United States, couple years ago my friend in his mid-thirties was feeling depressed after his mom died. Came over to hang out, and wasn’t responding to his sisters calls.
His sister called in a welfare check on him and suddenly I have three cops knocking at my front door. They ask for him by name, say he isn’t in trouble. I go get him; he asks “how did you know where I was?” and the cops say “we pinged your phone”. What that entails exactly I have no clue.
Later I pulled up the video of them arriving on my cameras, they didn’t approach any of my neighbors houses first. It was just right to my front door like they knew exactly where he was. Kinda spooky.
> the cops say “we pinged your phone”. What that entails exactly I have no clue.
The cell phone infrastructure knows where your phone is. It has to in order for it to operate. The police routinely ask cell phone companies for locations of cell phones. Many (most?) not only won't require a warrant, but provide an official portal the police can use to conduct their queries without having to get a phone company employee to do it.
Note that it is not just police. The core of GPS network, SS7 system, is more than 50 years old in this point. It is often exploited by authoritarian states, sometimes to the end to get human right activists and journalists murdered.
> Note that it is not just police. The core of GPS network, SS7 system, is more than 50 years old in this point. It is often exploited by authoritarian states, sometimes to the end to get human right activists and journalists murdered.
You must mean the phone network, because GPS doesn't run on SS7.
Correct me if I'm wrong, but cell phone companies only know which tower you are currently connected to. So it's pretty inaccurate. The only thing that is "house accurate" is the GPS on your phone. That means they need access to your phone to get that info.
Remark that GPS doesn't need to be turned on. Google mapped all Wifi's and so can locate you without GPS.
You are wrong, although I don’t know the exact mechanism. I once witnessed first-hand a somewhat shady situation where a private investigator was trying to find someone’s whereabouts for the purpose of serving them for a lawsuit. As a last ditch effort, they reached out to a somewhat shady contact who was known to have some kind of internal access to the phone system and gave them the target’s phone number and sent $200 with Paypal. 10 minutes later we get an email back with a specific address and as it turns out that address was the target’s lawyer’s office. One of the process servers goes over there and catches the target on his way out.
I was a bit shaken. I believed what you believe before then too.
No it doesn't. Beam steering is adaptive and will work with signals getting reflected, for example. It's just noting where the return signal from the phone comes on 8 antennas and then narrowing the signal to the phone while increasing bandwidth. It does not use location (because it uses wave interference the "location" these beams is an interference pattern, not a position in cm)
Phone triangulation works by getting signal strength on 3 or more towers, and getting location from that. That's how it works on WiFi as well. Access points see the clients, and each other, and if you have enough data points, you don't even have to configure the locations of the access points. Of course, the location you get back is relative to the access points and the distance between them, so systems provide a quick way to convert to distances based on one or two measurements.
So please don't think 3G is going to protect you from triangulation. It isn't. Now they're decommissioned but even hospital pagers can be triangulated (some of them aren't even 1G, though anything remotely recent is just a cell phone in disguise)
Because of the "emergency services" mandate from governments it works without the sim being registered. Phones MUST be able to immediately call emergency services so sim or no sim, they are registered on the cell phone network using the number of the cellular modem hardware in the phone, the IMEI number. Phones without a SIM or eSIM can be triangulated. Phones that have never had a sim can be triangulated. Phones that had a sim, but now don't (you keep your phone on but have taken the sim out), can be triangulated based on the phone number of the sim (by looking up the IMEI that last used that SIM, then triangulating the IMEI). These systems can track mobile phones as they move, even in places where the signal is so weak phone service doesn't work (though of course, this doesn't exactly help with accuracy)
Of course whether all this works depends on the competence of the large telcos and the police in a specific country. What I said above is what's possible, not what is actually done. What another poster said is true: telcos have internet portals, accessible to the police (and ...) where you enter some information and get location back. This is generally demanded by governments, as the telco is not allowed to know WHO gets tracked by the police in most countries. Yes, in the US telcos are allowed to know, and they can even legally refuse to track someone, but in most of the EU this is not true.
Whether airplane mode prevents your location from being monitored depends on the phone.
iirc, Your phone sends signal to all nearby towers and then pick the closest one to connect with, which means the signal towers can also triangulate your location based from your distance to the nearby towers
> Correct me if I'm wrong, but cell phone companies only know which tower you are currently connected to. So it's pretty inaccurate. The only thing that is "house accurate" is the GPS on your phone.
That was the case before 5G. They'd only have your location to within a mile or so. 5G gives them your location to within feet. It's because they need to so many more towers.
It depends on the area. In very dense areas, it can be more accurate than you expect. It's also possible that they triggered a GPS response that told them rather precisely where the phone is.
A few years ago, when I was studying, my friend and I did a project on that in Xamarin. It took us two evenings, and the accuracy was 300 meters at worst, and 30 meters at best. It's worth noting that this was in a larger city.
So, if two students can achieve even 30 meters accuracy in two days, big telecom corporations will certainly do better in a few decades.
EDIT: By the way, it wasn't only triangulation but also signal strength change analysis. It wasn't as serious as it sounds, there are formulas already made for calculating that.
In the past, ~1 mile. One of the complaints people had about 5G was that it could make it much more accurate. Accurate enough to find a house or someone's location with it. It works because 5G needs towers all over the place to function.
Did the friend park the car out the front of his house, with a license plate that would have been shared by the sister? In the suburbs you don’t need to be overly precise, do a drive by and stop at the house with the car?
I think the question was "how did the phone company know the location", and GPS may be part of the answer.
In the US, E911 requires all phones to be able to report their physical location. Phone companies may use this ability to respond to police location requests. I don't know one way or another, but it seems likely.
Even if they don’t, they can use trilateration/triangulation (for which I assume they always have the necessary information: signal strength and approximate distance) to pinpoint the exact location.
They won't use that if the GPS / "Location" service is turned off. But the cell network still knows where you are anyway, within ten meters or better. The FCC asks for z-axis accuracy within 3 meters; good enough to determine what floor of a building you're on (for E911 purposes.) 5G Rel 17 can supposedly locate people within a meter.
Despite all the technology in the world the majority of police work is still plain old-fashioned knocking on doors and making phone calls. People will always voluntarily give up all the information in the world to be seen as good citizens. In your friend's case I'm willing to bet that they asked the sister for the names of his close friends and acquaintances and yours matched up.
No. They can locate anyone's phone on demand. The services that do this can generate a likely street address from GPS or tower triangulated location.
This is how many criminals now get caught while on the run. It isn't magic police work but rather the personal tracking device everyone carries. Likewise some spree killers have been tracked down by geofencing phones known to be around all crime scenes and zeroing in on the one that shows up at all/most of them.
Other towers can still passively track your signal. You also have to communicate with more than one tower during handoff between cells. This is a capability mandated by E911.
To locate a mobile telephone geographically, there are two general approaches. One is to use some form of radiolocation from the cellular network; the other is to use a Global Positioning System receiver built into the phone itself. Both approaches are described by the Radio resource location services protocol (LCS protocol).
Look at the tower. It would have at least 3 antennas giving at least a 120 degree segment. As soon as a phone connects to another one you would have a line (or more like an ellipsoid) between the two towers. Even if the phone just lies on the desk it could switch towers, eg if the current one has too many clients, or the signal quality is pretty equal between them.
NB I worked in a such place, my phone would be in low 40-50% at the end of the work day, despite being able to endure two days easily if I would be at some other place.
Your "on demand" makes it read like they don't need to get a warrant whereas your link describes a missing-children investigation that had already made the national news, i.e., a situation in which getting a warrant would be very easy.
Well, sure, but more often than not, when someone on HN gives a URL to support some point, the URL ends up not actually supporting the point. I'm curious why people do that. Why did you do it?
> Despite all the technology in the world the majority of police work is still plain old-fashioned knocking on doors and making phone calls. People will always voluntarily give up all the information in the world to be seen as good citizens. In your friend's case I'm willing to bet that they asked the sister for the names of his close friends and acquaintances and yours matched up.
