Close this search box.

Written by: Mike Yang

A new hardware device that’s in development promises to alert users when their phones are transmitting data without their knowledge, but some security researchers say the device looks like an overly complicated solution to a limited problem.
Reporters often are targets of surveillance, both overt and covert, and that means that their laptops and phones are always at risk of compromise. Phones especially are juicy targets for attackers such as government agencies that are looking to track a reporter’s movements and activities. So Bunnie Huang, a hardware hacker and researcher, and Edward Snowden have developed plans for a device that would sit on the back of an iPhone and tap into the phone’s inner workings to detect when the phone is sending out data without the user’s knowledge. Known as the introspection engine, the device monitors the signals that control the device’s radio hardware and looks for data being transmitted even while in airplane mode.
The design of the device, which sits on the back of an iPhone and includes a small black-and-white screen, assumes that phones will be compromised.

“In such a situation, a reporter cannot take the UI status at face value. Instead, we aim to provide field-ready tools that enable a reporter to observe and investigate the status of the phone’s radios directly and independently of the phone’s native hardware. We call this direct introspection,” Huang and Snowden say in their paper. 

“Our work proposes to monitor radio activity using a measurement tool contained in a phone-mounted battery case. We call this tool an introspection engine. The introspection engine has the capability to alert a reporter of a dangerous situation in real-time. The core principle is simple: if the reporter expects radios to be off, alert the user when they are turned on.”

The device piggybacks on the rear of the iPhone and it’s connected to the inside of the phone through the SIM card slot.

“In order to facilitate the robust wiring of the signal taps, a custom flexible printed circuit (FPC) will be designed with contacts pre-loaded at signal test point locations. This will streamline phone modifications while making the final product more robust. As the SIM card has to be removed for access to key test points, the FPC will also connect to the SIM card signals. An additional FPC will then exit via the existing SIM card port, making available to the introspection engine both the bus taps and the SIM card signals,” the paper says.

 But some security researchers say that the introspection engine may be addressing a problem that only affects a small number of users and does so in an overly complicated manner. One security researcher said it would likely be easier to just disconnect the phone’s battery in high-risk situations, or to use a device that doesn’t have transmission capabilities. Also, the introspection engine doesn’t actually stop transmissions from going out, but simply detects them and alerts the user.

Huang and Snowden say in their paper that they’re working on a prototype of the device, but it could be years down the road, as they’re running the project on their own on a small budget. They also say that the concept of the introspection engine could be applied to other security areas for mobile devices.

“Furthermore, direct introspection may be extendable beyond the radio interfaces and into the filesystem layer. We theorize an introspection engine attached to the mass storage device within a phone; for example, an FPGA observing the SD bus between the CPU and the eMMC in a typical Android phone implementation. This introspection engine could observe, in real time, file manipulations and flag, or even block, potentially suspicious operations,” the paper says.