The modern consumer is not overly concerned with their phone conversations being monitored. For one thing, Google and Amazon have done a tremendous job of conditioning them to believe that electronic gadgets listening to their every word isn’t just acceptable, but a near necessity in the 21st century. After all, if there was a better way to turn on the kitchen light than having a recording of your voice uploaded to Amazon so they can run it through their speech analysis software, somebody would have surely thought of it by now.
But perhaps more importantly, there’s a general understanding that the nature of telephony has changed to the point that few outside of three letter agencies can realistically intercept a phone call. Sure we’ve seen the occasional spoofed GSM network pop up at hacker cons, and there’s a troubling number of StingRays floating around out there, but it’s still a far cry from how things were back when folks still used phones that plugged into the wall. In those days, the neighborhood creep needed little more than a pair of wire strippers to listen in on your every word.
Which is precisely why products like the TA-1356 Tap Trapper were made. It was advertised as being able to scan your home’s phone line to alert you when somebody else might be listening in, whether it was a tape recorder spliced in on the pole or somebody in another room lifting the handset. You just had to clip it onto the phone distribution panel and feed it a fresh battery once and awhile.
If the red light came on, you’d know something had changed since the Tap Trapper was installed and calibrated. But how did this futuristic defender of communications privacy work? Let’s open it up and take a look.
Continue reading “Teardown: Tap Trapper”
[Mitch] got interested in the S8 “data line locator” so he did the work to tear into its hardware and software. If you haven’t seen these, they appear to be a USB cable. However, inside the USB plug is a small GSM radio that allows you to query the device for its location, listen on a tiny microphone, or even have it call you back when it hears something. The idea is that you plug the cable into your car charger and a thief would never know it was a tracking device. Of course, you can probably think of less savory uses despite the warning on Banggood:
Please strictly abide by the relevant laws of the state, shall not be used for any illegal use of this product, the consequences of the use of self conceit.
We aren’t sure what the last part means, but we are pretty sure people can and will use these for no good, so it is interesting to see what they contain.
Continue reading “Inside An Amateur Bugging Device”
[Wikileaks] has just published the CIA’s engineering notes for Weeping Angel Samsung TV Exploit. This dump includes information for field agents on how to exploit the Samsung’s F-series TVs, turning them into remotely controlled spy microphones that can send audio back to their HQ.
An attacker needs physical access to exploit the Smart TV, because they need to insert a USB drive and press keys on the remote to update the firmware, so this isn’t something that you’re likely to suffer personally. The exploit works by pretending to turn off the TV when the user puts the TV into standby. In reality, it’s sitting there recording all the audio it can, and then sending it back to the attacker once it comes out of “fake off mode”.
It is still unclear if this type of vulnerability could be fully patched without a product recall, although firmware version 1118+ eliminates the USB installation method.
The hack comes along with a few bugs that most people probably wouldn’t notice, but we are willing to bet that your average Hackaday reader would. For instance, a blue LED stays on during “fake off mode” and the Samsung and SmartHub logos don’t appear when you turn the TV back on. The leaked document is from 2014, though, so maybe they’ve “fixed” them by now.
Do you own a Samsung F-series TV? If you do, we wouldn’t worry too much about it unless you are tailed by spies on a regular basis. Don’t trust the TV repairman!