Project

General

Profile

Advice needed

Added by n n about 6 years ago

Hi all,

quite a newbie on smartphones, bear with me please.
Yet to buy my first one, was wondering a few things:

Modem isolation - I pressume all devices listed in wiki section have limited modem - system interaction.
Is that interaction regulated by Replicant itself, or does user have to configure additional software?
I would like my phone to be secure as much as possible - what should I install?
Am considering Galaxy S2 or similar, your thoughts on that?

Any help is much appreciated.


Replies (6)

RE: Advice needed - Added by Paul Kocialkowski about 6 years ago

Each device has a freedom issues category on its dedicated page which lists what we suspect the modem could do. These are just assumptions and in doubt, we should consider that the modem can access the device's GPS/storage/RAM, etc. However, we have reasons to believe it might not be the case on some devices.

The best devices on this regard are the Galaxy S 2 (I9100), Galaxy Nexus (I9250), Galaxy S 3 (I9300) and Galaxy Note 2 (N7100).

RE: Advice needed - Added by P. Kasita over 5 years ago

These are just assumptions and in doubt, we should consider that the modem can access the device's GPS/storage/RAM, etc. However, we have reasons to believe it might not be the case on some devices.

How do you deduce if modem can or cannot access non-modem resources?

RE: Advice needed - Added by Paul Kocialkowski over 5 years ago

The first thing we look at is how data is transported back and forth between the modem and the main CPU. If it is over shared RAM, it probably means that it can access RAM. If it is over shared USB, there is no reason why the modem would be able to access the main RAM, but it could still be done for malicious purposes. Regarding the main storage, it is likely that if the CPU has to load the modem firmware over UART/USB, then the modem cannot do it itself. But then again, it might be able to do it to spy. For the GPS, the only relevant information is in the service manuals, where you can find schematics of the hardware. However, we can not check that these schematics match the actual hardware. Service manuals are also useful to figure out memory/storage connections to the modem as well. On top of that, when the CPU is on the same chip as the modem, we can consider that the modem has access to its resources. When the GPS is on the modem, it's obvious that it's compromised as well.

So using all that information, we can reliably determine when a device is flawed, but we cannot really tell when it is not, even though there are clues that we cannot really verify.

RE: Advice needed - Added by P. Kasita over 5 years ago

the only relevant information is in the service manuals

Are there any publicly accessible service manuals for devices already supported by Replicant?

RE: Advice needed - Added by Paul Kocialkowski over 5 years ago

Well, service manuals are usually leaks but they're pretty easy to find. As far as I know, there are such manuals available in the wild for the Samsung devices supported by Replicant, I'm not sure about the Nexus ones.

RE: Advice needed - Added by john d over 4 years ago

Who would know if there was indeed bad modem isolation? someone at the telecom companies or the manufacturers? how easy or hard is it really to pull off a hack through the modem? a criminal/government adversary would find a way around an attack if they thought modem isolation was too time or money consuming... can we talk about this a little bit?

    (1-6/6)