Jump to content

Recommended Posts

Posted
22 hours ago, OneMoreFarang said:

If you want to be 100% sure remove the battery.

 

It's like that little red light on the camera. If the light is not on doesn't mean the camera is not on. ???? 

or may be could you use 2 phones ? : the one with the app stays at home and you go out with the other one ?

 

you can also use fake location apps

Posted
9 hours ago, mtls2005 said:

In Android, in addition to turning off Location services, one can spoof or mock the location.

Enable Developer Options (click on Build Number five times). This does not void any phone SW license agreement.

 

Install one of the many mock gps apps from the Play Store

 

Select mock location app from Developer Options.

 

 

 

 

I use a mock app but it doesn't work with all applications. Most do, but some detect I am using a fake location and dot not work as long as I unactivate the mock app, and some will bypass it by using my location determined by the wifi network I am using or by my cellular network

Posted
On 2/21/2021 at 1:00 PM, OneMoreFarang said:

If you want to be 100% sure remove the battery.

 

It's like that little red light on the camera. If the light is not on doesn't mean the camera is not on. ???? 

Try doing that on most Samsung models.

Posted
1 hour ago, ukrules said:

So what? If it does nothing with the data then it might as well not exist.

---->

1 hour ago, ukrules said:

I believe some phones will store up data and send it in the next time you do connect so there's always that.

exactly what I'm trying to tell.

The modem could record everything in read-only "airplane" mode until you "allow" it to connect back to the network, and then it will upload to its masters all of the saved information.

Posted
17 hours ago, Dazinoz said:

Before GPS added to "smart phones" you could be tracked on your old phone. And accurately too.

 

How do I know this? I used to work with a girl who's brother worked for my country's spy agency. He lived about 2000km from her in a capital city. She told me 2 stories about tracking. One time she decided to pay him a visit but did not tell him. When she arrived at the airport in his city she received a phone call from him asking her why she had not told him she was coming and wait at airport for him to pick her up. He knew exactly where she was and was alerted to this.

 

The second story was she was in the main city area of his city shopping. He was to pick her up when she was ready and from where she ended up. She was down a side road off the main drag when he stopped next to her in his car and asked was she ready. She asked him how he knew where she was and his answer was something like lucky I guess. She didn't detail any more stories but did say more situations like this had happened. She fully expected the agency he worked for had more sophisticated equipment than the average person knew about (obvious) and when she broached the matter he would just change subject.

 

Some will say they can triangulate phone cell signals and they can but not to the accuracy of what he can do especially back then.

The last time I read the U.S. regulations required for location of cell phones by cell companies, under the E911 requirements, there was a requirement that the cell phone be located within a 125 foot radius with a minimum of 3 cell towers ( accuracy of location improves when more cell towers can receive the cell phone signal.) Which is actually a pretty large radius for geolocation of a radio signal.  This is done with the Time Difference on Arrival method (TDOA).

The last time I worked with locating a cell phone, when I worked for the U.S. government, using a mobile direction finding vehicle, if I could see (with the DF) your cell phone signal, up to 1/2 mile from the cell phone, and I could find your cell phone or follow your cell phone if it was mobile.  That was back in 2008 or so.  

As to the guy knowing where his girlfriend was.  That sounds like violations of U.S. laws, but perhaps not where the metric system is used for measurements.  But I really don't know what was going on.  Maybe he installed tracking software on her cell phone and was alerted to her whereabouts. 

 

Posted

Unless you actually need to use the cell phone, but want to disconnect it from any radio communications, try this. 

A Faraday cage is a covering or mesh-like structure made of a conducting material that shields anything placed inside it from the effect of electric fields. They cannot annul static or slowly varying magnetic fields. However, if the conductor is significantly thick, then they can protect their interiors from external electromagnetic radiation to a large extent. In case the cage is a mesh, the diameter of the holes should be much smaller than the wavelength of the radiation to display the said property. 

https://duckduckgo.com/?q=faraday+cage+for+your+cell+phone&t=h_&iax=images&ia=images

 

  • Like 1
Posted
5 hours ago, radiochaser said:

That sounds like violations of U.S. laws,

The US is not the only country in the world.

