This answer is dangerously naïve. Phone basebands and radios are full of vulnerabilities, if you don't want your phone to be a potential surveillance device given any minimally sophisticated adversary you should either turn off the radio or preferably shut it off entirely and remove the battery.

A little OT but strongly related: in France you can go to prison if you refuse to give your phone's password to the police (nothing like a "free country", I guess).

Is there a way to set up a phone so that typing a "special" password puts the phone in an alternate state with different apps and content, etc. (and possibly erase the regular content)?

Google Play is a rootkit. Google will fully cooperate with any government. If you use GrapheneOS on a pixel device your bootloader is closed source and the system-on-chip is largely undocumented and impossible to audit without serious resources. So yeah. Shit's fucked man.

Can the thing France just made legal be done?

> French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5.

https://www.lemonde.fr/en/france/article/2023/07/06/france-s...

Why would anyone stir up the civil libertarians if the thing you are making legal is not possible?

Is there some kind of vote bot ring or something?

This is a question with one short answer (at the time of my comment). It's hard to imagine why it made the top on its own merits.

To me the real question is. Technical feasibility aside.

Would the cell phone manufacturers (Apple, Samsung, Motorola, Nokia, Xiaomi, etc) say no when faced with the possibility of losing market share in France. Because of a law pushed through under the cover of security. Many a liberties have slipped under that blanket cover called security.

I think they will put in this feature if it's not already there.

I know for a fact that my electronics (including smartphone) is being monitored (including this post) by my government.

That probably doesn't surprise others. What isn't as known is that the government also intrudes into chats with other people on social media.

They don't just monitor, but actively interfere.

Edit: By the way, Nokias and other dumbphones (without physical off-switches -- the PinePhone has them, but good luck getting one) can also get their mic and GPS remotely activated. The partial solution is to get one with a removable battery and remove the battery whenever not in use.

iPhones can be hacked into through IMEI if you connect them, but are useful, encrypted offline-only PDAs if you don't install any app.

Also, if your electronics are being spied on by the government to this degree, chances are you are also being physically monitored.

IANAL nor French, but reading the article, is this just saying that French police can get a warrant, issued by a judge, that allows them to tap a suspect's device (not longer than 6 months)? I just want to make sure I got the facts right.

https://www.lemonde.fr/en/france/article/2023/07/06/france-s...

We already know for a fact that they can surveil virtually all smart devices including appliances and televisions due to the Vault 7 leaks, and this would tend to be corroborated by the national geospatial intelligence agency telling congress that they have a high resolution 3d map of the entire globe's events at any given time.

Any broadband chip since 3G ships with proprietary drivers which have backdoors. I tried to build an open phone, worked for one of the major telcos, and could never get around the driver issue in trying to make an open phone.

BUT sophisticated attackers like US or Israeli governments (and I assume Russian or Chinese but I don’t have direct experience with these) don’t need these backdoors, getting anywhere near your phone is enough to root it to allow installation of spyware, according to my CSO who worked in naval intelligence. There are simply too many vulnerabilities for there to be a hardened device in the consumer space. Some are better than others (Apple) but as Bruce Schneier says, if you are worried about this sort of thing you really have to be totally disconnected from the internet and exchange encrypted physical media.

To add to this discussion, I must note what I don't see many mentioning here.

One doesn't need to do any shady stuff with baseband or stockpile on zero day vulns.

The current mobile ecosystem is such that any supported device (recieving updates and such) sends its unique identifier to the manufacturer before recieving OTA updates. And devices by default check for updates on a regular bases. Basically the manufacturer can always target and track individual devices. And provision indivisualised signed updates. Not just at the country level but targeted to specific IMEI.

Coming to more concrete examples, Google is known to do AB testing with their Pixel line of devices, setting custom profiles for some users.

Xiomi had previously shown capability to actively disable devices that move outside of legal sale regions.

Samsung uses such capabilities for enterprise devices in Samsung's Enterprise/Knox platform. And consumer devices can be thought of as enterprise devices under the manufacturers domain.

---

So the government only simply needs to send these companies warrants to target, bug and track specific devices or registered customers.

Online platforms are already subjected to data requests from law enforcement which they must conform to (atleast those with supporting warrant).

Some try to recuse themselves from such compelled intrusion of their customers by employing end to end encryption (e2ee).

With this provision and manufacturer cooperation, they could get direct full control of the ends (personal devices). Obviating the need to "break" encryption.

Why deal with a dizzying cloud of services in wide range of jurisdictions when you can have full access to citizen devices with cooperation of a handful of manufacturers.

In summary, this is not just feasible, the elements for an organised remote control system are already present in current smartphone ecosystem. In form of signed updates by manufacturers that can target particular IMEI devices. One just needs this law to wade through the legality issues.

A solution to avoid such sweeping surveillance capability would be to convince manufacturers to not receive identifiable data before provisioning updates. And have a public ledger of officially signed image hashes, like those of of domain certificate transparency lists.

This question has been in my head recently. How feasible is it really? The answer in the link isn’t comprehensive. Is it really out of the question for manufacturer’s to ship a particular version of a device and software for a target country? Nation states have a history of backdooring or weakening particular technologies.

nuggets to supplement discussion

https://en.wikipedia.org/wiki/Baseband_processor

What's the path of least resistance to find RCE on baseband?

The vulnerabilities are built in at every level.

Source: I was once a CALEA programmer.

Anyone who says otherwise is an idiot, a liar, or both.

Web sites that are frequently referenced are forced to censor the truth.