Embodiments according to the invention relate to the security of personal communication or computing devices which communicate with other devices which use software for operation. Personal software operated devices or appliances (hereinafter “personal devices”) such as mobile phones, IP-phones, pocket PCs, PDAs, laptop computers, desktop computers and network switches, use a variety of hardwired or wireless communication means for communication with other devices. A remote unauthorized user can adversely use these communication means to try and break the personal device security and obtain personal and other information on the personal device user or owner. A single personal device may have a number of different communication means such as phone-lines, cables, a wireless LAN, Bluetooth, etc, which only increases the security risk. These communication means can be used to retrieve private information, audio/video information, user location information (track where user is located when personal device is using out communication) or transmitted information.
Devices with permanently installed or accessory sensor components such as a microphone, earphone(s), speakers, camera, etc, are able to capture the information at a user location. Devices with permanently installed or accessory communication components like: modem, LAN adapter, Wireless LAN adapter, Bluetooth, GSM, etc, are able to transmit information and might reveal the user location. When signals are transmitted from the user location, the transmission can be used for tracking the user location. Components of a device/appliance that are controlled by software and electronic switching devices may be controlled by an unauthorized user even if they were disabled earlier by the authorized user. The components can be controlled without the user noticing the change in mode of operation. For example, a mobile phone may look “switched off” but still be functioning or even transmitting.
Local authorized or unauthorized users can easily modify the software operating the personal device, thereby causing a security breach, e.g. by downloading a virus affected software update. This scenario of software modification is very common: on one hand it is much easier than hardware modification, and on the other hand it is much harder to verify such modification or notice unwanted change.
At present, the problem of unauthorized access is handled by different types of security software such as firewalls, anti-virus programs, anti-spyware programs and security systems. However, each new software security system is eventually overcome by new hacking methods, viruses, worms, Trojans and other threats. This creates an endless competition between security providers and unauthorized users. In essence, software security is hard to implement and/or prove. Even if the theoretical model of the security is proven, there may still be a mistake or bug in the implementation that allows a break in the security. Consequently, software security solutions cannot be trusted.
Hardware security solutions are known and include: devices used to isolate telephone lines in order to prevent unauthorized capture of audio information from phone user (see U.S. Pat. No. 5,402,465 and US Pat. Application No. 20050271190); data line switches for computers that disconnect a computer line physically from the Internet, working in manual and/or automatic mode (US Pat. Application No. 20030062252); a power off method for a wireless peripheral device, which terminates power to all parts of the wireless device except the control chip by a certain operation on a connect button (US Pat. Application No. 20050009496); a switch that powers-on a PDA in response to the stylus being removed from the PDA's stylus holder and, selectably, powers-off the PDA in response to the stylus being replaced into the PDA (U.S. Pat. No. 6,233,464); a mobile phone with two input modes, whereby a switch of input modes is attained by changing an electrical connection between the main printed circuit board (PCB) in the phone and the front and back PCBs (U.S. Pat. No. 7,031,758); the NetSafe Computer Security Switch, which uses a simple physical switching technology in a way that allows a computer or group of computers to quickly and easily block a communications signal from entering the computer(s) and restart the signal without any software and without the need to power down, reboot, or run software on the computer(s) (US Pat. Application No. 20040243825); a wireless button for a laptops, offered by the Hewlet Packard Corporation in its line of Pavilion laptops (hereinafter the “HP wireless button”), which enables or disables all integrated wireless components in the laptop (e.g. WiFi and Bluetooth), and a wireless light that indicates simultaneous the computer's overall wireless state (enabled or disabled); the portable electronic device that disconnects a receiving antenna from the duplexer of a mobile phone (US Pat. Application No. 2004/0203536A1).
All existing protection solutions suffer from one of two disadvantages: either the switch is “external” and can therefore be tampered with by an external factor, or the switch is internal but not fully isolated from the device itself (and therefore can be manipulated by the software of the device). Consequently, existing solutions cannot provide simultaneous temporary protection from audio/video information capture in device, cannot provide simultaneous temporary protection from both audio/video information capture and unauthorized access and user location\device location in device and cannot provide secure security mode exit, prevention of capture of the logic required for existing the security mode in device. Existing internal switches cannot provide prevention of false notification about the device security mode in device with already broken software security, i.e. in a state in which an unauthorized user gains access or control of the personal device despite software protection solutions.
There is therefore a widely recognized need for, and it would be highly advantageous to have a simple internally isolated hardware security solution for the users of the above mentioned personal devices that does not suffer from the above mentioned software and hardware solution disadvantages.