Teardown: Tap Trapper

The modern consumer is not overly concerned with their phone conversations being monitored. For one thing, Google and Amazon have done a tremendous job of conditioning them to believe that electronic gadgets listening to their every word isn’t just acceptable, but a near necessity in the 21st century. After all, if there was a better way to turn on the kitchen light than having a recording of your voice uploaded to Amazon so they can run it through their speech analysis software, somebody would have surely thought of it by now.

But perhaps more importantly, there’s a general understanding that the nature of telephony has changed to the point that few outside of three letter agencies can realistically intercept a phone call. Sure we’ve seen the occasional spoofed GSM network pop up at hacker cons, and there’s a troubling number of StingRays floating around out there, but it’s still a far cry from how things were back when folks still used phones that plugged into the wall. In those days, the neighborhood creep needed little more than a pair of wire strippers to listen in on your every word.

Which is precisely why products like the TA-1356 Tap Trapper were made. It was advertised as being able to scan your home’s phone line to alert you when somebody else might be listening in, whether it was a tape recorder spliced in on the pole or somebody in another room lifting the handset. You just had to clip it onto the phone distribution panel and feed it a fresh battery once and awhile.

If the red light came on, you’d know something had changed since the Tap Trapper was installed and calibrated. But how did this futuristic defender of communications privacy work? Let’s open it up and take a look.

Continue reading “Teardown: Tap Trapper”

PinePhone Gets 3D Printed Mechanical Keyboard

Do you remember when smartphones had real physical keyboards? Working the command line on some remote machine over SSH was a breeze, and you could even knock out a few lines of code if you were so inclined. But these days you’ve either got to lug around an external keyboard, or suffer through pecking out a few words per minute on a piece of glass. Doesn’t sound much like progress to us.

By the looks of it, [James Williams] doesn’t think so either. He’s designed a physical keyboard add-on that snaps onto the back of the PinePhone to deliver a proper, albeit condensed, typing experience. This is no repurposed BlackBerry board either; he’s created a custom mechanical keyboard that manages to fold into an incredibly small size thanks to resin printed keycaps and Kailh low profile switches. Other than the hand-drawn legends, it’s probably not a stretch to say this is a better keyboard than what many people have on their actual computers.

In addition to the 3D printed frame and Kailh switches, there’s also an Arduino Pro Micro onboard to communicate with the phone. Rather than use USB, the keyboard is wired to the I2C accessory port on the rear of the PinePhone. It sounds like [James] needs a little more time to polish his QMK build before its ready to release, so you might want to wait a bit before you start printing off your own copy of the parts.

Those following along with the development of the PinePhone know there’s supposedly an official keyboard accessory in the works, but who wants to wait when we’re so close to mobile Linux nirvana? Besides, we doubt it will be nearly as pleasant to type on as the board [James] has put together.

Does Your Phone Need A RAM Drive?

Phones used to be phones. Then we got cordless phones which were part phone and part radio. Then we got cell phones. But with smartphones, we have a phone that is both a radio and a computer. Tiny battery operated computers are typically a bit anemic, but as technology marches forward, those tiny computers grew to the point that they outpace desktop machines from a few years ago. That means more and more phones are incorporating technology we used to reserve for desktop computers and servers. Case in point: Xiaomi now has a smartphone that sports a RAM drive. Is this really necessary?

While people like to say you can never be too rich or too thin, memory can never be too big or too fast. Unfortunately, that’s always been a zero-sum game. Fast memory tends to be lower-density while large capacity memory tends to be slower. The fastest common memory is static RAM, but that requires a lot of area on a chip per bit and also consumes a lot of power. That’s why most computers and devices use dynamic RAM for main storage. Since each bit is little more than a capacitor, the density is good and power requirements are reasonable. The downside? Internally, the memory needs a rewrite when read or periodically before the tiny capacitors discharge.

Although dynamic RAM density is high, flash memory still serves as the “disk drive” for most phones. It is dense, cheap, and — unlike RAM — holds data with no power. The downside is the interface to it is cumbersome and relatively slow despite new standards to improve throughput. There’s virtually no way the type of flash memory used in a typical phone will ever match the access speeds you can get with RAM.

So, are our phones held back by the speed of the flash? Are they calling out for a new paradigm that taps the speed of RAM whenever possible? Let’s unpack this issue.

Continue reading “Does Your Phone Need A RAM Drive?”

Linux Fu: The Linux Android Convergence

The Android phone that you carry in your pocket is basically a small computer running Linux. So why is it so hard to get to a usable Linux environment on your phone? If you could run Linux, you could turn your cell phone into an ultra-portable laptop replacement.

