How come the more I hear about what Israel or Israeli companies can do with our devices makes me just not want to use a device at all? Maybe my tinfoil hat is too tight? Why are they so bold with their abilities while other countries are not? Are they just that much better, or are other nation states just better at keeping quiet?
Reminds me how at some point the U.S. was so strong that it didn’t even have to show up to dick swinging contests anymore. No military parades and the like, which feels antiquated and kind of embarrassing when you see the Russians or North Koreans doing it.
Though the Americans are into military parades again… hmmm…
I think the boldness is a combination of 1) marketing to governments and organizations around the world and 2) knowing there will be no consequences either domestic or international for what they do.
A state (or a carrier, in theory), doesn't need RCEs to do this. In every phone, the "actual phone", what talks to cell towers, is a separate system called the Baseband. It is a full computer, storage, memory, encryption, ... and it is under the control of carriers and through them of law enforcement and the like. It is also where the microphone and mostly the cameras are connected. The baseband then passes them through to the UI, like android or IOS. It's how carriers enforce disabling wifi when mobile data is active unless you pay extra, for example.
But it can copy the sound of a phone call to separate channels, or copy the data being sent (even on wifi), or it can activate emergency messages or broadcasts. It can also transmit audio and video when the phone is not actually in a call. That sort of thing.
In practice there are a great many different basebands and of course most states couldn't be bothered to actually write a decent system to use them (well, they tried forcing carriers to do it for them, but anyone who ever worked at a large carrier on a big project can tell you how that went), so only lowest common denominator features are in practice accessible. That means location and getting audio. But nothing is stopping countries from implementing more. I bet the NSA has something with a lot more features, for example.
No, the only part where carriers can run arbitrary code is on the sim card, which can only run javacard applets.
>It can also transmit audio and video when the phone is not actually in a call.
Source? AFAIK both iPhones and Pixels have discrete modems, which means the baseband is separated from the main processor and communicates with it via some sort of bus. It's unclear how the baseband would be able to get arbitrary audio/video when it's isolated in this manner.
Look obviously the baseband is under control of carriers. That's required since they manage spectrum, you know AT&T's "one phone could disrupt service for an entire neighborhood" argument. Which is true, btw.
This includes the power to upload code to decide which channels and timing to use.
Then it was decided to use this for law enforcement, and so audio was routed through the baseband. Other things were for carriers, like SMS management (including deleting SMS that were already shown to the user). Both to prevent apps from listening without the baseband's agreement AND to listen in without agreement from the apps.
The limit on this is that there's already many different basebands, and of course neither carriers nor states could be bothered to actually implement the backend necessary. I'd bet good money the NSA has one though.
If factories filled with civilians are fair game for conventional attacks in total war. Why not cyber attacks on cell phones and electronics needed by the civilians to do those same jobs?
The later.
While I applaud Israel capabilities the are not unique. USA and china has more mony, talent and access to the hardware/software that is actually used to build the networks
In the verbally given version of the speech that isn't shortened to a tweet (https://www.nbcnews.com/video/shorts/israel-pm-says-they-use...) this is explicitly directed "to the jailers of our hostages", and in that context, it seems pretty reasonable.
That's alluding to Nazi and Palestinian criminals that Israel hunted all over the world for decades. One by one, setting up their meetings with the creator.
There was even a movie about one hunt it's called "Munich", directed by Spiellberg - https://www.imdb.com/title/tt0408306/ . Great movie!
> The prime minister’s office also claimed that the Israeli army had taken over mobile phones in Gaza to broadcast his message, though AP journalists inside Gaza saw no immediate evidence of Netanyahu’s speech being broadcast on phones there.
Every phone in Israel got a special message when missiles from Iran were fired.
No application, no nothing, just by the virtue of being connected to to an Israeli phone cell tower (it worked even on imported phones)
My understanding that it is a standard feature, this is how earthquake warning works in Japan.
Point being there is no "hacking" involved. Standard feature
You don't have to hack anything if you control ip routes. A simple redirect like a captive portal could accomplish something like this. Israel can either own the gateways or own the spectrum.
