Project

General

Profile

Replicant mentioned on Tor Blog

Added by Kurtis Hanna almost 10 years ago

Executive Summary

The future is here, and ahead of schedule. Come join us, the weather's nice.

This blog post describes the installation and configuration of a prototype of a secure, full-featured, Android telecommunications device with full Tor support, individual application firewalling, true cell network baseband isolation, and optional ZRTP encrypted voice and video support. ZRTP does run over UDP which is not yet possible to send over Tor, but we are able to send SIP account login and call setup over Tor independently.

The SIP client we recommend also supports dialing normal telephone numbers, but that is also UDP+ZRTP, and the normal telephone network side of the connection is obviously not encrypted.

Aside from a handful of binary blobs to manage the device firmware and graphics acceleration, the entire system can be assembled (and recompiled) using only FOSS components. However, as an added bonus, we will describe how to handle the Google Play store as well, to mitigate the two infamous Google Play Backdoors.

https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy
By Mike Perry

They had this to say about Replicant...

If you read the Cyanogenmod build instructions closely, you can see that it requires extracting the binary blobs from some random phone, and shipping them out. This is the case with most ROMs. In fact, only the Replicant Project seems concerned with this practice, but regrettably they do not support any wifi-only devices. This is rather unfortunate, because no matter what they do with the Android OS on existing cell-enabled devices, they will always be stuck with a closed source, backdoored baseband that has direct access to the microphone, if not the RAM and the entire Android OS.

Kudos to them for finding one of the backdoors though, at least.

Would Replicant like to comment on this?


Replies (7)

RE: Replicant mentioned on Tor Blog - Added by Paul Kocialkowski almost 10 years ago

An yet again, I'm a week late on things. I'll try to get in touch with them to discuss what Replicant can do to improve privacy. Plenty of other projects are also working on privacy for Android, it'd be nice to see what we can do together! While Replicant doesn't particularly focus on security, but rather on software freedom, security is not possible without freedom and on the other hand, we encourage the development of software that enables people to have actual privacy, so we have common interests here!

RE: Replicant mentioned on Tor Blog - Added by lership lership over 8 years ago

In all devices supported by Replicant, the baseband can access the microphone without going through the AP. Is this correct? If it is, then this is no better than Qualcomm.

RE: Replicant mentioned on Tor Blog - Added by Paul Kocialkowski over 8 years ago

The microphone is always connected through a separate CODEC and the main CPU has to tell the CODEC to route the microphone to the modem, as far as I could see. Of course, we should look closer at the leaked schematics to figure out whether the modem has a way of instructing the CODEC to do the routing itself.

The fact that the modem is tightly integrated with the CPU on Qualcomm brings much more issues for privacy/security than the devices currently supported by Replicant, not to mention the state of free software support.

RE: Replicant mentioned on Tor Blog - Added by lership lership over 8 years ago

Thanks for the explanation. I had a look at a block diagram for the S III. None of the paths to the codec are suspicious, but of course this doesn't prove anything.

I assume there is a command or a simple sequence of commands to the AP-side modem interface that would initiate a quiet call.

RE: Replicant mentioned on Tor Blog - Added by Paul Kocialkowski over 8 years ago

but of course this doesn't prove anything.

Exactly, yes.

I assume there is a command or a simple sequence of commands to the AP-side modem interface that would initiate a quiet call.

Well, an application with sufficient rights could likely initiate a call by bypassing the java Android interfaces and thus, the users wouldn't notice. It could also redirect audio to the modem transparently, thus why we believe it's critical to have fully free software running on the system for privacy/security!

RE: Replicant mentioned on Tor Blog - Added by lership lership over 8 years ago

Sorry, I should clarify that I meant commands from the baseband processor.

RE: Replicant mentioned on Tor Blog - Added by Paul Kocialkowski over 8 years ago

The baseband could initiate a call, of course, but it couldn't grab the audio. For that, it would have to ask for the main CPU's cooperation, which of course Replicant won't allow.

    (1-7/7)