by Joe MacInnis.
SpaceLifeForm • July 12, 2021 6:38 PM
Silicon Turtles
BootLoader hacking.
hxtps://source.android.com/devices/bootloader/locking_unlocking
hxtps://www.nextpit.com/unlock-smartphone-without-pin
[If you can do it, the FBI can also]