Comment

Comment on Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

AProfessional@lemmy.world ⁨1⁩ ⁨year⁩ ago

Even that isn’t enough. The wireless modules of phones typically have direct access to system memory and, by law, have proprietary firmware. Plenty of exploits have been found over the years. This needs to be isolated to avoid backdoors/bugs.

source

Sort:hotnew top

narc0tic_bird@lemm.ee ⁨1⁩ ⁨year⁩ ago
Not saying you’re wrong, but I’d love to read the sources to your claims.

source
- elderflower@lemmy.world ⁨1⁩ ⁨year⁩ ago
  Example: grapheneos.org/faq#baseband-isolation
  
  Yes, the baseband is isolated on all of the officially supported devices. Memory access is partitioned by the IOMMU and limited to internal memory and memory shared by the driver implementations…Earlier generation devices we used to support prior to Pixels had Wi-Fi + Bluetooth implemented on a separate SoC. This was not properly contained by the stock OS and we put substantial work into addressing that problem.
  
  Baseband modems were not isolated from kernel memory in stock Android, GrapheneOS had to do it themselves using the IOMMU. We do not know for sure due to the proprietary/closed-source nature of baseband modem drivers, but we have no reason to assume any OEM (Samsung, Xiaomi etc) implemented proper isolation of baseband modem and system memory.
  
  source
  - narc0tic_bird@lemm.ee ⁨1⁩ ⁨year⁩ ago
    That’d be a huge oversight on their part. Thanks for the clarification.
    
    source
jet@hackertalks.com ⁨1⁩ ⁨year⁩ ago
By law? Which law?

source