bluetooth wifi bugs

[aular]

So im going to put this out there, but i think and im not a security researcher but would it be possible for somebody who is to go over the wifi and bluetooth code and look for any exploits that say might allow a hacker to access the wifi and or bluetooth chipset when the wifi or bluetooth is turned on and not connected to any network. 

I mean this as say when you turn the wifi or bluetooth on but dont connect to any network and use a hacking tool like airmong or something different in say kali or custom build tool that looks for signals in the air and allows the tool to connect to that wifi or bluetooth signal in the air and exploits that chipset to make a connection to that device. 

Also does for my knowledge right now when the wifi or bluetooth is turned off or it appears to be off, is the chips still on giving off a signal when it should be off, there might be a malfunction there that allows the chip to appear off when it is not.

Note: OS is arch. 

I thought i would bring these issues to the forum for somebody who is a security researcher to check them out. Thank you

[Kevin Kofler]

Sorry, but reading first your other thread and now this, I think you have a ridiculously high amount of paranoia.

Any WiFi and/or Bluetooth chipset is potentially vulnerable to exploits in the hardware, the firmware, or the kernel driver. Also the ones in your computer, in other smartphones, etc. Whether software has its source code publicly available or not has been found to have little to no impact on its security track record. People looking for security vulnerabilities can reverse-engineer closed-source code. (Also note that the WiFi/BT chipset's firmware is actually proprietary closed-source code, only the kernel driver is Free Software.)

In practice, such a vulnerability would have to be found first. To the best of my knowledge, there are currently no known ones, and if ones are found, I would hope that they get addressed quickly by a driver or firmware update.

If you really want to make sure that WiFi and Bluetooth are turned off, just turn off the corresponding hardware killswitch. And if you do not even trust the PinePhone's hardware, you should be able to verify with a voltmeter that the chip is really no longer powered.

But if you need working WiFi and/or Bluetooth, then by design, exposure to the theoretical risk of over-the-air exploits cannot be avoided, no matter what chipset on what device you are using.

[KC9UDX]

When you turn the kill switch off, the only kind of malfunction that could cause the modern to work is a short circuit. Statisticaly, the kind that if you had one, it would cause other problems first. Frankly, the level of security you are seeking can only be obtained by taking charge yourself. Understand the hardware and software to the point you could actually hack it yourself; then you will have what you are looking for.

[aular]

When you turn the kill switch off, the only kind of malfunction that could cause the modern to work is a short circuit.  Statisticaly, the kind that if you had one, it would cause other problems first.  Frankly, the level of security you are seeking can only be obtained by taking charge yourself.  Understand the hardware and software to the point you could actually hack it yourself; then you will have what you are looking for.

What ment by turning off the bluetooth and wifi is by keeping the hardware switch in the up position on the back of the phone but on the screen you can see the icons but they have that off or line saying they are off. Thats what i want to know and have some suspicions that the software may say they are off but it might really be on still allowing anybody with the right tools to connect to it.

[KC9UDX]

When you turn the kill switch off, the only kind of malfunction that could cause the modern to work is a short circuit.  Statisticaly, the kind that if you had one, it would cause other problems first.  Frankly, the level of security you are seeking can only be obtained by taking charge yourself.  Understand the hardware and software to the point you could actually hack it yourself; then you will have what you are looking for.

What ment by turning off the bluetooth and wifi is by keeping the hardware switch in the up position on the back of the phone but on the screen you can see the icons but they have that off or line saying they are off. Thats what i want to know and have some suspicions that the software may say they are off but it might really be on still allowing anybody with the right tools to connect to it.

And that's precisely why you need to understand the hardware and software for yourself.  If you don't trust us to tell you the modem can't work with the privacy switch in the off position, then you really can't trust anyone to tell you anything else you'd like to hear about it. Nor should you.  Take your security into your own hands.

[Kevin Kofler]

It shall be noted that WiFi and Bluetooth are handled by the same chip on the PinePhone (and also on the PinePhone Pro, though it is a different chip than on the original PinePhone), which is why there is only one hardware kill switch for both. So if you turn off only WiFi or Bluetooth in software, the chip will by design still be operating to handle the other one. Only turning both off can possibly power down the chip altogether, though I do not know whether that is the case, and as @KC9UDX has pointed out, you should not take my word for it either way anyway.

[aular]

I did say that when the wifi chip and bluetooth were on meaning the killswitches were in the up position on the back of the phone. Thats why i asked if anybody who is a security researcher can check if there is any bugs in the chip when they are not connected to wifi or bluetooth device and if they appear off on the screen but are really on.