Of course, the obvious approach is just to root the phone and clean-slate install a Linux distribution on it. That’s pretty extreme and, honestly, you would probably lose a lot of phone function unless you go with a Linux-specific phone like the PinePhone. However, using an installer called AnLinux, along with a terminal program and a VNC client, you can get a workable setup without nuking your phone’s OS, or even having root access. Let’s see what we can do. Continue reading “Linux Fu: The Linux Android Convergence”

AUTOVON: A Phone System Fit For The Military

It’s a common enough Hollywood trope that we’ve all probably seen it: the general, chest bespangled with medals and ribbons, gazes at a big screen swarming with the phosphor traces of incoming ICBMs, defeatedly picks up the phone and somberly intones, “Get me the president.” We’re left on the edge of our seats as we ponder what it must be like to have to deliver the bad news to the boss, knowing full well that his response will literally light the world on fire.

Scenes like that work because we suspect that real-life versions of it probably played out dozens of times during the Cold War, and likely once or twice since its official conclusion. Such scenes also play into our suspicion that military and political leaders have at their disposal technologies that are vastly superior to what’s available to consumers, chief among them being special communications networks that provide capabilities we could only have dreamed of back then.

As it turns out, the US military did indeed have different and better telephone capabilities during the Cold War than those enjoyed by their civilian counterparts. But as we shall see, the increased capabilities of the network that came to be known as AUTOVON didn’t come so much from better technology, but more from duplicating the existing public switched-telephone network and using good engineering principles, a lot of concrete, and a dash of paranoia to protect it.

Continue reading “AUTOVON: A Phone System Fit For The Military”

A Mobile Phone For The Pulse Dial Generation

One of the useful side effects of the ubiquitous availability of cellular network data modules is that they can be used to create custom mobile phones. It’s surprising in a way that we don’t see as many of these projects as we’d expect, but by way of redressing that deficiency we’re pleased to see the work of [Proton Gamer], who has taken a vintage rotary dial phone and upgraded it with an Arduino and GSM shield to make a very unexpected mobile phone project.

It’s not entirely certain from the write-up which manufacturer produced the donor phone or for which country’s network it was produced, but it seems typical of the type you might have found the world over in the 1960s. We’re given a breakdown of the various components and how to interface to them, the ringer for example is run using a motor driver board. There are comprehensive instructions for the conversion, though sadly they involve gutting the phone and removing the original hardware. The result can be seen in the video below the break, and the finished project makes a mobile phone call from the unlikeliest of hardware.

This certainly isn’t the first rotary dial mobile phone we’ve featured, including one based on a conference badge.

Continue reading “A Mobile Phone For The Pulse Dial Generation”

BadPower Vulnerability In Fast Chargers Might Make Phones Halt And Catch Fire

A few days ago, Chinese researchers from technology giant Tencent released a paper outlining a firmware vulnerability in several types of fast charger power bricks (translated). The attack is known as BadPower, and it works by altering the default parameters in the firmware of fast chargers to deliver more power to devices than they can handle, which can cause them to overheat, melt, or catch fire.

The ancient and basic USB charging spec provides 0.5 A at 5 V, which is equal to 2.5 W. In theory, that’s all you’ll ever get from those types of chargers. But the newer generation of chargers are different. When you plug your phone into a fast charger, it negotiates a voltage and charging speed with your phone before passing it any power.

Fast chargers can push power at 20 V or more to speed up the charging process, depending on the charger and connected device. If the phone doesn’t do fast charging, it will default to the 5 V standard. Researchers claim the BadPower attack is capable of harming devices whether or not they include a fast charging feature. When a capable device is connected, the charger will still negotiate for 5V, but instead give 20V and wreak havoc.

In the demo after the break, one of the team uses a malicious device disguised as a phone to push the BadPower firmware change to a fast charger that’s hooked up to a voltmeter. Before the attack, the charger gives 5V. After the attack, it gives 5V for a few seconds before jumping up near 20V. Then they connect the now-dirty charger to two identical illuminated magnifying glasses. In one the chip lets the smoke monster out rather violently, and the chips of the other emit sparks.

The researchers tested 35 of the 200+ fast charging bricks currently on the market and found that 18 of them were vulnerable to BadPower, including 11 that can be exploited through the charging port itself. They believe the issue is fixable with a firmware update.

What is not available is enough information to verify this research, or a list of brands/models that are vulnerable. Researchers say the findings were submitted to the China National Vulnerability Database (CNVD) on March 27th, so the absence of this information may be a product of manufacturers needing more time to patch the vulnerability.

What do you think? We say halfway decent chargers shouldn’t be open to firmware attacks from the devices they are charging. And any halfway decent phone should have built-in electrical protection, right?

Continue reading “BadPower Vulnerability In Fast Chargers Might Make Phones Halt And Catch Fire”