Sure, but that doesn't pass the smell test in this situation:
1. That's a lot of work, which would take a lot of time to do. For instance, does the sister know the OP's number. His full name? His first name? Are they going do all the work to piece together fragmentary information for a wellness check?
2. The technology exists and is widely deployed for the police to straightforwardly take a quick shortcut around all that work.
You experienced a type 0 SMS. It can wake the GPS on a modern phone and return a GPS location.
Last time I checked cell tower triangulation is accurate to between a few hundred and a few thousand feet. Cellular A-GPS can be good to within a few feet inside houses usually but often its within a few tens of feet in accuracy.
Police need a warrant to get location data from your cell phone provider. No department is bothering with that for a welfare check unless the situation is really dire, and the process still takes a while to carry out. "Where do you think your brother is?" "Oh probably at XYZ's place" is a much more straightforward and common process.
I have some family who are dispatchers (not in the US), and they have the ability to immediately get location data directly from providers if they think somebody is in imminent danger. They can’t do it to track a suspect (not without a warrant), but they would regularly do it for suspected suicides, or when a caller communicated they were in danger but failed to give their location for what ever reason.
I wouldn’t be surprised if many jurisdictions around the world had similar systems.
In the cases I’m familiar with it was often used for other people calling in suspected suicide attempts (or other types of self harm, or drug overdoses, ect…)
I am a reporter who covers crime. Your account is 100% accurate. Federal law allows for the disclosure of customer records “to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of information relating to the emergency.” 5 U.S.C § 2703(c).
Either corporations are allowed to be 'pressured' by the government or they aren't. But of course the legal system will make themselves a nice carveout for their uses like always.
They may have done both. Or they may be lying. In most cases it's best to assume that the police won't give you any info unless they are compelled to do so (and sometimes not even then).
Seems much more likely that his sister knew the friend, and suggested he might be there? Or there was some relation to the friend to know the exact address. Unless he lived at a single-family house, it's unlikely a phone's GPS would be exact enough.
That's just it, they are doing their own thing. This is why I liked the explanation, it reflects that the police is not an organization that's somehow representing and enforcing a higher moral standard, but rather a distinct thing that has its own life and culture. And that social engineering and parallel construction are part of daily life.
Pursuant to 5 U.S.C § 2703(c), a provider “may divulge a record or other information pertaining to a subscriber to or customer of such service (not including the contents of communications covered by subsection (a)(1) or (a)(2)”…“to a governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of information relating to the emergency.”
The police can access all call logs; if they found your number among his last calls, starting from your house would have been among the first things to do in normal investigation.
Cops can freely buy anything from one of Peter Thiel's panopticon products. He can buy all the data from brokers and companies for a pretty high price, and sell it to cops for an equally stupid price, and your tax dollars get used to bypass the entire concept of a warrant.
No, no need for a warrant. If the cops ask nicely (as opposed to making a demand), and the provider provides the info, there was no need for a warrant. That is the common process today.
Not really, best in class network probes will regularly give you positions that are wrong by a few km, you need quite a bit of cleaning to reconstruct accurate paths.
That's why something like MDT was added to 3GPP standards and emergency calls trigger a hard GPS fix.
Sure, that seems like something that could happen. However, meanwhile, in practice, my friend was having a mental break and the cops narrowed my friend's location down to 3 possible houses in a neighborhood.
Abusing emergency location services is a much better explanation here. They can ping the device for a short time and it'll do its best (using A-GPS and WiFi) to provide an accurate position, without involving anyone since it's fully automated. Collecting positions from a carrier's network infrastructure is a more complex and slow task in comparison.
Towers use sector antennas that can cover typically 15 degrees down to 5 degrees, so the angle from the tower is somewhat known. There are some ways to get an idea how far a device is from the tower with sufficient access, but its usually a moot point because rarely does a device get into a place where it is only being seen on one tower.
They could at least have the decency to just secretly do it and then pretend like they aren't, like our government does. This is why physical switches and removable batteries are the only way forward.
> This is why physical switches and removable batteries are the only way forward.
You'd gain nothing. What are you going to do, remove the battery for a couple hours per day?
And then if there's any crime, the police is going to immediately suspect anyone who had the battery removed from their cell phone at the time, which they can trivially detect.
I'd be willing to bet that less than half of this site's users are American. There is a huge software engineering community in Europe, for example, and there are more Europeans than Americans, let alone the large populations of Asia, Australia, New Zealand...
The US is the largest country with english speakers, but it does not have the majority of speakers [1] (just India plus Pakistan have as many). So your assumption would be wrong, even based on statistics.
That's why I qualified it with "native" - the US has by far the most English-as-a-first-language people. In my head everyone speaks like an Anglo guy from Idaho, and since HN is text-only, metaphorically speaking the lights are out, so I'm left without a clue where other people are sitting or where they are from.
In other words, if you found yourself in a dark room with a thousand English speakers who all sounded like Jesse Pinkman, what country would you assume you were in?
I'd be willing to bet that less than half of this site's users are American. There is a huge software engineering community in Europe, for example, and there are more Europeans than Americans, let alone the large populations of Asia, Australia, New Zealand...
English is the dominant second language in the world.
I would agree with that, at least for this site. I wouldn't be surprised if the ratio was 1 to 10, since tech skews it significantly. For example, I work in tech in the US, and the only American I've spoken to today was my summer intern, and - oh hold up, I just typed that and realized she's from Canada. OK, I've been in work meetings all day and I have not spoken to a "US American" during that time. I suspect that other sites, particularly some subreddits, are mostly American, though.
Personally I think that "X is an American site" is over-used and doesn't actually make all that much sense when applied to things that cover general world-spanning issues.
I wrote a stupid message first that the person above you replied to accurately, I changed my stupid message to be less stupid while still reflecting my opinion on the matter.
What relevance does that have to the question, may I ask. Do you think, for example, that every user of Twitter is American because Twitter is an American company?!
they have no doubt been doing it, they're just using the panic of a brainwashed population thinking they're on the brink of Islamic revolution to normalize it
I feel it's significantly better to know that someone is doing the spying and all that. Why should they hide that they can spy on whoever they choose? When they don't make clear what happens, we end up in a position where everyone's uncertain. And, as history has shown, it makes things significantly more difficult.
Or making the phone more reliable, particular in high-humidity climates, where you want to prevent air from getting to the electronics as much as practical.
Meh, phones with removable batteries are still being made. Samsung's Galaxy Cover line has plenty of phones with removable batteries. Some even feature the much feared IP68.
I regret getting a pixel, and not a fairphone with a removable battery
With the current level of oversight on the police (police of police is a meme by now), and the level of cybersecurity at the government, everyone's phones will be activated within a few months.
At least some government agent will have fun watching what ppl visit on the internet during their spare time, and can enable the camera to watch what they're doing when they review the content.
The fight against crime is ramping up !
I don't get why they don't hire back more detectives and accountants to really investigate actual evidence, instead of just listening to potential criminals for hours.
They have been reducing the force for 15 years (especially the forces that investigated financial and workplace crimes)
Who knows if Framework[0] survive long enough, they might create a phone with choices like GrapheneOS[1] etc. Their 16" laptop reminds me of Project Ara[2].
A Pixel phone probably gives you the best chance of resisting this sort of attack. The most vulnerable phones are the older, cheaper phones that run outdated versions of Android. Pixel phones are generally the first to get security updates, and so the quickest to get patches when spyware companies start using new bugs.
Wouldn't a Pixel phone be vulnerable to USA giving Google a 'national security letter' saying to make your phone remotely accessible with a personalised update, say? Google seem like they could - and if paid, would - readily do that whilst other companies could hide behind lack of resources or whatever.
I just assumed that USA three letter agencies paid larger companies upfront to implement back doors; seems to fit with past form. Why would they not do that. Indeed it always struck me the debacle with Huawei where USA government smeared then to prevent their equipment being used in UK was so that USA-manufactured equipment with USA-controlled backdoors would be implemented instead ... it might only have been financial protectionism but it just seemed too big a protest.
No, according to the Snowden documents, the NSA spun up the MUSCULAR program specifically because Google was refusing to play nice. This was where they dug up dark fiber between Google data centers to tap into the information being sent between them. Within a month after the MUSCULAR leak, Google was encrypting all comms between data centers, which in theory, killed all the MUSCULAR taps.
