zlacker

[return to "Why does the Librem 5 phone cost that much?"]
1. DCKing+ua[view] [source] 2019-11-28 13:07:35
>>fghtr+(OP)
This blogpost propagates what I'd like to describe as an urban legend about baseband processors and main memory. The story originates from old times where even fancy phones allowed the baseband to write everywhere in main memory. The myth then becomes that you need the baseband physically separated from your main application processor.

But the world's moved on since those reports were made. It's FUD: https://www.reddit.com/r/CopperheadOS/comments/6wtul0/on_sen...

◧◩
2. SeanMa+wc[view] [source] 2019-11-28 13:27:30
>>DCKing+ua
It's not FUD. It's about different threat models.

General design failures/bugs from assumed acting-in-good-faith silicon/sw designers vs not-acting-in-good-faith silicon/sw designers.

Assuming the radio's are the primary threat to privacy then I'd prefer a design from a privacy activist company who explicityly designs the hw so that the less trustable parts are forced behind physcial and defined interface "firewalls".

◧◩◪
3. DCKing+ef[view] [source] 2019-11-28 13:49:29
>>SeanMa+wc
No, it is FUD. Their threat model is explicit:

> Complex parts like the cellular modem or the WiFi can access the very same RAM that is used at runtime to store your most private data, but at the same time they are controlled by binary-only firmware that no one except the manufacturer of that chip has access to.

For the cellular modem, in your run-of-the-mill iPhone or Android phone nowadays, it is simply false that the cellular modem can access arbitrary data in RAM. Can't tell you about WiFi, but I expect a similar situation.

There's a lot of room for improvement in secure smartphone architectures, but the "baseband can read your photos" trope is simply false.

◧◩◪◨
4. jcims+1h[view] [source] 2019-11-28 14:04:02
>>DCKing+ef
I don’t know much about the responsibilities of the baseband but it seems that there are other attack vectors. Can it read storage? What about unencrypted content going over the network?
◧◩◪◨⬒
5. yjftsj+Ij[view] [source] 2019-11-28 14:28:59
>>jcims+1h
Of course the network hardware can see unencrypted network traffic. That's unfixable, except of course by encrypting everything.
◧◩◪◨⬒⬓
6. Dyslex+el[view] [source] 2019-11-28 14:44:58
>>yjftsj+Ij
only there is no process isolation so no strong guarantee that secrets aren't leaked. no control over baseband makes the whole environment in which (other privacy protecting) apps are running extremely hostile from a security pov.
[go to top]