  • Haha 1
Posted
6 hours ago, radiochaser said:

The last time I read the U.S. regulations required for location of cell phones by cell companies, under the E911 requirements, there was a requirement that the cell phone be located within a 125 foot radius with a minimum of 3 cell towers ( accuracy of location improves when more cell towers can receive the cell phone signal.) Which is actually a pretty large radius for geolocation of a radio signal.  This is done with the Time Difference on Arrival method (TDOA).

 

 

This is all fine and dandy but we're talking about GPS, and specifically the Thai COVID-tracking apps. And Thailand. By denying the app use of Location services it will not report your location. Can this be hacked, spoofed, etc? I guess, if you load some sort of spyware, or somene gets access to your phone. But that's way outside the scope of the OP.

 

I'll stipulate that with enough money, equipment, man-power, time, access and legal authority a government can find someone using a mobile phone. In that case, discard thephone or give it to someone else.

 

ISOC does use Stingrays, but that's more to keep track of political opponents. Mostly they just use brute-force man-power, with people following those being surveilled.

 

 

 

Posted
17 hours ago, fdsa said:

Fun facts:

- every single computer runs at least 5 (FIVE) operating systems simultaneously, while users have [limited] control only after 1 (one) of them, commonly known as "Windows" or "Mac OS" or whatever.

- every single smartphone runs at least 3 operating systems simultaneously, while users have [very limited] control only after one of them, commonly known as "Android" or "iOS" or whatever.

 

I forgot to emphasize the important thing:

- all these operating systems have full access to user's data (passwords, emails, Bitcoin and PGP private keys, browsing history, you name it). They could read the files in real time (as user decrypts his PGP-encrypted mail or opens his Bitcoin wallet or opens that website with special videos) and transmit these files over the network to operating systems' masters.

- User could not prevent that access and could not even detect that access because user's operating system has the least privilege level of all abovementioned operating systems. So antiviruses and firewalls are useless for protecting user's data.

 

 

Posted
On 2/22/2021 at 7:38 PM, Dazinoz said:

The US is not the only country in the world.

Yep. I lived in three different countries by the time I was 11 years old.  One in Europe.
Not quite as traveled as some, but have lived and worked in several. 
 

  • Like 1
Posted

very old school stuff:

 

The StingRay is an IMSI-catcher, a cellular phone surveillance device, manufactured by Harris Corporation.[2] Initially developed for the military and intelligence community, the StingRay and similar Harris devices are in widespread use by local and state law enforcement agencies across Canada,[3] the United States,[4][5] and in the United Kingdom.[6][7] Stingray has also become a generic name to describe these kinds of devices.[8]

 

https://en.wikipedia.org/wiki/Stingray_phone_tracker

 

back in the 80's and 90's I would routinely monitor analog voice cellphone conversations as they were handed off from cell to cell. (not with Stingray) 

 

today it is a total no brainer for anyone with some tech expertise to decode the cellphone control track channel that has the unique ID's of everyone logged on that cellphone tower. 

 

the entire concept of a cellphone is to track you as you move so the network knows where you are to route incoming calls and data and the hand you off to the next tower.  

 

when I turn on my USA cellphone in Hua Hin my provider T-Mobile back in the USA knows where I am because of the location of the cell tower that my phone is locked to.  

 

if your Thai SIM card is registered in your real name and you become the target of a criminal investigation in Thailand the police can find your location instantly within the range of one cell tower.  the same for S&R operations.   

 

there is so much to this. the bottom line is if you don't want to be "tracked" don't carry a cellphone. 

 

 

 

 

 

Posted
On 2/23/2021 at 9:44 AM, fdsa said:

- User could not prevent that access and could not even detect that access because user's operating system has the least privilege level of all abovementioned operating systems. So antiviruses and firewalls are useless for protecting user's data.

so are you saying that even using something like wireshark or similar you could not see what data was being passed through your router and further that you could not stop that?