Nexus/Pixel devices literally come out of the box with Verizon background crapware installed that you cannot disable or remove even if you're not a Verizon customer.
I use T-Mobile and I bought my Pixel 5a directly through Google at an official in-person Google store. Does my phone have this Verizon bloatware? What apps should I be looking for?
I googled it and I'm only seeing people complain about this Verizon bloatware from people who bought it through Verizon.
Google don’t index sites which contain that kind of information. :)
More seriously, I too would have bought a Fairphone (for ethical reasons) to replace the crap second-hand Android phone that I’d been using for the past 8 years. However, I recently received a gift of a new iPhone so I probably won’t be getting a new phone for another 8 years or so. The iPhone doesn’t have any bloatware and it does have lots of options for security and privacy so I’m happy to use it from that point of view. Aside from not being able to remove the battery, I don’t think the average user can do much better than that, given that they have no insight into or control over the baseband layer.
I’ve never owned a Pixel but I’d expect (hope) that one purchased directly from Google would be similar to in iPhone bought from Apple.
Nexus devices did have such “feature”. IIRC it was activated by a carrier SIM upon first boot and some people were quite sad after inserting say AT&T SIM into their supposedly “unlocked” phone.
Sure , if you buy a pixel from Verizon or any of the other major providers directly . I didn’t have that problem when I bought a pixel couple years ago directly from Google’s online store to use on T-Mobile’s network.
There's always the faraday bag or simply not taking it to your meeting/activity that have been the recommended options for opsec even when phones had removable batteries.
Regarding the Faraday bag, as I mentioned in another comment, that is not useful because the phone could be recording your audio anyway and then just transmit it later when you take it out of the bag. What you'd really want is some kind of soundproof box, but I'm not sure if an effective one exists because microphones can be sensitive and audio recordings can be amplified.
Faraday bags are not effective against all frequencies. Specifically the 5G frequencies are known to be very difficult to block with a cage ( but do have relatively short ranges)
That's implying that it is actually off and not just pretending to be off, and that it requires a command to start recording instead of just constantly recording and only uploading when commanded to
Far enough down the threat model rabbit hole the real solution is just ditch the phone if you're doing anything mildly antigovernment. That at least forces them to do a bit more work to spy on you.
That's always one of the big issues in opsec/security discussions, we can always imagine a more motivated or well funded attacker but the likelihood of those being deployed against you change with the difficulty of implementing those methods.
Would putting it inside a microwave work? I think I recall Snowden did that but I'm not entirely sure I remember correctly.
Edit: on the other hand, I'm now considering the possibility that the phone might be recording your audio even without network access and then transmit it later when you take it outside the microwave. So you'd have to be physically far away from the microwave for the microphone not to hear you, which means the microwave and faraday cages don't add anything useful.
They're already allowed to shoot you if you don't stop your car, all in the name fo fighting terrorism, so I'm not surprised they can snnop at your camera and microphone.
I'm quite sure this is linked to the recent protests.
Je suis Charlie > je suis la gendarmerie > l'etat, c'est moi. Back to 1655 in three easy steps.
I am confused. Are they mandating a backdoor, or is there already a backdoor, or are they allowing the police to exploit zero days? If it is the latter, it is sad that the authorities assume weak security as a given.
They may have access to backdoors in the baseband firmwares.
The baseband is an opaque binary blob that operates outside of the phone's main OS, and its contents are usually considered a trade secret by the manufacturer since it handles low-level hardware interactions with the main radios/etc.
Personally, I would be surprised if those systems weren't compromised by agreement. It's already common to see criminals and dissidents get busted because they think that turning a phone off stops it from reporting location data.
> It's already common to see criminals and dissidents get busted because they think that turning a phone off stops it from reporting location data.
That’s an incredible claim to make with no source. It seems unreasonable to suspect Apple and google would allow some chips they don’t access to battery even when powered off.
Well if you can make claims without a source and say the tech is secret..you can claim literally anything? I have a startup that builds a machine that can complete medical tests from a single drop of blood. The tech is a secret though.
Do the cameras/microphones need to be controlled by the baseband? Naively they seem like they should be at a slightly higher level than the main radios, and should be controlled exclusively by the OS. I'm guessing from your comment there's some reason that's not the case though?
In addition to the basebandy RF stuff that you expect the baseband to do, it also does real-time voice modulation and call quality things like echo and noise cancellation… things that high level OS would do too slowly.
In 2023 I suspect this is less and less necessary- apple silicon is very fast and a lot of voice comms goes through an app (FaceTime?) anyway but … I’m sure those capabilities are still in the baseband processor …
There is this [0] thread from a few years ago. According to the linked article, "unless an IOMMU is used, the baseband has full access to main memory, and can compromise it arbitrarily." No idea how true this statement is.
Does it? The OS must be able to send audio to the phone modem (bluetooth, homepod, etc), so it seems reasonable to me that it wouldn't have direct access to the microphone and that would go via OS also.
They are already doing via exploits, or via carrier injection, but this might have been illegal given the various anti-hacking laws around. So the legislature is granting explicit permission for the police to do this.
Governments regularly have a steady flow of zero days to use, but once it's used it's "burned" so it's not something they throw around willy nilly. I would guess they are going to force manufacturers to play ball, and I would gues that the manufacturers will.
The only left wing governments in the western world are Portugal and Spain. And PSOE is barely left-wing imho (I won't fall into the 'no true scottman' here, but I really wanted to).
Manufacturers already throw their principles out of the window to sell in China, Russia and UAE so I don't think they'll have a problem selling in France after this either.
> But lawmakers agreed to the bill late Wednesday as Justice Minister Eric Dupond-Moretti insisted the bill would affect only “dozens of cases a year.”
Technically he is not lying or naive, because any number, including large numbers like 66 million, can be expressed in units of dozens.
Yeah dozens my ass, another round of massive anti-government protests or Paris streets on fire, or some terrorist attack and they will not be very selective about this because "security". We know how messed up people with such powers are, it doesn't matter which country, for them 1984 is not some bad utopia but just first step in such direction
it most likely really will only be a small number of cases
BUT that doesn't matter
it being abused against just one or two times in very important contexts (political, human right activists, etc.) can already be a major negative impact
for laws like that the "it's just a few" argument was always worthless even if true
I dunno, I think the number will increase above dozens. They certainly won't start out doing dozens a year, then pare it down to one or two, and eventually realize the don't even really need it. More likely, the number of uses per year will creep up, until eventually it's not as controversial as it used to be, at which point it'll jump dramatically. As a comparison, in the U.S., no-knock warrants were controversial when they were first implemented, and they were stated as being only for very special circumstances—ya know, terrorists and such—and now they happen about 70,000 times a year, mostly for dangerous activities like marijuana possession or distribution. The ratchet only goes one way, which is why it's dangerous to grant the premise of "we'll only use this in exigent circumstances, we pinky swear".
I've seen people literally smoking joints in front of the police station.
Listening in on someone to find evidence of them doing something illegal is actual work, the odds of them doing it to everyone are rather low, I think they'd rather go watch a football game or something.
Linguistically dozens of cases is vague less then 200 and definitively less then 1000, because then it would be hundreds of cases.
Through there is no legal requirement for the statement to be true in any form or way. Even if they would have explicitly said less then 50 cases, it's not a constraint in the law, so it's meaningless.
Through see my other comment for why even if that statement is fully true in a linguistic sense it still is very bad.
>"[Though] there is no legal requirement for the statement to be true [...]"
This is a major flaw in Western democracies. A person acting for the government, making a statement that the public would see as official, should be bound by law to tell the truth; or at least not lie nor commit deception.
People like UK ex-PM Johnson are effectively committing treasonous fraud, by lying to the public, and getting off scot-free.
what tech does this even use? Do they mean using Pegasus or similar malware that the govt has to first get onto the suspect's devices, or is this via Google/Apple or the device manufacturers that makes 'remotely and secretly activating a microphone' even possible?
