Your iPhone can be bugged even if it’s off
An interview of government spying whistleblower Edward Snowden last Wednesday in NBC Nightly News revealed one shocking fact government intelligence agencies like America’s National Security Agency (NSA) can do to eavesdrop on you: they can bug your iPhone even if it’s turned off.
Snowden said ‘They can absolutely turn them on with the power turned off to the device.’
The wanted whistleblower didn’t add other details to his expose. But iPhone hackers supported his statement and said bugging a powered-off phone is possible. What’s more important, however, is that iPhone owners can do something about it.
How your iPhone is bugged
There are many possible ways to bug an iPhone.
IT magazine Ars Technica revealed that NSA can intercept gadget shipments, install beacons secretly and return them in transit to their intended destination. It is also possible that NSA can create hacks like the 2011 Jailbreakme which brought down iPhone’s security barriers when users visited a webpage.
Once an iPhone is bugged, hackers said that it can pretend to be turned-off by faking a ‘slide to power off’ screen. Instead of powering down, the bugged iPhone goes into a low-power mode that can still receive commands remotely.
Hardware engineer and hacker team Evad3rs member Eric McDonald explained that iPhone screens on fake shutdowns ‘would look black and nothing would happen if you pressed buttons. But it’s conceivable that the baseband is still on, or turns on periodically. And it would be very difficult to know whether the phone has been compromised.’
To prevent fake power-offs, McDonald suggested putting your iPhone on device firmware upgrade (DFU) mode: a safe, built-in mode designed to let the phones reinstall its firmware. Evad3rs member David Wang assured that ‘As far as I know, there’s nothing that can stop that hard power-off.’
How to put your iPhone in DFU mode
Once an iPhone is in DFU mode, no command can turn it on. This means that you can carry on with private conversations without fear of being eavesdropped.
Doing the sequence correctly is a guarantee that no bug can override the DFU mode. However, McDonald and Wang warned that incorrectly going into the DFU mode, for example by timing the procedure wrongly, can still trigger the spying bug and put the iPhone into the fake shutdown state.