To add to this, a lot of what keeps us safe is the friction of bureaucracy. Authoritarians cannot micromanage every decision you make or round up every person they want because those actions take time and resources that aren’t infinite. But you can reduce the time and resources required if you make identification more convenient and therefore enforcement more targeted. Maybe now they can justify making you present ID every time you pay cash at Starbucks, buy a backpack, get on a bus, use a bike share, watch hot snuff porn, you name it.

They’re the data carrying lines, if you cut them it’ll still charge, but no USB data can use the port.

Nothing is perfect. Your goal is to make attacks expensive as shit. Like ideally requiring dozens of hours of electron microscope time to pull off.

You can do a lot to that end though.

Use a mostly read only OS if you can, if you’re enterprising, a custom yocto build with most of the rootfs read only, otherwise a statically defined system like nix that can be readily deleted and rebuilt in minutes. There are configs out there for deleting root on every bootup and having the system automatically repopulate the filesystem. Enable secure boot if you can, it’s frankly your best line of defense. Any of these options are sufficiently weird that designing exploits for them would be a suffer fest.

Forget nail polish, fill screw holes with RTV and if you’re enterprising, the USB ports. At that point you can still get into the system but it’ll be obvious that someone scraped the shit out. You can simply swap the ports for fresh ones with a solder job if needed. If you don’t need this, use epoxy, get some all over the case seam. For the charging port, if it’s USB C PD, I’d need to reread the spec but you should be able to cut D-/D+ and the SS lines with an exacto blade right next to the connector and still be able to charge, just don’t hit the VCC, GND, and CC lines.

Finally, make a kwikset key trap and use it as either a lockbox lock for your stuff or the lock to your house. Kwikset should lull people into a false sense of insecurity but if they try to pick it they’ll suddenly be in a situation where they either need to go overt or somehow replace your lock before you get back. Keep things weird, your goal is to get an adversary, even one with infinite resources, to make ridiculous mistakes.

Parrots will dance to music and sing it, they’ll even do their own little remixes of songs. It’s probably learned but it seems to be something they have the capacity for and understanding of.

Depending on the chipset you can usually set rtc wakeup timers, though that typically implies sleep rather than power off so you’d still have some power draw when the device should be off. Similarly, if you’re trying to log GPS you’ll have to wake up for enough time to get a GPS lock so even at something like a 10 minute logging interval you’d get some noticable power consumption. Much much more if you’re trying to log voice or video.

Did you read the article? There were a couple cases were very early Android phones were modified to appear to be off but stayed on. This is fairly common knowledge, but it’s not particularly hard to defeat.

Everything your phone does requires a deterministic amount of power. Spying on people in particular requires even more power than normal because you need to run the power hungry gps in addition to the modem and cpu.

If you turn off the device it should be significantly cooler to the touch, not a degree above ambient. If it’s at 100% charge but a power bank with a read out is showing it still charging, that’s a problem. Is the bootloader image different? You can verify that to some extent. When you turn it back on has it been drawing down the battery anyway? Does it require an unlock password instead of biometrics as it normally would (assuming a particularly sloppy setup)?

This isn’t rocket surgery, in reality nobody is modding everyone’s phone to stay on forever because unless you’re an absolute troglodyte (aka the fucking old school mafia bosses they did this to) it’s going to be painfully obvious your phone is acting weird.

At least that one has an off button

I rented shit at home depot and had to use fucking clear. They’ve broken containment.

If you absolutely have to hand over your phone, turn it off completely, like hold the power button and then tap the off icon. That will dump any keys out of RAM, which is why it always requires the full password to unlock when you turn it back on. Both in terms of how your phone works and the leaks we’ve seen, the cracking tools the police have are overall significantly less likely to be successful when used on a phone that’s been turned off and not unlocked since.

Also, IIRC iphones have a feature where they will dump at least some of the system keys from RAM if you push the lock button five times. I’d still trust fully off more but that’s easier to do covertly.

Broadly, because the only way to get it was from other humans. Specifically, because a lot of other humans essentially went out of their way to give it to other people.

They mean the Bluetooth MAC address. It’ll capture your phone’s and can tell who the manufacturer is but the rest of the address is randomized. That said, lots of watches/earbuds/assorted smart Bluetooth things aren’t randomized because manufacturers are lazy.

Yes, but it’s harder to fight such a large incumbent when all the money is just going to the incumbent

This seems like an odd move. Let China pay money to use ClosedAI hallucinations instead of using the money to develop their own hallucinations that the US has no insight into.

There’s no technology transfer if they just using the hallucination outputs, it’s just free money for trash.

Intrinsically/semantically no but the expectation is that the texts are encrypted at rest and the keys are password and/or tpm+biometric protected. That’s just how this works at this point. Also that’s the government standard for literally everything from handheld devices to satellites (yes, actually).

At this point one of the most likely threat vectors is someone just taking your shit. Things like border crossings, rubber stamped search warrants, cops raid your house because your roommate pissed them off, protests, needing to go home from work near a protest, on and on.

Not wrong, but the issue is complex. Drones are very obviously one of the bullets in any upcoming conflict. It’s not really about spying and phoning home, it’s that it would be insane to try to tell China “hey, don’t invade other countries mkay?” And then say “oh also we need ammo to stop you but we don’t have the ability to make brass cases or gunpowder anymore, can you send us some”.

Now, while we “can”, to some extent, manufacture components and complete systems, the thing about a war is that it’s basically a wizard duel but with money hoses. You can’t win if the Chinese are producing slaughter bots for $500 ea and the US equivalent is $100,000 (literally). Congress is praying that this will light a fire under US and more friendly foreign manufacturing supply chains to invest more because they might have a chance of breaking into a lucrative market. That said, it probably just paves the way for a two tiered market where China makes their slaughter bots for $500 and the US makes them for $50,000 but all the civil use cases get caught in the cross fire for the short to mid term…so everyone still loses, just harder.

I’m adjacent to the industry. This is dumb but I understand the reasoning. We’re getting left behind in the electronics world. Nobody is creating hardware startups because every few months there’s a viral blog post with a “hardware is hard” title on HN and none of the VC assholes want to fund anything but web based surveillance capitalism ad tech because it’s a surefire way to make money. Even if you do get funded and you’re US based you’re absolutely doing all your manufacturing in China if you’re remotely consumer facing (b2big-b has different rules). That means Chinese companies get all the benefits of all the labor from your highly trained engineers when they get the design files. If you try to build anything at volume in the US you have strikingly few options for boards and parts. Everything is whole number multiples of fucking PCBway and half the time it’s lower quality unless you’re paying aero-defense prices which is the only business anyone wants.

The lower layers all already at least moderately well encrypted, what they’re doing here is trying to pull the unencrypted device ID necessary to establish a connection. It’s not really what you’re sending (though traffic frequency analysis may be included) and more about just figuring out where a particular phone is so they can physically track the user.

I got screeched at for covering up a super bright blinking light on a red eye. Their FAs are next level stupid.

Yes, but there’s already a steep tariff, it would be nice to let them light a small fire under the us automakers so they make better products for us, instead were kinda just letting them be evil and lazy.

Not if it’s electric (for emissions)