I'm glad this title mentioned Bunnie, when the smartphone case was first announced most news outlets reported it as "a smartphone case that prevents spying by Edward Snowden and some hacker"
I don't understand what kind of malware this is supposed to detect? This only seems relevant when you're using airplane mode, and why wouldn't malware just wait until you went back online before transmitting the data?
"For the iPhone, there are four different radio interfaces that could potentially be used for malicious purposes: the cellular modem, Wi-Fi, GPS, and NFC"<p>Well, GPS only receives... so how is it going to detect that?
Articles like this make me wonder how journalists were able to do their jobs before the ubiquity of cellphones.<p>Here's an analogy to what's happening:<p>Since you're a high value journalist, a state actor has helpfully assigned an FBI-type agent as your minder. And now you're debating whether you should put a blindfold and earplugs on your minder before attending an important meeting with him in tow. Or, alternately, you're debating on whether you should add a gag to him to keep him from reporting back to his superiors.<p>But, the minder is resourceful. He has trained for the possibility of a blindfold. So he might remove it at opportune times and take a peek at what's happening. Or, when gagged, he is prepared to report back by tapping out a message with his fingers, using Morse code.<p>In short, I think it's a Sisyphean struggle to try to keep the minder from reporting back. Instead, just leave the minder elsewhere, far away from important discussions.<p>There is no way a few amateurs with soldering irons will be able to successfully and continually thwart state actors. Don't play their game!
Better hope that the factory manufacturing this device, and the technicians installing it within the phone, are trustworthy enough not to leave their own backdoors.<p>A supposedly trusted device that taps into the hardware buses by design is an excellent target for malfeasance.
So it's a sort of hardware-based Little Snitch without the ability to block connections. Neat. Perhaps a useful tool for the security-minded but not a true safeguard. Remote code execution exploits are very real. All an attacker needs to do is modify your network configuration (DNS, proxy, hosts file, etc.) to disguise network traffic over a specific address that looks real enough so as to not warrant suspicion. This exploit could also be designed to sit idly while the device is in airplane mode, avoiding the case's primary detection feature.
Much better link straight to the source: <a href="https://www.pubpub.org/pub/direct-radio-introspection/" rel="nofollow">https://www.pubpub.org/pub/direct-radio-introspection/</a>