This bill AFIK only covers the "they are allowed to do it" part but not the "how do they gain the capability to do it" part.
But spyware which can do so exists in endless amounts, including from companies focused on selling it to governments.
Hence also why in recent years physical microphone switches, or e.g. stuff like (I think it was) Apple laptops "physically" disconnecting the microphone/camera if you close the lid have been become increasingly more common and in demand. (Through the demand comes more from bad actors using it then from people being afraid the government spies on them AFIK, but technically there is 100% no difference)
Also, I recall that the green light on the apple camera is controlled by the camera's firmware, making it more difficult to turn on without the light come on. (You'd need to overwrite the camera firmware.)
I should have included the caveat that my comment was from memory.
I just did some brief research, and it seems that it was the case prior to some point in time between 2008 and 2019, but it is now hard-wired. It is discussed near the end of https://daringfireball.net/2019/02/on_covering_webcams
The engineer quoted in the article pointed out that it may be possible (at least in 2019) to briefly turn the camera on - flashing the led too quickly for someone to see.
I didn't find a discussion of this issue in the May 2022 Apple Platform Security guide.
It could be simple, just hook the led to the reset line of the camera and you'll know if the camera is in use. Downside is that the led will blink on boot when linux probes the driver.
That is the difference between something being firmware controlled and hardwired.
And for new macs the off switch for microphone/mic if the lid is closed is hard wired using some "dump circuit logic switch" AFIK.
The problem with lights (even if hard wired) is that you might still find ways to brake them, like finding a way to fry them without braking the camera or switching on/off so fast that it isn't really visible but you still get some image/sound you might be able to post process to a point where it's usable even if not grate. You probably can prevent this with further hard wired circuits, like a hard wired "super slow de-bouncer" which in a on-1->off-2->on makes sure 2 is prevented if not at least Xs passed since 1. And which in a off-2->on-3->off cycle makes sure the LED is on for at least Ys (the camera can be switched off faster, just not on again). But I don't think apple has something like that. At that points the question is why not put in physical switches like e.g. on Framework laptops or some older ThinkPads.
Probably, if you hacked a device to a point you have root access or worse it's not that uncommon that you are able to reflash firmware to custom firmware.
A lot of firmware, and firmware signature validation, is ... not very well done.
Practically it's often not worth it (you already had root+ access. It's doable, but not simple and less uniform applicable.).
But there have been known cases of viruses tryign to persist themself in the firmware of connected devices (which in this context includes all internal devices including the motherboard).
> The bill allows the geolocation of crime suspects, covering other devices like laptops, cars and connected devices, just as it could be remotely activated to record sound and images of people suspected of terror offences, as well as delinquency and organised crime.
For the very strange who accept driving the new "smartphones with wheels".
Including, note, the cars with the embedded telephone as mandated by the european union past 2018 - the e-call systems. Some articles went "there could be privacy issues, but it is a remote eventuality": now you see that someone could push as normal an eavesdropper in your car.
Sometimes, Stavros, it is a painful choice to decide in assessment between malice and the various shades of stupidity - the perspective of the latter can be a tad more difficult to digest.
But the last time I read reported unhandable blabbering devoid of awareness and mental competence, attributed to a "minister of the republic", was just minutes ago. When you hear utterings like "it will save lives" - completely alien to conscience of quality of life, good reason, cleanness and propriety, rejection of absurdity, collaterals etc. - I am afraid they may actually "believe" that (or, better, just "sit on that", "hold on that", "cling to that" in some internal economy).
My memory may be failing me or confusing things so please correct me, but I seem to recall reading somewhere that the baseband lives segregated (with only a narrow communication cannel, kinda as if it were a remote machine) from the remainder of the hardware, so while it could be made to run stuff itself it has no way to physically access to main cpu, ram, mic, nor cams (barring, of course, any vulnerability on the comm channel that would land an exploit in the main OS+hardware).
GPS is another matter, but then again it's baseband so it gotta communicates with towers, so that's a done deal already that does not even require baseband access.
I take pride in striving to form my opinions based on verifiable facts as discovered by third party sources, such as via work done by the Asahi Linux team†.
If I were buying into marketing I would not even have asked the question above in hopes of getting a hard reference to these kinds of details.
† e.g the following tidbits:
> The SEP is designed to be mutually isolated from the main CPU (AP); neither can compromise the other.
> No runtime blobs are designed to have total system access (no ME, no PSP, no TrustZone, nothing of that sort). Almost all blobs are running behind IOMMUs or similar firewalls, with the sole exception of the GPU firmware*. All code running on the main CPUs is under the control of the OS.
> AS machines use a large number of auxiliary firmware blobs, each dedicated to a specific purpose and running on a separate CPU core. This is better than having a smaller number of kitchen sink blobs (like Intel ME), since each blob can only affect a particular subsystem (e.g. display, storage, camera), which makes it harder for multiple blobs to collude in order to compromise the user in a meaningful way. For example, the blob running inside the keyboard controller has no mechanism to communicate with the blob running on the WiFi card, and thus cannot implement a keylogger surreptitiously; the blob running on the display controller similarly has no way to communicate with the network, and thus can't implement a secret screen scraper.
> From a security perspective, these machines may possibly qualify as the most secure general purpose computers available to the public which support third-party OSes, in terms of resistance to attack by non-owners. This is, of course, predicated on some level of trust in Apple, but some level of trust in the manufacturer is required for any system (there is no way to prove the non-existence of hardware backdoors on any machine, so this is not as much of a sticking point as it might initially seem).
> *it's worth pointing out that this firmware is not particularly large, is shipped in plain text and even with some symbols, does not have any functionality to talk via questionable interfaces (network, etc.), and is optional and not running when the OS boots (the OS must explicitly start it)
Which is an entirely different league than, say, Intel ME which completely owns the machine at the design level.
"...the cellular carrier can send blobs of FORTH code right to the radio. The radio firmware also seems to have an IP stack (with TCP) so it can do its own interesting things (both bad and good)..." https://boston.conman.org/2013/01/22.2
"...easily spotted loads and loads of bugs, scattered all over the place, each and every one of which could lead to exploits – crashing the device, and even allowing the attacker to remotely execute code. Remember: all over the air. One of the exploits he found required nothing more but a 73 byte message to get remote code execution. Over the air..."
"... It’s kind of a sobering thought that mobile communications, the cornerstone of the modern world in both developed and developing regions, pivots around software that is of dubious quality, poorly understood, entirely proprietary, and wholly insecure by design." https://www.osnews.com/story/27416/the-second-operating-syst... (archive: https://archive.is/FOR5V)
It's insecure by design because the NSA has for decades purposefully degraded the security of everything they can get their hands on to make it easier for them and law enforcement to spy on.
They don't want you listening in on John Q. Senator's phone calls, but they sure do...
The workaround is to carry around a small insulated faraday cage for your phone which blocks cellular reception, transmits bogus GPS signals locating yourself as a random wanderer, and plays television series reruns 24/7 at low volume into the microphone.
part of it is already being done: judges in France just ask companies like FAANG
for location data, including live location.
E2E encryption is the only way for companies to be able to refuse (and this is why there’s been a strong governmental push against it).
The scary new part is the turning on the camera/mic.
"They want EU rules on the use of spyware by law enforcement, which should only be authorised in exceptional cases for a pre-defined purpose and a limited time."
> what tech does this even use? Do they mean using Pegasus or similar malware that the govt has to first get onto the suspect's devices, or is this via Google/Apple or the device manufacturers that makes 'remotely and secretly activating a microphone' even possible?
It would have to be after compromise, which would mean its likely only used on a very small number of cases due to the sensitivity and cost of the technology involved.
This bill could be step one. Step two could be a requirement for SW/HW manufacturers to add a backdoor since this is not really effective to fight crime this way. I'm not saying it is planned or there's some conspiracy for establishing a totalitarian state.
But we can't really predict the future and more loose rules could be introduced by the next government with a totally different agenda who might thank for the previous one for creating this legal framework.
Also, this section is weird too:
> They said sensitive professions, including doctors, journalists, lawyers, judges and MPs, would not be legitimate targets.
