That isn't at all how these things work, like, at all.

Except it's not possible without serious changes to the software running on the phones by that carrier.

The way this would work from a technical standpoint would be the phone has a backdoor that is constantly listening for a particular code for each thing you want to potentially be able to do. It would need low level access to be able to achieve this meaning the phone would need to be rooted or jailbroken first, then have the application installed and set up, then have everything returned to manufacturer stock to avoid warranty issues. That's an awful lot of work for a carrier to go through with no real world benefit. How often do you think your carrier wants to actively listen in to your mundane opinion on whatever is topical in the news, or what you're doing next weekend?

You might argue these "codes" are added at the manufacturer level. That would make the codes the same per device regardless of carrier.

Backdoors aren't unheard of, of course. For example some router manufacturers, mostly Chinese, have been caught out embedding backdoors into their routers at the manufacturer level. But I hasten to add that there is a detectable power draw from these CPU cycles that doesn't matter to much in a product plugged into mains power, but will matter in a small form factor device running on a small battery where every miliamp matters, such as a smartphone.

This is the kind of stuff blackhats and security researchers look for all day long. A backdoor like that is absolutely detectable, especially if it's as freely accessible as your friend is claiming.

I must also stress that this is not how your phone carrier pings your location, nor is it how law enforcement get access to your microphone, camera, etc. Their methods are more closely both in time and resources, but also more covert.

By believing your friend what you're essentially believing here is that;

• law enforcement are ignoring or being denied access to a cheaper method even where being covert does not matter.
• Hundreds of thousands of hackers, both black and white around the world haven't come across this zero day yet. But some kid somehow knows about it.
  
• Your phone carrier is spending all this time manually installing low level software for no real benefit
• No one is noticing the battery draw, including the difference between direct from manufacturer verse carrier units.
  

That's pretty unreasonable, especially without verifiable evidence to demonstrate. Until your friend can give us a code that we can try and have it work, I'd suggest you take this with a grain of salt. That isn't to say your friend isn't reliable, but in this instance he is at least confused in what he is reporting.

The backdoor interface could be built-in by the manufacturer and the access codes stored on the SIM card. Easy peasy.

Ignoring the goal post movement of carrier to manufacturer, do you actually understand what you just said? You are saying, I from my phone send you a particular text and an interface from your manufacturer just magically appears on my phone by a variable manufacturer. And that is all stored on the absolute maximum 256 KILOBYTES (but more usually 128 KILOBYTES) of possible storage capacity on a uSIM that will vary by carrier.

That the OS developers (like Google, Apple and Microsoft), device manufacturers (like Samsung, ZTE and Alcatel), uSIM manufacturers (like Gemalto) and literally tens of thousands of cellular carriers around the world are somehow colluding to pull this all off with, as pointed out in my other comment, no real or actual benefit to them and other methods available.

If we pretend for a moment this was technically possible (which is it not) there would be nothing easy &/or peasy about it. This would not be trivial in any way.

I can't know whether this exists without either decompiling and analyzing the code, which I'm way too lazy to do, or trying it out.

Let's be clear here, Android is open source software. AOSP just adds a bunch of Google apps that can be downloaded aftermarket anyway. All of which, especially the base Android OS are regularly publically audited. There are many security teams auditing Android at any point in time looking for flaws and vulnerabilities.

There are similarly security researchers looking for exploits on a device level basis regularly as well. They've already done the work for you and not one of them has found evidence of such a mechanism. That kind of zero day would not only be the next sensation at DEFCON but would be worldwide news.

Just to cover all bases in case I misunderstood your statement, on the off chance you mean you want to "decompile" the code being sent, according to you you don't have one and moreover even if you did there would be nothing to decompile and audit.

But since I can't do either of those right now, I'm posting here to see if anyone else has heard of this, in any country on any carrier.

If you genuinely wanted an answer to that question you would be asking in the security researcher communities, not on Reddit and least of all on /r/conspiracy. I can confirm, there is no evidence of this in the security community.