Besides the reality of this or not, the order of events is misleading. If they were able to do so, then the taking of control happened long ago (and maybe not just in Gaza), and used this opportunity to send that message to them. And that wasn't the main goal of taking control.
I think it is more likely that the Israeli government would have abused Gaza's wireless emergency alert system to send a link to a live stream to every cell phone. AFAIK, emergency alert systems are limited to text messages but smartphones will recognise URLs to allow users to tap to open them.
But a user would have needed to actively tap on the link to open the stream.
In the UK we recently had a test of the emergency alert system. Most people had an alarm and a message on screen, with phones locked. There were a few incidents of motorists ending up in road traffic accidents in the immediate aftermath, and some phones reportedly spoke the announcement rather than just beep loudly.
Since the 'beep' is just an audio file, my hunch is that some A/B testing was going on, with most people getting the 'beep' and some getting the message read out.
I imagine that broadcast capability is fully built in, so that mobile phones can replace what we had in the olden days when the government could take over the TV and radio to broadcast whatever they thought was important. I can't remember the last time that the U.S. President spoke to the people in this way, but it used to be fairly common.
I don't think that calling every phone is plausible. In a competitive telecoms market, no provider would build that out. Instead they would keep capacity just above what they know is needed on a daily basis.
Not because it would be impossible, although the "every phone" is a bit of a stretch given how hard it would be to build an exploit that reliably works on all the messed up versions of Android that vendors put out.
But because if you had a capability like this, you wouldn't burn several full exploit chains just to broadcast a speech.
Doing something on the network side (either compromising existing infrastructure, simply being the infrastructure provider, or providing fake base stations) and then simply calling each phone - sure.
Pushing emergency alert cell broadcast messages with a link to the stream - sure.
This. How can you know you hacked EVERY phone. I have friends with flip phones (no screen). There must be at least a small amount of optimistic thinking here.
IMHO someone was likely given a task such as "disseminate the message to 100% of the population" and they found a way to claim they accomplished the task (with reasonable credibility).
Pegasus is just the commercial stuff, too. The IDF certainly has it's own panoply of exploits/payloads in addition to their profoundly privileged CIA access.
Sounds like boomer-speak for they sent one of those full-screen SMS messages (aka 'flash SMS') with a link to a livestream.
You guys read too much Tom Clancy.
If spammers can do it and send me links to phishing sites so can one of the most technologically-proficient governments. You really think they would waste multiple 0-days on some bullshit like this?
Isn't this is the nation that planted explosives into pagers? I think they're the ones reading too much Clancy.
> so can one of the most technologically-proficient governments.
How would you feel if China did this to your nation? Would you marvel at their proficiency or perhaps focus on the complete lack of diplomacy it displays?
> the responsible adult that was in charge of my protection
So you're infantilizing an entire nation to make this point?
> So he should surrender and spare us the war.
Do you have any measure on this sentiment among the population currently? If it is, as it is in so many places, that the leaders actions are detached from the will of the voters, then what should we make of this?
Should they be allowed to surrender to a _neutral_ party?
Should they be allowed to keep their state?
Is there any reason not to presume a peaceful negotiation under these terms? Is there any reason to attempt to assassinate the party trying to coordinate this?
> How would you feel? Insulted?
Violated. These are _our_ emergency broadcast services. They should be used for the intended purpose and not to force an angry political message on a powerless population.
Do you not have any good faith in yourself for this topic?
Putin has treaty rights to attend the General Assembly, same as Netanyahu. Neither are under legal threat in the U.S. as we never signed the Rome Statute that established the ICC.
He's the head of state of a member country. Afaik, all member countries have a slot to give a speech at the general assembly. There's probably a slot for observer states and other acknowledged non-member states as well.
I don't see why Putin would be prohibited from making a speech in the time alloted for speeches either? He's the head of state of a member country as well. And it's one of the permanent members of the security council, so among equal peers, it's more equal. Russia's slot is currently listed as Saturday morning [1], I don't know who will speak.
https://www.axios.com/newsletters/axios-pm-76a155d0-9b02-11f...