eavesdropping – WindowsTechs.com

Arguing Against CALEA

Posted on April 8, 2025 by Bruce Schneier

At a Congressional hearing earlier this week, Matt Blaze made the point that CALEA, the 1994 law that forces telecoms to make phone calls wiretappable, is outdated in today’s threat environment and should be rethought:

In other words, while the legally-mandated CALEA capability requirements have changed little over the last three decades, the infrastructure that must implement and protect it has changed radically. This has greatly expanded the “attack surface” that must be defended to prevent unauthorized wiretaps, especially at scale. The job of the illegal eavesdropper has gotten significantly easier, with many more options and opportunities for them to exploit. Compromising our telecommunications infrastructure is now little different from performing any other kind of computer intrusion or data breach, a well-known and endemic cybersecurity problem. To put it bluntly, something like Salt Typhoon was inevitable, and will likely happen again unless significant changes are made…

Continue reading Arguing Against CALEA→

Hackaday Links: September 8, 2024

Posted on September 8, 2024 by Dan Maloney

OK, sit down, everyone — we don’t want you falling over and hurting yourself when you learn the news that actually yes, your phone has been listening to your conversations …read more Continue reading Hackaday Links: September 8, 2024→

Noisy Keyboards Sink Ships

Posted on August 6, 2023 by Al Williams

Many of us like a keyboard with a positive click noise when we type. You might want to rethink that, though, in light of a new paper from the UK …read more Continue reading Noisy Keyboards Sink Ships→

Backdoor in TETRA Police Radios

Posted on July 26, 2023 by Bruce Schneier

Seems that there is a deliberate backdoor in the twenty-year-old TErrestrial Trunked RAdio (TETRA) standard used by police forces around the world.

The European Telecommunications Standards Institute (ETSI), an organization that standardizes technologies across the industry, first created TETRA in 1995. Since then, TETRA has been used in products, including radios, sold by Motorola, Airbus, and more. Crucially, TETRA is not open-source. Instead, it relies on what the researchers describe in their presentation slides as “secret, proprietary cryptography,” meaning it is typically difficult for outside experts to verify how secure the standard really is…

Continue reading Backdoor in TETRA Police Radios→

Recovering Smartphone Voice from the Accelerometer

Posted on December 30, 2022 by Bruce Schneier

Yet another smartphone side-channel attack: “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers“:

Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks on ear speakers, which produce much smaller scale vibrations, were believed impossible to eavesdrop with zero-permission motion sensors. In this work, we revisit this important line of reach. We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We investigate the impacts of these new ear speakers on built-in motion sensors and examine the potential to elicit private speech information from the minute vibrations. Our designed system …

Continue reading Recovering Smartphone Voice from the Accelerometer→

EarSpy Attack Can Use Motion Sensors Data to Pry on Android Devices

Posted on December 29, 2022 by Deeba Ahmed

By Deeba Ahmed
An EarSpy attack is a proof of concept of a new type of attack on Android devices that exposes users to eavesdropping.
This is a post from HackRead.com Read the original post: EarSpy Attack Can Use Motion Sensors Data to Pry on Android D… Continue reading EarSpy Attack Can Use Motion Sensors Data to Pry on Android Devices→

Ukraine Intercepting Russian Soldiers’ Cell Phone Calls

Posted on December 21, 2022 by Bruce Schneier

They’re using commercial phones, which go through the Ukrainian telecom network:

“You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air,” said Alperovitch. “That doesn’t pose too much difficulty for the Ukrainian security services.”

[…]

“Security has always been a mess, both in the army and among defence officials,” the source said. “For example, in 2013 they tried to get all the staff at the ministry of defence to replace our iPhones with Russian-made Yoto smartphones…

Continue reading Ukraine Intercepting Russian Soldiers’ Cell Phone Calls→

Audio Eavesdropping Exploit Might Make That Clicky Keyboard Less Cool

Posted on May 6, 2022 by Dan Maloney

Despite their claims of innocence, we all know that the big tech firms are listening to us. How else to explain the sudden appearance of ads related to something we’ve …read more Continue reading Audio Eavesdropping Exploit Might Make That Clicky Keyboard Less Cool→

Lightning Cable with Embedded Eavesdropping

Posted on September 7, 2021 by Bruce Schneier

Normal-looking cables (USB-C, Lightning, and so on) that exfiltrate data over a wireless network.
I blogged about a previous prototype here.
Continue reading Lightning Cable with Embedded Eavesdropping→

Eavesdropping by LED

Posted on August 25, 2021 by Al Williams

If you ever get the feeling someone is watching you, maybe they are listening, too. At least they might be listening to what’s coming over your computer speakers thanks to …read more Continue reading Eavesdropping by LED→