 

Out of interest please name these other OS's that nobody else seems aware of?

  • Thanks 1
Posted
1 hour ago, topt said:

so are you saying that even using something like wireshark or similar you could not see what data was being passed through your router and further that you could not stop that?

 

Yes, you could not intercept the traffic on the computer itself, instead have to install wireshark (or more likely tcpdump) on the router itself.

 

1 hour ago, topt said:

Out of interest please name these other OS's

 

Minix - runs inside the CPU;

Threadx, sometimes Linux - runs inside the South bridge or dedicated BMC chip;

HDD/SSD controller OS running on its ARM CPU - information not easily obtainable for the general public

LAN/WAN controller OS running on its ARM CPU - information not easily obtainable for the general public

 

and UEFI - while not being a real OS it could silently connect to the internet and download & run applications before the "main" OS boot up.

 

 

1 hour ago, topt said:

nobody else seems aware of?

 

if somebody doesn't know about something it doesn't mean that "something" does not exist.

  • Haha 1
Posted

A bit of information about privilege levels of the typical personal computer:

 

[privileges, from max to min]  |  [example chips]  |  [example privileges]

 

Full hardware access  |  BMC or South bridge  |  can intercept network traffic, extract passwords from RAM, read files from disk, you name it, plus control the power - could boot up / shutdown the system;

Limited full hardware access  |  CPU  |  full hardware access similar to BMC/Southbridge but could not power on/off the system on its own;

Hypervizor access  |  UEFI flash  |  could run a compact hypervizor app to intercept all the "main OS" data while being totally invisible to that OS by allowing it a transparent access to the peripheral devices;

Direct Memory access  |  most PCI devices, such as GPU, LAN card, Wi-Fi, 3G modem | could read any part of the RAM;

Full Software access  |  "main OS" administrator level, such as "SYSTEM" in Windows and "root" in Unix-like | could read most parts of the RAM, excluding few very first megabytes and other parts chosen by the CPU;

Limited Software access  |  user applications

 

wireshark or some firewall running on the "Full Software access" level could not intercept actions of the Wi-Fi card constantly scanning RAM for passwords and email contents and sending them to its Chinese masters, as network cards run on a higher privilege level than the "main OS".

 

  • Confused 1
Posted
On 2/22/2021 at 10:23 AM, CharlieH said:

Honestly, I couldnt careless, I am sure that whoever can be bothered watching me has much more important and more deserved candidates than watching me go to Makro or eating noodles in local cafe ! Fill your boots mate ????????

Depends if your eating it with your gik then im sure your wife / gf would be interested ????

 

I knew a guy whos GF secretly installed an tracing app on h is phone. She caught him with a girl. The guy was not IT smart. 

  • Like 1
Posted
On 2/22/2021 at 2:12 PM, Dazinoz said:

Before GPS added to "smart phones" you could be tracked on your old phone. And accurately too.

 

How do I know this? I used to work with a girl who's brother worked for my country's spy agency. He lived about 2000km from her in a capital city. She told me 2 stories about tracking. One time she decided to pay him a visit but did not tell him. When she arrived at the airport in his city she received a phone call from him asking her why she had not told him she was coming and wait at airport for him to pick her up. He knew exactly where she was and was alerted to this.

 

The second story was she was in the main city area of his city shopping. He was to pick her up when she was ready and from where she ended up. She was down a side road off the main drag when he stopped next to her in his car and asked was she ready. She asked him how he knew where she was and his answer was something like lucky I guess. She didn't detail any more stories but did say more situations like this had happened. She fully expected the agency he worked for had more sophisticated equipment than the average person knew about (obvious) and when she broached the matter he would just change subject.

 

Some will say they can triangulate phone cell signals and they can but not to the accuracy of what he can do especially back then.

Indeed. I solved the problem by not carrying my phone with me when I went out at night. I only started carrying my phone when I was engaged/ married.

