Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,807,597 Members 51,073 Now Online
XDA Developers Android and Mobile Development Forum

[Q] Security question: Phones and Intelligence Firm Visits

Tip us?
 
prospect7
Old
#1  
Junior Member - OP
Thanks Meter 0
Posts: 4
Join Date: Jan 2014
Default [Q] Security question: Phones and Intelligence Firm Visits

*Assume the phone in question is rooted and s-off*

Scenario: A person is invited to the HQ of a very successful and prominent intelligence firm by one of the highest ranking advisors in the firm. The purpose of the invite is unknown to this person, although it isnít a place like Google so they arenít exactly in the business of just giving out tours for friends. Itís possible that lucrative employment may be an option. Assume that buying a prepaid phone for the visit is not an option, and that the phone does not leave the custody of the person at any time during the visit.

Question: Is it possible to push anything to the phone (a program or script for example) which would survive a complete wipe followed by a nandroid restore (backed up before the visit takes place) when only the following is enabled (no NFC, Bluetooth, or Wifi):
-Data/radio
-Radio
-Airplane mode

Thank you very much for your time on this.
 
mcapozzi
Old
#2  
Senior Member
Thanks Meter 22
Posts: 129
Join Date: Mar 2010
Default Well...

Quote:
Originally Posted by prospect7 View Post
*Assume the phone in question is rooted and s-off*

Scenario: A person is invited to the HQ of a very successful and prominent intelligence firm by one of the highest ranking advisors in the firm. The purpose of the invite is unknown to this person, although it isnít a place like Google so they arenít exactly in the business of just giving out tours for friends. Itís possible that lucrative employment may be an option. Assume that buying a prepaid phone for the visit is not an option, and that the phone does not leave the custody of the person at any time during the visit.

Question: Is it possible to push anything to the phone (a program or script for example) which would survive a complete wipe followed by a nandroid restore (backed up before the visit takes place) when only the following is enabled (no NFC, Bluetooth, or Wifi):
-Data/radio
-Radio
-Airplane mode

Thank you very much for your time on this.
If you're going to put the phone in Airplane mode, you might as well just shut it off and take the battery out. Then you'll be 100% safe. Even better, leave the phone behind. If you're that afraid, then I wouldn't even bring it into the building. Better yet, don't accept invites into buildings from people you don't trust. When I used to work in secure areas, the phones were always left behind, ALWAYS...

-Mike
 
prospect7
Old
(Last edited by prospect7; 22nd January 2014 at 01:01 AM.)
#3  
Junior Member - OP
Thanks Meter 0
Posts: 4
Join Date: Jan 2014
Quote:
Originally Posted by mcapozzi View Post
If you're going to put the phone in Airplane mode, you might as well just shut it off and take the battery out. Then you'll be 100% safe. Even better, leave the phone behind. If you're that afraid, then I wouldn't even bring it into the building. Better yet, don't accept invites into buildings from people you don't trust. When I used to work in secure areas, the phones were always left behind, ALWAYS...

-Mike
Mike, thanks for replying.

Granted, the phone won't be terribly useful while in Airplane mode, however, there's a chance this could turn into a job opportunity. The details regarding the invitation had nothing to do with any sort of shady dealing or random encounter on the street/in a store. As a result, my friend doesn't want to convey mistrust right from the get-go (which could be communicated by having the phone in an abnormal state like 'off' or 'not with me'. It's a tech company, so everyone's got phones, and they're always on). If the phone is used to get someone's information or take notes, they'd want to be able to use the phone to show they're comfortable. At the same time, they don't want to run the risk of them pushing anything onto the phone which will survive a full wipe or even an ruu flash. This way, if they weren't going to snoop in my phone anyway, no harm done. If they were, they'll find that they can't snoop later, and may work to an advantage.

Airplane mode seems a happy medium: being able to convey comfort, while being shielded from unknown attacks on the phone. There's reason to believe they'd notice something was odd if the phone wasn't readily available, or even in an 'off' state.
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes