12

I'm looking to use my smartphone purely as a portable computer, with no network functionality, in order to protect my privacy.

  • Is removing the SIM cards from it enough to airgap it? Or do I need to go further?

  • If removing the SIM cards doesn't guarantee it, would it be possible to remove the antennae? I imagine without those the signals would be far too weak to permit any kind of communication at all.

Rodrigo de Azevedo
  • 242
  • 2
  • 13
anon
  • 121
  • 1
  • 3

4 Answers4

15

You're trying to take away communications capabilities from a tool designed to communicate. It's probably not the best choice of devices.

You can start by setting the phone into "airplane mode", which is intended to shut off the radios. Because of the way RF works, that means it shuts off both transmitting and receiving. It should keep you safe, but of course, you could accidentally enable it again.

You need to take a survey of the RF that the phone is designed to communicate on. Obviously it has cell communications, but it may also have Wi-Fi, Bluetooth, and NFC. If you disable the cell antenna you won't stop the other communications channels. You'll have to also remove the hardware that supports the other technologies, and do so without damaging the phone. (For example, a Bluetooth or Wi-Fi antenna is a very tiny element on the circuit board.)

John Deters
  • 33,650
  • 3
  • 57
  • 110
  • 1
    >You're trying to take away communications capabilities from a tool designed to communicate. It's probably not the best choice of devices. i know, but there arent many modern pocket sized mobile computers > "airplane mode" would this be effective in dealing with a device that was already comprimised at the software level? – anon Feb 17 '14 at 18:52
  • 4
    No; if the device is compromised, it cannot be trusted. For example, a jailbroken iPhone can show the "airplane mode" indicator yet still have radios enabled. In that case, hardware disabling is the only option. Certain compromises have been known to aggressively seek out public wi-fi if they can't get cell service, so removing the SIM card won't be enough. If you can start with a clean phone that hasn't been compromised, and leave the SIM card out starting from before you purchase it, you should probably be OK. – John Deters Feb 17 '14 at 20:47
  • thought so, but the malware im talking about is built into more or less every phone out there – anon Feb 17 '14 at 21:36
  • 1
    Then you're left with disassembling the device and physically identifying and disabling the GSM, Wi-Fi, and Bluetooth transmitters; and you should test the device afterwards to make sure it isn't emitting data through an unidentified source. – John Deters Feb 17 '14 at 21:43
  • 3
    Exactly, John; if you're serious, you need to physically disable/remove/destroy the chips controlling all wireless communications methods - taking the antennas away merely shortens the range (drastically, to be fair). After that, you need to use an RF device like a spectrum analyzer to check for emissions on the bands it can communicate on. Start with a device with fewer communications options, and preferably ones that are less likely to be part of SoC (System on a Chip) designs like many smartphones and tablets. – Anti-weakpasswords Feb 18 '14 at 04:45
  • Here's a good article on why someone might not want a device to transmit: https://www.schneier.com/blog/archives/2014/02/finding_peoples.html – John Deters Feb 18 '14 at 16:47
3

Maybe you should consider an iPod Touch, or wi-fi only iPad. With no cellular hardware it's not going to be able communicate in that way, so you don't need to think about removing antennae. If you disable wi-fi, and enable flight mode you should be secure. Even joining free wi-fi hotspots require user interaction to complete, so you should be in control of that.

This assumes that you're in the market for a device, rather than talking about a device you already have.

JoltColaOfEvil
  • 850
  • 1
  • 7
  • 13
  • 1
    iPod Touch devices include both Wi-Fi and Bluetooth, both of which can reveal your location if powered on. It sounds like the original poster doesn't even want that capability, and would need to disable the hardware. iDevices are difficult to disassemble and modify, although the internal hardware and electronics are fairly well documented by sites like iFixit. – John Deters Feb 18 '14 at 16:01
2

If you have no SIM in the phone and disable all wireless radios in the device (e.g. bluetooth and Wi-Fi) then from the perspective of someone compromising it over the network you should be relatively safe.

You would still have risks of attacks on the physical device itself to worry about of course.

Rory McCune
  • 60,923
  • 14
  • 136
  • 217
-1

Getting rid of the SIM card and disabling wifi, bluetooth and Near Field Communication will make it much harder for malware to exploit you ... but not impossible. If you ever connect to the internet from the device, hidden code can send/receive data at the same time. In addition, there now appear to be malware capable of communicating through audio channels, so you'd have to mute your speaker as well.

Ultimately, I know of no foolproof way to airgap or protect your smartphone. Your best bet is to assume it is compromised and protect your data to the best of your ability.

Ari Trachtenberg
  • 822
  • 6
  • 14
  • correct me if im wrong, but the only ones weve seen that can jump airgaps like that are this supposed badbios and a proof of concept program, and that was only in december – anon Feb 17 '14 at 21:33
  • badbios using ultrasonic communications was never proven. – John Deters Feb 18 '14 at 04:05
  • thats exactly my point – anon Feb 18 '14 at 10:19
  • I can't speak to what you've seen ... but the technology has been around for a while. See, for example: http://www.adweek.com/news/advertising-branding/sound-triggered-smartphone-ads-seek-you-out-136901 – Ari Trachtenberg May 29 '14 at 17:52