Apparently software engineering is not a sensitive job.
> Step two could be a requirement for SW/HW manufacturers to add a backdoor since this is not really effective to fight crime this way
We have already been there, it's just like good old phone calls. They can be intercepted under the proper judicial supervision.
I don't have criteria to answer if this is a necessary evil or directly a blatant totalitarian push, but one needs to consider: does the French government have a bad track record of abusing the capability of eavesdropping any phone communication? has this capability been useful for law enforcement?
Good point, most people however don't expect their phone calls to be private for this very reason.
> does the French government have a bad track record of abusing the capability of eavesdropping any phone communication?
I'd rather look into possible future scenarios, I don't know about past cases, but I don't really follow french politics. I know discussing politics is HN is not encouraged, so I'd just rather suggest to look up what's coming for France (and EU) if the current government fails and major powers switch. Sorry if you already know this.
> has this capability been useful for law enforcement?
In Hungary, Pegasus was used to eavesdrop on many citizens who were simply in an opposing position. Law enforcement is a good cover for data collection and of course can be effective, but we need transparency and safety to see if these tools are abused or not. There are no good answers I'm afraid.
But any surveillance capability results in “good” as well as bad actors, frustrated with the current limits, asking for just a little more formal power or finding ways to justify informal drift in practice.
The only way to stop surveillance creep is openness and clear principles more coherent than a recursive “well they have been responsible so far, so far as we know” argument.
This might be quibbling but true democratic process could be interpreted as direct democracy where the law is directly voted for and people give a specific assent to the law (which ancient Athens did do). This is more of a democratic republic where officials elected through democratic process then make decisions, which usually works more smoothly than a pure democracy, but it does mean that the population at large does not necessarily support this specific law (though they might).
> Is it sensitive to compromise a phone, now that there is a national law allowing it, passed through a democratic process?
The technology itself is sensitive, when you buy a full chain exploit like the ones that have the public bounty price above, if it gets burnt it's useless for everyone else who bought it after its patched.
Generally exploit brokers don't like it when you burn their exploits.
> In the US the major cities have police budgets of between $200 million and $5 billion
Yeah and most didn’t have this capability generally considering both the costs and the little amount of use you'd have for it.
You'd expect something more federal like the NSA, CIA or the FBI to have this kind of capability which is why its kinda a big deal when normal cops get it.
Can we get the European Union to mandate physical toggles and shutters for mic and camera, now that they're also pushing for user-replaceable batteries?
Are you talking about the European Union that wants to permanently dismantle end to end encryption and full access to any and all texts sent between any number parties?
* right now: Law Enforcement need the decision of a judge to do this (when they technically can, either using 0-day or maybe asking for the phone provider to upload a malicious app under their service app)
* after the law: Law Enforcement will be able to do THE SAME without the need for a judge under some specific (but not really restrictive, like national security) conditions
So, all in all, it will just shorten the time needed by Law Enforcement to hack some suspected citizen and it won't require a judge. Is it a shame for the democracy ? Yes, obviously. Is it a change in the way for the State to spy its people ? No, sadly.
Will there be a debate about what individual freedom may be taken of citizen in the name of national/public security ? No, obviously. And sadly.
Right now: they don't have such right.
After the law: they do have the right and it requires a judge's approval renewed every 15 days.
I'm not talking about what the capacity of intelligence services to do it, I'm talking about what the police (officier de police judiciaire) can lawfully do.
The terror was fully part of the revolution, and was notably when the vote for France to proclame itself a Republic happened. Support for and against the king came and went throughout the revolution. The vote for abolition of monarchy in 92 (so, 3 years after it began!) and then for death penalty of the king in 93 was heavily influenced by the fear of retribution for whom may vote against. France would likely still be a monarchy if not for the terror.
FWIW, France became an empire, then was restored as a monarchy, then back an empire and monarchy before it became a republic durably.
Revolution was not a series of peasants and commoner ridding themselves of their despots, it was much more dirtier, political and complex than that, which doesn't prevent to still be behind the ideals that drove the events and find it beautiful.
> FWIW, France became an empire, then was restored as a monarchy, then back an empire and monarchy before it became a republic durably.
You left out “republic again” between “restored as a monarchy” and ”back an empire” (and actually, even that leaves out the July Revolution which was a change between two different monarchies, and not just different monarchs, in 1830.)
Yeah, it's pretty incredible how many people look at these kind of events as point in times, e.g lots of French people answer "Bastille day" if you ask when the revolution happened, or some Americans answer "D-day" for when Europe was liberated.
what you call red terror was merely a preludium to the much more servere and large scale 'white terror' the royalists and their supporters comitted much more horrifying and large scale terror on a massive scale. The right-wing terror that followed the revolution is somehow never mentioned. I guess people still buy into the scarlet pimpernel bs.
Long term that is correct, but compared to a few years back it is. Snooping on people's phone conversations is a thing of the STASI, Securitate and NKVD era. Having everything you do monitored by the government through casual on street surveillance, and then introducing that to phones is not particularly flattering.
But that's not unique to EU, look at US post 9/11. Let's say there was a period of more freedom in the west, and its declining steadily. I've heard some US reporter predicting live in TV exactly this happening as towers were falling, I wish I remembered his name.
That doesn't sound very liberal. ("Liberal" meaning "in favor of freedom for people".) It doesn't even sound very politically liberal, meaning "in favor of peoples' right to protest injustice" and "in favor of peoples' right to not be shot dead by police".
Isn't "order" the concern of the conservatives?
I've heard a number of times that politically left and right mean different things in Europe; is this one of those situations?
It's not so simple. Without order there can be no liberty, but absolute order isn't compatible with liberty either. Liberty exists in a balance which may easily be lost.
We think they lied to the judges. Or maybe there are no judges, because the entire thing is a secret system, so we can't know who the judges are or how they've ruled on the matters brought before them. All we know is that it is only used against foreign adversaries, except in the cases when it's used on Americans.
Of all of the issues in the US, I genuinely believe FISA and FISC are the largest issues today. There can be no secret courts in a real democracy (or republic or whatever else you want to call it). The government can't be by, for, and of the people if they have a recourse to lock away people that can't have the sun shine on it.
It astounds me that this is just accepted as a practice in the US. Or am I being naive?
You're not being naive. It happened in a flash, without a referendum, and nobody asked for it. It's not that we accepted it; it's that there's nothing we can do about it.
From an opsec standpoint, would leaving the phone in airplane mode and turning off location services effectively block access to the phone?
From my understanding airplane mode disables the sim, wifi, gps, and bluetooth entirely, but it's possible to re-enable wifi, gps, and bluetooth. It's something I got into the habit of doing because my phone searching for 4g cellular data ate into my battery.
For the camera your best bet is to just put a physical cover. There are a lot of sliding adhesive ones you can buy online that are convenient. I stick them on laptops as well, especially work-issued laptops.
For the microphone ... ideally build and install LineageOS yourself on an Android device. Don't trust iOS or Google's official Android builds, they have closed source software that may have France-specific backdoors.
From what I've read, the current theory is that access is initially possible using the cellular modem. Building and running a custom Android wouldn't necessarily help in that case, because the modem/baseband firmware is completely isolated and runs independently of the OS.
It seems like general camera/audio recording would need a secondary exploit.
Hm. I wonder how much work it would take to desolder the microphone and add a physical switch for it. Or maybe a magnetic reed switch in series with the microphone so I don't need to drill extra holes in the phone enclosure -- just hold a magnet up to the phone when I want to use the microphone.
I figure the day's coming when cops will be able to remotely activate the inside camera and microphone in a Tesla, or remotely disable the car and/or have it pull over, etc. Perhaps first in China, but probably everywhere eventually.
And easily physically removable batteries, which used to be the norm and are still available for some devices (like the Nokia C30).
It isn't mere coincidence that device manufacturers have made it impossible to power off mobile phones (short of refusing to charge a device) and impossible to positively disconnect ripe-for-abuse subsystems like the microphone(s) or cameras at the same time that governments and other entities are using them as tracking devices.
Are you suggesting widespread conspiracy between governments and tech companies?
