Project

General

Profile

NexusSI902xPrivacySecurityEvaluation » History » Version 4

Denis 'GNUtoo' Carikli, 05/20/2016 06:21 PM

1 1 Denis 'GNUtoo' Carikli
h1. NexusSI902xPrivacySecurityEvaluation
2
3 2 Denis 'GNUtoo' Carikli
Note that this information may or may not be exhaustive.
4
It also may or may not contain all known issues or good point about this device.
5
6
Freedom issues on the Nexus S (I902x):
7
* The hardware is proprietary.
8
* Some peripherals do require proprietary firmwares to work, some of which are [[NexusSI902xLoadedFirmwares|firmwares loaded by the system]]
9
* The bootrom code (which is read-only by definition) is proprietary.
10
* The bootloader is proprietary and signed [[NexusSI902xBootloader|bootloader]]
11
12
Modem related:
13
* The modem runs proprietary software. It is loaded but not shipped by Replicant.
14 4 Denis 'GNUtoo' Carikli
** It has shared memory with the main CPU. This gives "DMA aAttack":https://en.wikipedia.org/wiki/DMA_attack like capability to the modem.
15 2 Denis 'GNUtoo' Carikli
** We are not aware of it being able to access the GPS, but it woulnd't be surprising if it still could (by having a direct connection to it).
16
** Even if it has no physical access to the other CPU peripherals, it may be able to maliciously modify the main CPU ram to gain such access.
17 4 Denis 'GNUtoo' Carikli
* "Nexus S terminal profile":https://terminal-profile.osmocom.org/decode.php?tp=7f0affff1f000003940000000000000000400000