About the iPads, what does their "hardware" based microphone disconnect entail? It has to be some electro-magnetic based communication instead of currents so the circuit has to be more complicated. I doubt it's done without using any kind of software but would be glad to hear otherwise.
Overall, I'm glad that they are responding to concerns and working to address them.
For digital microphones it can also be very simple. Consider a PDM microphone, if you disconnect the data line and have it stick to either high or low through a pull-up, the signal becomes DC. This wouldn't be pop-free by itself, but it should be rather easy to make it so through DSP.
(FWIW, you can also easily mute pro-audio microphones by shorting (+) and (-) together. The attenuation is determined by the output impedance of the microphone, usually a few hundred Ohms, divided by the resistance of your switch. Typically you'll get like 60 dB from this, which is perfectly fine for muting in a normal setup, but if you crank the preamp all the way up you can still get a usable, albeit very noisy, signal out of it.)
Just send the mic signal through an op-amp with an enable input.
This is how the Google Home Mini does it. When you flip the mute switch, an AND gate kills the digital signal from both microphones (a stereo microphone pair share a single data line). All the audio hardware gets is a string of 0 bits at that point.
I'd like to see that too, but I don't think we will. I suspect it's a magnetic switch and I'm also curious which lines it cuts.
FWIW, you can still get some audio from an accelerometer if you can get it to report data with a high enough frequency.
Not sure what you mean about iPhones, their information does not mention the iPhone (and I would not expect it to).
I meant iPads but got confused. Thanks for pointing it out.
Circuit diagrams, bank switched memory details, pretty sure someone dedicated could have built themselves their own machine with access to the manual and the right rom dump and system floppy disks...
I don't see why you assert that is has to be electro-magnetic based, as long as the gating is down by a 'dumb' fixed transistor rather than a programmable chip, then it's a hardware disconnect.
I hope you're right, and I'd agree that would qualify as a "hardware disconnect". It's a little confusing given the mention of the T2 chip; they do differentiate some specific models which are "hardware alone", and at least imply that the T2 chip does not flip the off-switch on those. I'll have to go dig into iFixit's tear-downs to see if they found anything. For the 2020 iPad, they specifically mention "MFI compliant cases", so we can be fairly certain that one's done with magnets.
Also, why would detecting a closed iPad sleeve require "electro-magnet based communication"? Seems like detecting presence of a magnet would be enough.
We have automatic steam cutoffs that are entirely mechanical. I have built a state machine out of hardware logic that would have cost less than a dollar with a microprocessor but was preferred because it could be verified to work and not be remotely “upgradeable”.
You can do the whole thing in analog fairly easily. The hardest part would be to get the magnetic sensor integrated into the same chip, but I guess that’s been a solved problem for a while.
What do you mean with "flip a switch for every microphone on their devices"? Why would you want to have more than one mic and one switch per device? And turning it on in hardware is way faster than in software so a hardware switch is both faster and more secure and breaking a hardware switch seems a lot less likely than custom OEM made software failing or stop getting updated. Dust and water is no problem as lots of phones already have hardware switches, including my Android phone. I really see no problem in hardware switches at all.
Android. Also on Play Store. https://github.com/kaputnikGo/PilferShushJammer
Windows 10 app. https://appforwin10.com/pilfershush-jammer-app-for-windows-1...
It totally makes sense, and in the modern world too many people put covers on their cams for this not to be considered a valuable feature.
There used to be such flip switches for Wi-Fi, so it is not too far-fetched.
(But if Apple cares about this market, wouldn’t you expect their laptops to have a lot more security features to appease these buyers? Not necessarily. This sort of thing is pretty much “enough”—governments are used to having signals intercepted by foreign intelligence, and so they have mitigations in place, like shutting off all electronic devices before having important conversations, or creating secure rooms known to not leak emissions, and then requiring that nobody bring anything electronic into them. For non-classified but “off-the-record” conversations, the ability to say that there’s no known hardware in the room actively recording the conversation is usually “good enough.”)
I suppose I can trace that preference all the way back to being fascinated with the Star Trek: The Next Generation LCARS (Library Computer Access & Retrieval System), which (to quote the Star Trek: The Next Generation Technical Manual written by Mike Okuda and Rick Sternbach from teenage memory) was “expressly designed to suggest a highly simplified manner of managing vastly complicated processes” or some such.
If you really want to be sure it isn’t listening to you you can turn it off and/or leave it in another room.
I am not sure if I'd want my phone to have another button just for that though.
Like remote targeted attack would force the roomba to sneak up on someone and bump the switch on? Otherwise, i don't see how this is a remote attack.
So we should chuck all of our electronic devices into the bin in the name of security?
Good security is sometimes better than perfect security.
But this is one case where there really is a pretty fundamental trade off if the goal is a really simple core "when the lid is shut I'm guaranteed audio privacy from that vector". Anything that allows getting around that in turn is a potential bypass. Anything in software, even if it requires a special boot to access, leaves some room for bugs. And for both software or even a physical hardware switch there would be room for someone to accidentally or maliciously leave it on, and it would be very hard to notice. Given how cheap microphones are and that if someone is using the system with the lid closed they're already committing to a certain amount of much more expensive external hardware, I think it's quite reasonable to stick a straightforward visual heuristic that "if the system is closed and thus the camera cannot see the microphone cannot work either". Easy to verify at a glance for anyone, not just the owner, easy to remember. Like security, good privacy design requires not just a solid technical foundation, but considerations for human UX.
Within the week that they had them, two people in the department had broken their screens/hinges from accidents walking in and out of meetings with the lids open because there was no way provided in the software to disable suspend on lid closed which was killing people's SSH sessions. Within the month someone in my office also managed to do the same, and most of us weren't even using macs.
(I understand that this was eventually workaroundable with some power users tools; and I imagine mosh makes the suspends a little less of an issue now).
I'm sad that the popular linux desktops later decided to emulate the bad software culture that brought anti-features like that mandatory suspend.
So I expect that mic off on hinge close will have similar results. Though, ... at least this seems a lot more legitimate to me than a refusal to not suspend.
- Use a webcam with an inbuilt mic (fairly common)
- Use an dedicated mic
Plenty of options here.
https://www.usenix.org/system/files/conference/woot17/woot17...
USB microphones are like $3. You'd use one anyway if the lid was closed because the microphone would be pressed against the display.
An alarming number of people still believe Apple slowed down all their old phones for the sole purpose of selling them new ones for example.
I'm not an Apple hater or a fanboy. I've owned a number of Apple devices in the past. However, they have their issues just like any other tech company, but their devoted following does seem to be more cultish than that of, say, Microsoft or Google.
Sure, let me do that: Apple is a corporation and it is stupid to believe that they care more about you than making profits.
This applies to any corporation. I've particularly noticed that the US citizens are increasingly buying into this propaganda that corporations can better protect their rights than a democratically elected government. And that is just sad and dangerous. We should be campaigning for our privacy rights directly with the government, and not just hope that some corporation will act benevolent towards us.
(And it is not a coincidence that this "news" came up in the social media feeds when the [news about exploits that granted unauthorised access to your camera through Safari is going around](https://www.ryanpickren.com/webcam-hacking-overview).)
The issue here is that instead of adding a physical switch to disable the microphone and camera, Apple is again asking its users to blindly trust it. We just have to take their word for it that it will work. They can always blame a bug in the firmware if somebody finds a way to exploit it tomorrow ...
(Note: I mentioned the Safari exploit only to point out that there is some negative news which obviously a corporation would like to bury with some positive publicity. It is commendable that Apple paid the discoverer a nice bounty and will be fixing it soon.)
Edit: And, ofcourse, the downvotes begin as the social media management team steps in.
They aren't the worst player, or even close really however. It's just there's a lot of power and influence in that company, so you hear a lot about it.
Apple hate? I'm a Mac convert, and I admire most of their hardware and design. But it's no secret they purposely refuse to interoperate with other vendors, and purposely develop proprietary technologies to keep you within their ecosystem. The recent acquisition, and subsequent planned shutdown of Dark Sky is just one recent example.
Part of it is just the business model, I guess. For example, Google's apps are widely available across a variety of devices, since it gives Google the juicy data that they're after. For Apple, which is not an ad company, the incentive might not be there for opening their apps up to a wider audience.
Since I cannot justify a $1k+ phone for myself and my family members (I am content with my $500 S10e), and I have a mix of Mac, Linux, and Windows devices, the Apple applications (however well designed) are sadly out.
For example, I can't tell you how many times I've heard "I tried a Moto g and it's horrible! My old iPhone was better", or "this $300 Dell laptop is way worse than my MacBook". Of course a $1000 phone is better than a $200 phone, and likewise for the laptops.
But when you start looking at high-end laptops like the surface series, or phones like oppo/Huawei, it's usually in favor of the non-apple.
Don't a nontrivial amount of people use their macbooks closed in a vertical docking stand? This will require them to use an external microphone.
That said, my experience with similar laptops (XPS 15) has been that closing it just exacerbates the shitty thermal limitations so it's not really practical. Not sure whether this mode of usage is viable on newer macbooks.
Wouldn't they have to use an external microphone anyway, since in clamshell mode, the microphone is facing directly into the closed display? AFAIK, MacBooks of any flavor don't have external microphones.
It's like there's a huge cultural schism running through the middle of the company, or something.
Privacy/security-conscious computer users have been asking for user-controlled hardware switches on such peripherals from the moment they were shipped integrated into the device.
