Eşyalarını Tamir Et Topluluk Mağaza

Announced on October 16, 2014, the iPad Air 2 is a thinner successor to the iPad Air.

448 Soru Tümünü görüntüle

Seçenekler

Remove radios from ipad

Hi - I work in IT and I have clients that are traveling to china and need to have an Ipad with sensitive information on it. They have to assume that all their electronics are compromised and need away to isolate their equipment on a hardware level. Much like how the federal gov't does.

I don't know much about electronics on a hardware level but I would like to somehow remove the radio without bricking the Ipad. Can it be done? Does anyone know how to do this?

Bu soruyu yanıtla Ben de bu sorunu yaşıyorum

Bu iyi bir soru mu?

Evet Hayır
Puan 1
Yorum Ekle

2 Cevap

Filtre ölçütü:
En Faydalı En Yeni En eski
En Yararlı Yanıt

Seçenekler

This is a stupid request from the client on multiple levels.

The request stems from paranoid claims without concrete proof or technical grounds.

It’s probably not a good idea to work with this client anyway. If you agreed to do this, it only fuels their paranoia and you’ll have more weird requests lined up.

If the client insists, rip out all the antennas and solder grounding wire to the RF connectors. Good luck getting spied on without antennas.

Bu yanıt yardımcı oldu mu?

Evet Hayır
Puan 4

9 Yorum:

This is a request from my client and I am not in a position to question him. Just trying to figure out the most viable options.

tarafından

As I said pull the antennas out. iOS devices do not expect internal peripherals to be missing. Pulling the chip out may cause various system problems. Pulling the antennas out and grounding the RF traces do not cause this problems and more or less achieves the goal.

I still insist that security should not implemented in this way. Either implement proper security, or don’t use electronics at all. However some industries (military for example), work on simple and brutal principles. If they are happy with it, let it be.

tarafından

@tomchai

How would you go about grounding the RF traces? Which points would you use?

I've several times now that this wouldn't be a proper security solution but no one can't give me a straight answer why this wouldn't be a viable security solution. There aren't really any 'tempest' certified tablets products in the marketplace.

What would you recommend for security? I'd imagine as long as the Ipad is physically in his possession and he properly airgapped it(barring side attack channels through EMF) he should be more or less fine.

tarafından

There are 2 or 3 RF connectors on the iPad logic board, ground them all, or remove the impedance matching circuits immediately before it. I don't think the iPad will be capable of utilizing any RF features after that.

tarafından

@tomchai

I called several places and they don't understand how to do it or what I am explaining to them. Could describe which points you would use to ground the antenna.

tarafından

4 tane daha yorum göster

Yorum Ekle

Seçenekler

That’s an interesting question…spy stuff…cool!

Obviously, strong passwords are required on the device (not on sticky notes in the wallet ;-)

Okay, the fact that you have an iPad makes this more difficult because opening up an iPad multiple times (before the trip, after the trip etc.) is not trivial and exposes you to potential accidental damage that is quite expensive to repair.

You could, once the device is open, simply disconnect the antenna’s from the logic board. While the WiFi would still somewhat work, the range would be really poor and any snooping would have to be done within immediate proximity.

A more hard core approach would be to remove the power going to the WLAN IC but it’s unclear if this wold cause other issues as a lot of these IC’s talk to each other during the boot process. What’s odd here is that I usually repair devices, not disable them so I can’t say for certain if this would work.

The golden rule applies here in that if you give the black-hatters direct access to your device, they will find a way to get in or correct anything you may have done to harden your device. You have to take an onion-like approach, multiple layers of protection against remote snooping and direct access.

If this is a real concern and not just some mild paranoia, you should look into getting truly hardened devices for this purpose.

Let’s get the other moderators in on this, they may have some interesting insight!

@mayer @oldturkey03 @danj @jayeff @arbaman

Bu yanıt yardımcı oldu mu?

Evet Hayır
Puan 2

5 Yorum:

What security hardened device do you speak of? I really can't think of anything more secure than an Ipad this day in age. Unfortunately state actors can still access it as long as it has a radio inside of it.

It's not a mystery, it's common knowledge when dealing with the chinese state.

Regardless I am not going to discussing that, this is what my client asked for and I am trying figure out the viability of it. I discussed this with the client and they still want to go through with it.

The question is *has anyone done anything like this before and did it brick the ipad*?

tarafından

TEMPEST Is more complex than cutting the network connections.

Frankly, disconnecting the antennas won’t protect the data on the device, as the radiation of the chips and display was the original specs intentions.

You need a small Faraday cage that a person can work within and a case to hold the device when it’s not being used.

tarafından

@danj

Yeah - the side channels attacks on the EMF emissions. As I understand it you have to be really close to execute it but I am not sure.

Anyways I am just going to drop by a shop and have them ground the RF traces. Call it a day. Let my client worry about every thing else.

tarafından

30 yards with the proper gear is very possible to read EMF data! You really need to rethink things!

Setup a small room as a Faraday cage and use the equipment with the sensitive data within it only. Don't let the room be unmanned and the equipment that is going into the room must stay in the room and not removed until you are ready to leave China. Don't take anything into the room like phones or even smart watches. The equipment going into the room needs to be under your control the entire time you are in country (in and out).

Use wired connections (Ethernet & USB) outside of the room on less sensitive data (email) use heavy encryption both drive and file as well as comm.

Use pre-defined code words! Using different words when talking and electronic comms.

Have someone be the focus back in HQ for any emails, don't use your business email accounts. That person needs to scrub the messages before forwarding (looking for malware/spyware imbedded in the message headers and attachments)

Theft or spying doesn't need to be within China it could be just the entry back to your HQ's stored data!

Lastly, take as little as possible.

tarafından

Yorum Ekle

Yanıtını ekle

goofy sonsuza kadar minnettar olacak.
İstatistikleri Görüntüle:

Son 24 Saat: 0

Son 7 gün: 0

Son 30 gün: 1

Her zaman: 86