Anyone could fit an esp32 into a keyboard, swap it out, leave it lying around, sniff keystrokes, access with Bluetooth or WiFi, could have it only have the radio on for certain windows in time etc.
Although maybe most people don't pay attention to that.
Hard to find material in most things today to remove to even out the added weight of an implant.
A completely honest use of this is to track your car, (or other device with a USB port) in case of theft.
If I had one of the Kias or Hyundais that were easy to steal, I'd totally slip one of these into the car.
Realistically, these are 100% for stalking/espionage.
If your car is stolen, what good is knowing the general location?
If my car is stolen and taken away, at least I can call that city/country police instead of waiting when it gets through the bureaucracy.
Some duckduckgo-ing suggests it's possible, e.g. someone wrote just go to Tesco to get one and there are no ID checks (but this was written 6 years ago). In any case, just like teenagers buying booze, it's probably not that hard to pay someone off the street to buy one for you.
Top up credit is the same, ask the counter staff for £x on network Y and once you have paid they will give you a printed receipt with a code on it for your desired amount.
It’s not really seen as a “national security issue” because most people don’t practice perfect opsec and leave enough details and fingerprints behind.
And an ID check ain’t going to prevent anyone from getting hold of a sim via other means (like you said, pay someone on the street as just 1 example)
Now, try and access porn on that SIM card? Well hold on there, now we need to know who you are!!! (Though you can often blag your way around this via social engineering the CS agent on the phone. Or just bypass the block by using a VPN/Change DNS settings.)
Same for the phones themselves.
(It wasn't the only way to verify your age, it was "just" meant as a way to prove age to a site without having to share your ID/Credit Card with that site, as not every adult has an ID/Credit Card)
As of right now every pay as you go sim comes with adult filtering enabled, you are then asked to proof your age in a number of ways to the provider to disable the block, this can be by using a credit card, or by popping into one of the providers stores (if they have one), last PAYG provider I unblocked adult content on used AI to guess my age from a selfie and no ID was required (The verification promised to not store my photo after verification, you kinda have to take them at their word for that, but breaking such a promise would land them in trouble with the ICO). I have on at least 2 occasions got the blocked disabled just by having a chat with a customer service agent on the phone, however that was about 5ish years ago, that provider may have changed up their methods in the years since.
Contract plans tend to give you the option when signing up if you want the adult content block or not, because on contract plans the account holder has to be 18 years old to sign up, but they also know that parents will take out contract plans for their kids to get a better deal on the phone/plan so the option is there for the parents to apply it / remove it as they deem fit.
Same goes for the larger fixed line ISPs, during sign up you are asked if you want adult content filtering or not (some will also offer more categories to filter such as gambling, social media, etc etc etc), but its only the larger ISPs that have to do this (iirc its not a legal requirement, but something the industry agreed too to avoid it becoming a legal requirement, however its been that long my memory could be faulting me on that). The smaller ISPs don't have to do so and some of them (A&A for example) pride themselves on not filtering the internet for their customers.
The crazy thing is on all the providers I have used (however I've not tested every provider), the filtering seems to be done pretty much always at the DNS level, change your DNS settings to anything other then the providers and you are able to bypass the parental controls.
Sky iirc (its been a while since I have used them) did do some deep packet inspection on filtered sites, but if the site was hosted behind the likes of cloudflare they only blocked at the DNS level for that site as not to cause any issues with any other sites hosted behind that proxy.
EDIT: Oh one thing I remember from when I had to use Sky for a brief period about 6 months ago, they "somehow" (not actually looked into how they do so, a couple of ways they could do this pop to minds, I just never dug into it.) pass long your filter status to Google and Bing when you do a search, so if you had adult filtering enabled at the ISP level Google would force enable safe-search on their end.
I do this regularly.
If you don't top up (with say a tenner) within some months the card deactivates and becomes useless, so it's a no-commitment way to access the GSM network.
The UK used to be a surveillance outlier, but sadly other places have caught up in the meantime, including the US.
Only about 2 of them will record anything resembling a usable image - the rest are either broken, potato quality, pointing at nothing, or recording to media that’s so fucked that it’s highly unlikely to capture anything useful.
Not to mention the vast majority of them are privately owned and require a shit tonne of paperwork for the cops to access them, so they don’t bother unless it’s a murder case.
When I traveled to Europe recently and bought a French tourist sim, the carrier warned me multiple times that I need to provide my identity to continue using it beyond 30 days.
In UAE it's about as strict as in Russia.
The right-to-repair situation is a joke right now with automotive, consumer electronics, and appliances.
Scary.
> The NLJD antenna head is a transceiver (transmitter and receiver) that radiates a digital spread spectrum signal to determine the presence of electronic components. When the energy encounters semi-conductor junctions (diodes, transistors, circuit board connections, etc.), a harmonic signal returns to the receiver. The receiver measures the strength of the harmonic signal and distinguishes between 2nd or 3rd harmonics. When a stronger 2nd harmonic is represented on the display in red, it indicates an electronic junction has been detected. In this way, a hand-held ORION is used to sweep walls, objects, containers, furniture, and most types of surfaces to look for hidden electronics, regardless of whether the electronic device is turned on.
I wonder how well these work against shielding? Might it be possible to build your own device like this?
So unless they’re dumb enough to put it literally in the middle of the cable? My point stands. These tools don’t typically have the resolution to tell.
TL;DR: You can easily detect it while it communicates via GSM, and the device is also shielded quite badly, resulting in lots of easily detectable RF interference while it works.
All you need is a cheap RF detector. Having access to a full spectrum analyzer or a SDR will make this even easier.
All this gets much harder while the thing lies dormant, waiting for noise activation or commands. So the "quick bug sweeps" you see in the movies are more difficult.
Not if the sweepers are talkative (assuming that the device is sound-activated).
Isn't that what nonlinear junction detectors are for?
Kind of preemptive sanitization of new hardware.
Inside a low budget consumer hardware espionage implant (2018) - https://news.ycombinator.com/item?id=20190251 - June 2019 (43 comments)
Inside a low-budget consumer hardware espionage implant - https://news.ycombinator.com/item?id=15676737 - Nov 2017 (92 comments)
There seems to have many GPS location trackers on the market, are they all based on the same hardware?