I'm strongly in favor of physical switches and I detest where technology is nowadays, but it seems pretty likely to me that they removed the physical switches because:
1. It simplifies (cheapens) production costs
2. It eliminates points of failure
3. It reduces user error opportunities
4. It makes it easier to waterproof devices
5. It makes it easier to make devices smaller
And surely others that don't require a major conspiracy.
> Widespread conspiracy between governments and tech companies has already been proven.
You mean, a conspiracy in the past to allow governments to sample/siphon data has been proven. That's a pretty different thing than having the entire market physically designing their product so that the government can use it to spy on people.
I don't doubt at all that the government would like companies to do that (they've already openly asked for it regarding encryption after all), but jumping to "it's a(nother) conspiracy!" when there are some pretty damn good explanations that are much closer to Occam's Razor seems irrational to me.
I don't think the tech companies deserve our trust, but I also think that if we go around seeing ghosts and conspiracies in every shadow and under every rock, it's not going to mean anything when the *next Prism happens because everyone will see "the boy who cried wolf" or say "those people always think it's a conspiracy."
There may not be an outright conspiracy, but I will not be surprised if OEMs are discouraged from (re)introducing physical switches on popular and mass market devices.
All good ideas for general opsec, however the last one is moot if you're connecting to cell networks - tower connection and triangulation data is not local to your phone and is already relatively easy for police to access with a warrant.
5 min after implementation the first corrupt cop is going to sell the software that handles the backdoor access to shady characters(criminal elements, foreign actors) for use or reverse engineering.
> They noted that a judge must approve any use of the provision, while the total duration of the surveillance cannot exceed six months.
So essentially this is like getting a warrant to install a bugging device. Just that nowadays everyone carries said bugging device in the form of a smartphone and this law allows a judge to authorise turning it on (assuming it is technically possible).
Almost all EU, the UK, US, Australia, NZ, etc. Even though all of them are far from perfect, it's still significantly better than in most places elsewhere.
France is currently following a path close to what Hungary did before, with a steady reduction in press freedom, political freedom, and individual freedom, coupled to a progressive erosion of the rule of law (a significant recent example came from the protests regarding the pension reforms: the government started banning most protests, but the ban was almost systematically lifted by courts. Then the government took a shady approach: the protests were banned, but the official text for the ban weren't published anymore as they should, so it could not be contested in front of courts, and people who still went to the protests got arrested for “attending to a banned protest”, and detained up to 48 hours (no justification needed, no recourse) before being released with no charge).
For sure France isn't PRC, but there's a full spectrum between ideal democracies and totalitarian dystopia, and France is much closer to what's called “Illiberal democracies” than to the former.
The level of government surveillance, in the EU, UK, US and elsewhere is already so massively OTT, that we have all the downsides around self-censorship, parallel construction, subversion of democracy etc.
So why not actually use the possible up sides of these dangerous immoral systems?
I keep my phone stored in a pouch, so the mic is muffled and the camera blocked, when not in use. If I want to go somewhere without being tracked, I leave it at home. I've done this for years. I always act on the assumption that I'm under surveillance.
Zero-touch OTA exploiting a cellular baseband processor in a phone is 100% possible if you control the network (which governments absolutely do). From there, it's just a matter of pivoting over to the application processor in order to enable the camera and mic. This path will almost certainly be less hardened than a userland to kernel privesc since the application-to-baseband interface will already be considered a trusted channel by the OS.
They don't have to install the backdoor themselves since that is clearly beyond the French police's reach. But if backdoors are already there they (France) only have to get access.
I doubt it, they can install any software they want on most people's phones. Sure in the future they can add supplemental hardware but it is very possible to do this measure currently on existing phones, unless you've rooted yours and install an alternative OS
Can people stop pretending already that these governments actually go through legal systems to backdoor and spy on people??
These patriot act type laws are just there to normalize their spying crimes in your eyes. Also to make people self censor themselves from criticizing their government.
No they don't prevent any sort of attacks because the attackers wouldn't be stupid enough to talk over their personal phones.
Let that sink in. They take away your privacy while not preventing any big attacks.
So how does this work technically? Does the bill require, for example, Apple to build the capability to remotely activate the microphone and camera on their laptops? Or does it just say that the government can use their magic spy tech to do this when they want to?
Why does Apple (iPhone) and Google (Android OS) give software access for governments to do this? One needs to disallow this. And then we need to buy that phone over the other. Transparency, competition and the power of customers must drive this.
The French have a long history of fighting for freedom, I'm surprised they'd roll over and let their government have a pocket recorder on them at all times 24/7.
Doesn't the iPhone have a hardwired thing that displays the red dot when the camera is on? I guess they can say goodbye to all that "privacy first" marketing.
It has always been, because they were never open systems. I'm waiting for when it isn't socially unacceptable to ask people not to bring their phones when they visit.
If you look at France it's not all of France rioting (through all of France was protesting).
Instead its a specific group of people defined by at what kind of place they live in: Banlieues. This is a form of ghetto which is historically mostly populated by people which grand parents had a migration background and which due to an economical shift had en-mass lost their jobs (the grand or grand grand parents).
This people grew up as French where told all the social norms and expectations of French society etc. At the same time they are often not treated as French have close very little chances to get any job at all. Just having a address at the border of a Banlieues is enough for you not even be considered for a job.
Over the last decades this has gotten so bad that by often police isn't really present in the Ghettos at all, and if only in larger groups. At the same time this distress is frequently abused by extremists, e.g. religious ones.
But that also means that most people in Banlieues probably do not care too much about this law as it is unlikely to ever affect them anyway. At the same time it's also true the other way around, the police cares too little about the Banlieues to abuse it to target the huge majority of people there. Similar if they move against people there they know very well that this people do not have good ways to properly legally defend themself.
But who will be targeted by this are e.g. environmental activists. For example France has in the past already (many times) declared some environmental activists as domestic terrorists and used anti-terrorist laws to spy on them in various ways.
I probably are wrong in some points at least somewhat, but I think it might be still worth to consider some of the arguments.
Well... industry taps into all your mic, gps and image library to send you personalized ads, and no one has really called it out, except be surprised when the ad shows up a minute after mentioning a product.. this to me sounds like tapping into the existing frameworks. likely the app providers giving access if not the phone manufacturer themselves.
...alll the while personal mobile devices get more and more mandated by all the tech BS. Try to perform basic tasks like doing a wire transfer / SEPA transaction without in ~5 years.
At least for me, this comment loses its thrust with this hashtag. It takes a potent observation and adds unnecessary partisanship. It's also connected with the mother of all blowback slogans: defund the police.
It’s not partisan to dislike police, it’s just misappropriating anger with the system onto a single component of the system. It’s incredibly myopic and counter productive to defund police in places where they depend on police for their safety. Missing the forest for the trees.
My experience with the police has been universally terrible. They think they are above the law and trusting them to do the right thing or “tell the truth and you’ll be fine” is extremely bad advice. Get a lawyer and be very careful around these people is my more nuanced take on them.
Edit: I commented before you made your answer more nuanced so I’ve changed mine too.
> You probably don’t have much experience with the police, would be my guess
It's a bad guess.
EDIT: Police in America have a "thin blue line" problem of reflexively defending peers' mistakes. Their cultures look disturbingly similar to gangs, though I don't think that's intentional--they're better described as fraternities with guns. (Which also describes gangs. Convergence.)
That said, new recruits aren't corrupt. And most cops are trying to do the right thing. More fundamentally: most Americans want a police force, and when the police stop working, the most proximate token is torched.
So yes, I get the drive behind the slogan. But it's counterproductive to a ridiculous degree. And it's nowhere proximate to a solution. On HN, I figure we can do better.
I do think it conveys something important about policing in the USA as a vibe, though I agree it's polarizing. In a similar sort of way to "defund the police" -- very catchy slogan which contains a bunch of nuance that's mostly not addressed by opponents.
As you say, I think a lot of cops do get into it for basically-good reasons, but the (hopefully-small) number who're in it for the power trip or who become dirty over time are fundamentally corruptive to the organization when combined with the "thin blue line" sentiment. If you can't trust any cop to help when you're victimized by another cop, "a few bad apples" will have spoiled the bunch.