So, in the grand scheme of things, "nobody" is an accurate description. Most people don't care about a hardware disconnect for their microphone, even if they should.
Painting with broad strokes, Microsoft's products are fairly consistently "fine". Lately perhaps they've skewed towards "pretty good". But generally you know what you're going to get. Whereas Apple's products can be anywhere from unparalleled to embarrassing.
does this mean Hey Siri won't work on an iPad with a closed cover?
Sure, maybe its software on a peripheral that controls it. But it's software never the less.
Users would have to remember about turning it on/off, many would forget, leading to frustration.
Also Apple would have to place that manual switch somewhere, this would change the device's interface.
Lenovos used to have a physical wireless disable switch, and I recall it only causing a moderate amount of frustration and I doubt much effort was put into making it problem free.
The last time I've seen a hardware switch fail was 2 years ago.
Further to that, hardware failures are predictable. Lifetime of switches is well know, and they are easily replaced. Good luck fixing a software glitch by yourself as a user.
Consider that a laptop already comes with a hundred switches in the keyboard, and they can easily last a decade if you dont spill coffee on it.
Also, in macOS Catalina (I don't remember if this was the case in prior versions), applications are not permitted by default to use the mic or camera and have to request permission.
These are perhaps not as good as a hardware disconnect, but I think Apple is trying to balance privacy and usability here. It is clear from what Apple is doing in hardware and software that they do care about privacy. Linux and AFAIK Windows do not provide that level of privacy, since applications have unfettered access to Cameras and Mics.
(Of course, a part of the Linux community is trying to improve this through Pipewire, Flatpak, and portals.)
I've never heard anyone use Siri on their Mac. I'm surprised they still bother supporting it.
If ANYBODY could monetize “security chic” it’s Apple.
Where are the real laptops? I'm tired of the glossy short screens, lack of ethernet connections and crappy keyboards (this applies both to Lenovo and Apple).
vs.
> On the 13-inch MacBook Pro and MacBook Air computers with the T2 chip, and on the 15-inch MacBook Pro portables from 2019 or later, this disconnect is implemented in hardware alone.
Do these statements not contradict each other for the 15" 2018 MacBook Pro, for example, which includes a T2 chip? This would also contradict earlier documentation provided on the T2 chip by Apple themselves [1].
From [1]:
> All Mac portables with the Apple T2 Security Chip feature a hardware disconnect that ensures that the microphone is disabled whenever the lid is closed. This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 chip, from engaging the microphone when the lid is closed.
[1] https://www.apple.com/euro/mac/shared/docs/Apple_T2_Security... (October 2018, page 13)
The latter I read as being hardware _only_; "only" being the key addition to this sentence. I would expect this implementation to be something like a reed switch to magnetically disconnect the lines _physically_ rather than electronically.
module mic_enable (lid_closed, lots, of, signals, mic_enable);
input lid_closed, lots, of, signals;
output mic_enable;
assign mic_enable = !lid_closed & lots & of & other & signals;
endmodule1. It costs a little bit of money, and hardware designers love to minimize costs and eliminate parts.
2. It's not idiot-proof enough for a lot of people. You're going to have people who can't find the switch. And who complain and generate support costs. And annoy their coworkers by being muted during video conferences.
Maybe you could fix the second one by having a flashing light on the switch that says, "Please switch this switch! The microphone is needed!" This could also increase awareness of when things are trying to use the microphone. although it would go against the first point because it's yet another part.
Then buy a laptop with those features. If any exist.
Based on their "hardware only" wording for the newer devices, I'm inclined to believe this is the case.
https://www.usenix.org/system/files/conference/woot17/woot17...
Swapping out devices is probably less costly than fixing parts of it.
Software switches like the one described in the article (despite its name) are definitely easier to break since they can be hacked by software. No need to have physical access to the computer. A discrete switch definitely looks cleaner than a piece of duct tape, and is much easier to turn on/off. If you want to "switch off" your mic, bad luck.
How long until someone realizes audio data can be extracted by from the noise generated by a camera in the dark?
Maybe it's a standard thing that Dell, HP and others do as well?
Or is this some piece of logic emebedded in the chip itself or the firmware of some other component, which makes this solution a software one.
https://www.ifixit.com/News/33952/apple-put-a-hinge-sensor-i...
Though it seems their "hardware only" solution was on earlier models than that, so maybe not.
I love this aside xD
The simplest and most fool proof method is a physical switch that interrupts the mic lead. If you want it to be 'pop and crackle' free you may have to fiddle a bit or use a make-before-break switch and connect the other line to ground. No amount of software hacking will get around that, and the position of the switch is good feedback that you are not open to eavesdropping. Anything less than that is likely hackable in some way or other.
https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...
Apple could fix T2s going forward, but it would require a BootROM change not just a software update.
I'm impressed with Apple's attention to details like this! ️