Mostly I never had a phone anyway. I only have one now in case I break down while driving in the countryside.

As for now, the data they get will be very boring and if I ever didn't want to be tracked I'd leave the phone at home.

Posted
On 2/21/2021 at 8:00 PM, OneMoreFarang said:

If you want to be 100% sure remove the battery.

I am not sure if that would even be sufficient.  I read one time that the phone can rebuild after it is powered up again much like a laptop there is still residual power in the phone that keeps tracking.  One way or another, many of the modern phones don't have batteries than can be removed. 

 

  • Haha 1
Posted
1 hour ago, Thomas J said:

I am not sure if that would even be sufficient.  I read one time that the phone can rebuild after it is powered up again much like a laptop there is still residual power in the phone that keeps tracking.  One way or another, many of the modern phones don't have batteries than can be removed. 

If there is a second battery in the phones then it is very likely tiny. These batteries are good enough to keep information like the time but they don't have the capacity to use GPS and transmit data. At least that's it for "normal" phones and no special NSA versions.

  • Haha 1
Posted
On 2/21/2021 at 8:00 PM, OneMoreFarang said:

If you want to be 100% sure remove the battery.

 

It's like that little red light on the camera. If the light is not on doesn't mean the camera is not on. ???? 

Not easy in an iPhone. ????

Posted
2 hours ago, OneMoreFarang said:

If there is a second battery in the phones then it is very likely tiny. These batteries are good enough to keep information like the time but they don't have the capacity to use GPS and transmit data

Apparently the NSA can track you.  I suspect that the average tracker would not be able to find you.  However, one way or another removing the battery is becoming increasingly less of an option since a good share of the cell phones have permanent batteries installed. 

https://slate.com/technology/2013/07/nsa-can-reportedly-track-cellphones-even-when-they-re-turned-off.html#:~:text=NSA Can Reportedly Track Phones Even When They're Turned Off&text=But it doesn't end there.&text=In most cases%2C when you,when it was powered down.
image.png.a08a214d9269f6ab14107148acb48d74.png

  • Haha 1
  • 1 month later...
Posted
On 2/24/2021 at 10:43 PM, fdsa said:

 

>> Out of interest please name these other OS's

 

Minix - runs inside the CPU;

Threadx, sometimes Linux - runs inside the South bridge or dedicated BMC chip;

HDD/SSD controller OS running on its ARM CPU - information not easily obtainable for the general public

LAN/WAN controller OS running on its ARM CPU - information not easily obtainable for the general public

 

and UEFI - while not being a real OS it could silently connect to the internet and download & run applications before the "main" OS boot up.

 

bumping the thread to raise some healthy paranoia in fellow forum users. What I've found so far:

 

operating systems running inside the CPU:

- Minix in Intel CPUs (widely known, just google it)

- Kinibi in AMD CPUs (https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf)

 

operating systems running inside the network controller:

- eCos and Linux in Broadcom cards (https://github.com/Broadcom/aeolus/blob/master/README.md)

- ThreadX in Marvell cards (Marvell makes most Wi-Fi and LAN chips out there) (https://nvd.nist.gov/vuln/detail/CVE-2019-6496)

- XTOS in Atheros cards (Atheros makes the remaining Wi-Fi chips) (https://github.com/qca/open-ath9k-htc-firmware)

 

I haven't found names of operating systems running inside the hard disk controllers (I wasn't looking well though), but some of these controllers are capable to run Linux: http://spritesmods.com/?art=hddhack&page=3(fun fact from the link: the controller is a 3-core ARM CPU, while 2 cores are doing some HDD work the purpose of 3rd core is unknown. Modern SSD controllers have 4 and even more cores)

 

As for UEFI possibilities: https://www.zdnet.com/article/chinese-hacker-group-spotted-using-a-uefi-bootkit-in-the-wild/

 

So if you ever wondered why Microsoft renamed "My Computer" to "This Computer" - simply because Microsoft is honest - that electronic gizmo you're using right now is NOT YOUR computer.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.




×
×
  • Create New...