Of course, I'll admit that much like "defund the police", it's kind of an umbrella term that gathers a few different views together, and you can't tell whether the person saying it holds the view I expressed above (which I think is the most mainstream position), or whether they think that policing is inherently corruptive and should be removed from society somehow.
The slogan may be counterproductive to achieving its stated aim, but it's also opening the ol' Overton window to a range of possibilities beyond the usual vague but well-funded "reform". If that's what it takes to get a marketplace of ideas, I'd say it's productive.
> it's also opening the ol' Overton window to a range of possibilities beyond the usual vague but well-funded "reform". If that's what it takes to get a marketplace of ideas, I'd say it's productive.
Slogans like #ACAB and "defund the police" shut down debate on reform. They're most successful at consolidating the pro-police position with moderates by presenting the entire police-reform spectrum as anti-cop radicals.
You've built up your very own strawman, and are arguing with it. ACAB is not "deeply connected" to defunding the police. And it's not also a solution to a problem: it's an opinion, a observation of facts. All cops are bastards, whether they're the young, new recruit that joins and inevitably ends up covering for the gang actions of others, the cops that have an itchy trigger finger the moment the person they're talking to is anywhere beyond #FFFFFF, or the captains that turn a blind eye to actions.
First off: this is not about America. Read the title, and stop being self centered for a moment. If you think France hasn't been saying ACAB for decades now, you're sorely mistaken. You know what my experiences are with the police, as a regular white dude ? Not what I see on TV, what I have lived. It's them not intervening when a neighbour in the middle of a psychotic episode stabs a passerby. It's them refusing to take in a deposition for sexual assault. It's them checking my arabic friends for drugs, but leaving me alone when I'm hanging out with them.
So, if you want more nuance: ACAB, and defund _this_ police. A few bad apples spoil the whole bunch, well the basket is rotting at this point.
The vast majority of interactions with police are peaceful and relatively mundane. Your view of police seems to be only informed by videos you see online.
The only interactions you see with police online are either extremely wholesome or extremely hostile. The mundane and boring interactions with police don't get seen, because they are boring and not at all noteworthy because it is standard.
If an interaction with the police revolves around something that is not criminal, such as speeding tickets, that involve a fine, you are effectively their customer so they are polite as long as you are, unless you make them feel in danger by reaching suddenly for things or being born into some stereotype or prejudice the officer has.
If the interaction involves criminal behavior, you are now "other" and you get to see the yucky side. My friends who were in law enforcement fell into people who got high on the control, people who got high on the adrenaline (worse), or people who came from legacy law enforcement family or just wanting to make a difference, trying to do the right things but knowing there were rules to follow and a line to maintain and thus got pulled down with the other two.
I have only had one interaction with police. It ended with them trying to pin the robbery of the store I was working at on me. They had footage of another person running, but couldn't see his face. They couldn't ID his car. The officer on the scene misquoted me and they used that against me. They took me for questioning without telling me I could have a lawyer, and without telling me that my parents should be present (I was under 18). They told me I had to take a polygraph test and tried to use that to bully me into confessing to something I didn't do. I was a child.
If I, a solidly middle-class white guy can have that experience, what is the experience like for marginalized kids?
Now, that is VERY anecdotal, I understand that. But why would I ever open myself up to that kind of liability again?
#AB - 'Auditing Britain', on youtube, regularly demonstrates why #acab can be seen to be a thing...in Britain, at least.
Given the power cops have - at their discretion, perhaps the #a can be dropped, but the police sure don't make it easy for themselves as far as the rest goes.
If you have been around a while, you will recognize ACAB from the tattoos of nazi skinheads or hells angels. I guess the enemy of your enemy is your friend even when they are fascist dickheads. Can we pick a new slogan or is there a reason we are attached to this one?
There is a reason racist extremists don’t like the cops. They want to carry out their agenda with impunity, and people use the power of the police to manage their presence in public spaces.
I've always hated the phrase 'ACAB', and I say this as someone whose username is Emma Goldman.
It's the institution, and its functional role in society, that's the structural problem. There are many well-intentioned, conscientious individuals in the police force. It is somewhat similar to the question of the attribution of moral blame for unjust wars. It is almost universally recognized that unjust wars are the fault of the aggressor country's leadership, and not the fault of the soldiers who fight them. Those soldiers tend to be poor, subject to indoctrination, and are often simply trying to dutifully help their country. In the same way that I don't think we should try and prosecute every Russian soldier fighting in Ukraine, or every American soldier to fight in Iraq, as war criminals - except for where they violate jus in bello - I don't think we should charge all police with responsibility for the injustices of the institution for which they work. Going back to where I began, Emma Goldman, one of the things I always found most powerful in the anarchist tradition is their belief in the basic goodness of most ordinary people - even when they are caught up in a fundamentally obscene system. I think I find the phrase ACAB grating for precisely that reason.
It's basically a simplification for life for some people. A lot of people don't like to think in nuances. Cops have a dangerous job and now that a large portion of the general citizenry hate them they have even more reason to be jumpy and sometimes aggressive. I think politicians could help a lot by ending programs like civil asset forfeiture, militarization of the police, etc. There is big gap between militant cops in small towns beating heads and what seems to be letting criminals do whatever they like in San Francisco downtown and then the DA letting them go because they did something less than shooting someone. I, for one, choose to live in a place with relatively stable "small town" cops even though they have sort of a bad rap in the neighboring city because they actually do patrol. I'm a brown person who has had zero problems with cops even though I have a lead foot.
> There are many well-intentioned, conscientious individuals in the police force
That's the issue though, I don't think this is true. Everything I've experienced personally and heard from others has shown me that cops will either 1) treat people like human punching bags or 2) stand by and laugh (or politely look away). Every single account I've seen from cops who've tried to stand up against police brutality has ended with that cop being retaliated against by their peers and fired.
If your premise were correct, then I agree that the slogan would be inappropriate. But I think the reality is that the police, as an institution, are extremely good at either excluding or converting otherwise well-intentioned, conscientious individuals.
I think my biggest pet peeve with this line of thinking is that it's not a reform slogan and it's not productive. If someone actually thinks that, then where do you go from there.
I don't think that's true at all, most people I've come across use it in an off-handed way to express solidarity with victims of police violence, or their general distaste for racialised and/or militarised policing. Full-fledged abolitionism is rare.
They really say it because they hung around in left-wing spaces for a few months in 2016, and it's vaguely anti-authoritarian. It's the same place they got "tankie" from, although they think it has something to do with Tienanmen Square.
My point exactly. I think the concept of police abolition is detached from reality toxic. It aims to delegitimize the police in hopes that up better system will arise, without having a workable better system.
All of the proposed alternatives are delusions and fantasy.
It's like jumping off a cliff because you think you can learn how to fly on the way down.
The Police watchdog in France (IGPN) has no independence whatsoever and has always been heavily criticized for being a whitewashing institution more than a real watchdog.
The police violence is not as normalized - see riots because they executed a minority race teenager for no reason, something that would be seen as pretty normal in US - but the culture is definitely as messed up.
If cops are practically mandatory in a state, how is that statement meaningful? Why not just say state equals violence?
Or are you saying humans don't need to control each other? If they do, how does it make a diffrence under which label the oppression is practiced?
Saying all cops are anything is exactly the same thing as saying all blacks are thieves, all Jews are greedy, or any of the other blanket statements that can never apply to any large group of people. It’s disgusting.
While it's true that not every cop is actively corrupt, or violent, they have this whole "Blue Code" thing that means that if you ever report a coworker for being corrupt or violent, you're out. The cops who enable bad behavior, and perpetuate the bad system, are just as bad as any other corrupt or violent cop. So yeah, they certainly can all be bad.
The idea behind the phrase is that cops are either bastards or they sit by and let other cops be bastards and are themselves bastards. Any cop who doesn't sit by and let other cops abuse citizens isn't a cop for very long.
> It's a profession, every cop out there can just... not be a cop.
Yeah, and every coal miner can just stop complaining about tough working conditions and decreasing number of jobs in their field, and instead learn how to code. It is that simple[0].