Let's just say, for the sake of argument, that this is true... and EVERYBODY'S phone (well, us commoners anyhow) can be compromised... by anybody. Whew, that would change some things. Possibly for the better.

Let's also be clear here that your phone is a listening device for the OS manufacturer. Google and Apple both do listen to you through algorithm 24/7 for the purpose of learning more about you. But they don't need codes or any kind of inelegant solutions like you are suggesting. Honestly the more you write the more I'm convinced that you know very little about how these systems work.

Roflmao. And that comment clinched it, you very clearly have no understanding of what DEFCON is, or what you are talking about.

Just another attention seeker hoping his audience isn't technologically savvy enough to realise.

Only where the speaker is clearly attention seeking. It fits here because you know very little about the subject matter, are giving only vagueness and "what ifs" and have been refuted technically.

There is nothing to this.

Wouldn’t you just get your friend to txt you the code and then tell you what your txts say? Or send a video of it working?

If it were a real thing, absolutely that's one thing he'd start by doing. But he conveniently claims his friend nor he know the "codes" just that they are real because some random kid told them so.

With free unlimited SMS included in essentially every phone plan now, you could literally brute force such a code if it existed by simply running a sequencer against SMS.

We then also have the issue of client side software to be able to actually use the functions, right?

/facepalm.

The PC receiving the code would be the host. The controller would be the client.

If you're sending a code through your phone then it must be an ASCII character and brute force is absolutely an option.

You are literally just throwing out words you think sound technical at this point.

You have no mechanism for a client to exist to start with.

128bit refers to encryption, not character length. We're talking about an ASCII character string that is being sent by SMS and has to be input by a human controller.

We're talking hours, maybe a couple days if your carrier has some kind of restriction on SMS per hour limitations. With a PC and an SMS service we're talking even less time.

This isn't a thing

you can't brute force guess a password of an unknown length.

Uhm... What?

Sorry, you lost me here. Why can't you brute force a psw with unknown length?

So you actually can? And it has nothing to do whether you know the length or not?

A reasonable person would say: you can. It may or may not take 4k years, but you definitely can.

See, you are talking about how it may not reasonable to brute force very long Passwords( assuming you know that it is very long). But why should it not be possible to brute force a shitty 4 character psw. (let's pretend you don't know that it only has 4 chars)?

We're talking about an ASCII plain text string you moron.

Seriously. You've made a big enough fool out of yourself, gtfo.

I thought of those random texts from unknown numbers that have links to accept bitcoin or money transfers. (I’ve gotten probably a dozen or so and I ignore them because I don’t know anyone who does the bitcoin thing and we have cashapp or PayPal to send money).

Those are phishing links. It's the act of clicking the link that will cause you issues, not receiving the text.

Thank you for explaining that. I was never sure so I’d just delete em.

Prove it.

Google Android stagefright. It was a known vulnerability.

Android stagefright

...... shiiiiiiiiiiiiitttt

There was this code you could send to phones to turn them off , it was covered in the media as a prank

Why would operators need to use SMS to access call records, they already have those records anyways. There are smarter ways to do this then sending random codes via plain SMS, for example you could just send 'binary' SMS that will not be visible to the user and has 0 chance of being accidentally sent by a normal user. Also how would you access the mic without having a persistent connection to the other side, enabling the mic is one thing but you will have to send the data somewhere, I don't suppose it simply calls the sender as that would show up on your phone bill.

That and the fact that we've seen several open source systems over the last few years, someone would've found stuff like this...

Also a possible attack vector would be configuration messages that configure how your phone a accesses the internet, these messages can be sent through SMS and if a user accepts them you might be able to intercept internet traffic if your operator doesn't have it's Network configured correctly.

Sure but someone, a lot of someone's would've spotted this ages ago

Those are phishing links. It's the act of clicking the link that will cause you issues, not receiving the text.

So you actually can? And it has nothing to do whether you know the length or not?