Coal miners don't have any sort of authority over you, cops do. And they carry deadly weapons with them, and they overreact. Not all the time, but let's say a noticeable amount of times.
While it may be a profession, it's also a critical community service. Unlike some professions that come and go, or could theoretically disappear tomorrow, we'll likely need police for the foreseeable future in at least some form.
Binary positions like "every cop out there can just...not be a cop" are a form of false choice fallacy and ignore the reality of what this would actually entail.
"Just don't be a cop" is not a solution to the systemic problems, and introduces a whole new set of problems that I think most would argue are just as bad, and likely far worse.
Ultimately all of this distracts from real policy discussion.
No it’s not the same. One of them is an institution conceived through organisation of people, laws, traditions and customs, the existence and membership of which is a choice. The other categories are associations made by accident of birth. I don’t have a horse in the race but it is important to understand that those situations are not the same. When people say stuff like ACAB they are free to criticise the existence of the police as an institution as they please.
> The other categories are associations made by accident of birth.
Just because someone says you are a Christian because you were baptized or whatever doesn't make it so. Religion is just as much a choice as an occupation.
> Just because someone says you are a Christian because you were baptized or whatever doesn't make it so. Religion is just as much a choice as an occupation.
Hard disagree here. I didn't choose to be born to parents of a fundamental baptist cult. I didn't choose to be subjected to physical abuse in the name of that religion, or to be sent to seminars ingraining deeply harmful ideas about self and the roles of men/women. I didn't choose to spend my entire adult life in therapy unwinding the bizarre ideas that had been hammered into me as a kid.
Yes, you can "choose" to leave your religion behind, but many cannot choose to avoid the indoctrination, abuse and twisted mental models that can come from the experience.
I left my faith behind around age 18. 20 years later I'm still actively working on getting rid of the rest of the baggage.
> Religion is just as much a choice as an occupation.
That is a bit tricky.
Religion is definitely a choice if you're enough willing to make a choice, but most people just keep their parent's religion. People just believe what they were taught as children.
I'm atheist from atheist country so I don't necessarily get it, but it seems to be that way - see ratios of Muslim and Christians in Saudi Arabia versus Europe, for example.
Then there's more tricky cases where religion and ethnicity are heavily correlated or tied in even stronger way (e.g. Jews).
They cannot be serious saying that now law enforcement is better than a bad one.
The latter you can at least try to change by joining and being a good guideline on how to be.
I know that sounds idealistic... but what are the alternatives?
- A "new" police? What should make this better on second try?
- No Police? I cannot imagine what would happen with people
- A police that plays within the rules? Now i extend my argument on law people involved. They also have many bad actors and again the only chance i see is to be a good actor.
Only the one about blacks, no? Jew blanket statements that don't involve memes about noses attack the religion which is a membership to an organisation of people with traditions, laws and customs.
It's okay to dislike people for the bad things that they do. It's not okay to dislike people for the circumstances they were born into.
Every cop, at least in the US, made the conscious decision to join a broken system where they would be rewarded for greed and corruption, and be allowed to dehumanize any group they decide they don't like. People who sign up to be cops who try to change any of this end up not being cops anymore, so the tautology holds true.
Bring up the FOP under RICO charges and prevent people with a history of violence and drug abuse from being put into positions of authority, and then we can re-evaluate the situation, but until then, police can not and should not be trusted.
> It's not okay to dislike people for the circumstances they were born into
This seems rather incompatible with:
> Every cop, at least in the US, made the conscious decision to join a broken system
If you believe the system is broken, and if you believe police are necessary at least in some form, how is extending your dislike to every cop not similar structurally to disliking people for the circumstances they were born into? (I'm not making a claim of equivalence in terms of the impact - racism is clearly worse - but of a similarly fallacious generalization).
In other words, if prospective cops could join a different system, they would, but no such system exists. Many join thinking they can influence/change the system, and I don't doubt that they try, but clearly this doesn't work well. This is not the same as joining a system for the purpose of benefiting from its rottenness.
Don't get me wrong: the system is clearly broken. But it seems deeply problematic to throw out all nuance and embrace a binary position here. Categorical statements like "joining automatically means you plan to dehumanize people you don't like and reap the rewards of corruption" does not withstand rational scrutiny.
Then let's handle it like we do race: the average cop is a bastard. This is not necessarily true of all individuals, but it's statistically predictive.
If we want to be analytical, what is the definition of bastard? Does the average cop have a net positive or negative impact? How many rude interactions are negated by preventing an auto theft ? How many unjustified beatings are Justified by locking up a serial rapist or killer?
The police (in the US) have a long history of protecting their own, and punishing anybody who does speak up, even in the face of what would otherwise be compelling evidence of illegal behavior.
ACAB might be a bit hyperbolic, but the sentiment (that policing in the US is fundamentally broken) isn’t off base.
Fair. ACAB is kind of the asshole's version of "Defund the Police" (which is also problematic, as the "pro-police" side jumps straight to "defund and disband all policing", which also isn't what most people mean). Nuance doesn't work very well on Twitter (or online in general).
Blanket statements might be bad, but please do not compare people with a specific job to ethnic and religious minorities. Jewish and black people do not stop being who they are ever. Where as a cop is off duty, retired, or fired for misconduct. It's just a job title, but it comes with a lot of authority given on behalf of the state
It's going to sound crazy, but "The Profession As A Whole Are Bastards But That Doesn't Mean Each Individual Cop Is" rolls off the tongue a little bit less well.
ACAB doesn't mean that your cop neighbor that raises puppies is a bastard, it means that the institution he works with and for is lacking any kind of oversight. And as other said, good luck on stopping being black. I don't think you can send in a resignation letter for that.
You may argue that drug users should not be incarcerated or that there's bias in finding such users, but this unfortunately happens in most of the world and in China.
You or your children can end up in the camps for praying in Xinjiang, it's not exactly the same thing.
What is ridiculous is that China is vigurously criticised in every news outlet in the West on every occasion, while the French gov't gets away with almost everything. Can you explain that?
Both are bad, the French aren't currently forcibly sterilizing, enslaving, and genociding a culture like the Chinese are doing with Uyghers, however. So there are different levels of bad.
That sounds very reasonable, similar to installing a bugging device in the house of a suspect, to gather more evidence.
The neat thing about mobile phones is that such a bugging capability comes built-in. The police should certainly be allowed to use this in the course of investigative duties.
Yes, it sounds reasonable. It also sounds reasonable to allow police to enter anyone's home at any time - consider all the crime they might prevent if only they didn't have to wait for a warrant! It sounds reasonable to let the police shoot a fleeing suspect, because why are they running if they aren't guilty? It sounds reasonable to let the police look through any computer - how much CP is missed because they have to wait for a warrant?
Lots of things sound reasonable which are not. One must consider the downside, particularly the downside of abuse of power.
Just as the police aren't allowed to install a bugging device in the house of a suspect without judicial permission, they're not permitted to remotely surveil a suspect's phone without such permission either.
So your comparison of this limited additional capability to "allow police to enter anyone's home at any time" is not relevant. And trying to draw a parallel to "let the police shoot a fleeing suspect" is absurd.
But the NSA has been proven to be doing it without warrant, at will, and then lying to Congress and the American people about doing it, and then saying it was a good thing they did the thing they said they didn't do which was also illegal that they did.
That is a US intelligence agency, whose mission is by necessity shrouded in secrecy. They are not the French police, the work of whom typically will be presented in an open court for scrutiny.
It opens a number of problems, such as suggesting legitimacy of having backdoors that one could open """in exceptional cases""". The first thing that you should think when somebody is saying "let us activate camera and microphone" is how.
His sister called in a welfare check on him and suddenly I have three cops knocking at my front door. They ask for him by name, say he isn’t in trouble. I go get him; he asks “how did you know where I was?” and the cops say “we pinged your phone”. What that entails exactly I have no clue.
Later I pulled up the video of them arriving on my cameras, they didn’t approach any of my neighbors houses first. It was just right to my front door like they knew exactly where he was. Kinda spooky.