[Replicant] is replicant 6 insecure? does google update android 6?

Denis 'GNUtoo' Carikli GNUtoo at cyberdimension.org
Tue Mar 31 23:45:58 UTC 2020 

On Tue, 31 Mar 2020 20:14:52 +0200
a <ninhar at inbox.lv> wrote:

> I have followed replicant long enough to know, there is no intentional
> or devious intend from replicant.

> It is about informing people about replicant's limitations.
We need help on that. We also need help on a lot of things like the
wiki, etc.

> You must not be able to miss it. I agree the warning can be generic
> and ask you to select a link for further pieces of information.
Talking about "limitations" of Replicant like you suggest is a good
idea.

Having a link which points to the status with "Learning
about the (current) limitations of Replicant" could be a start.

That could link to a page that points to several resources:
- The Replicant status for the people that may consider using Replicant
- The freedom privacy and security page for everybody that has enough
  time to read it whether or not someone intends to use Replicant

> I did not know replicant is based on packages which are not maintained
> upstream. When I enter replicant.us' website and the website of my
> phone, then I want a warning message, starting with the word warning.
> And it has to be highlighted.
Note that what seem to be the most important for you might also be
completely irrelevant for other people and vice versa. 

All the humans don't necessarily live the same lives, take the same
decisions, etc.

Also keep in mind that security is also relative to a threat model, and
in my personal threat model, backdoors are a way bigger problem than
some security issues present here and there.

Some recent unfixable security issues affecting the Management Engine
are also very good news for free software as it potentially enables to
replace the nonfree OS by free software. 

In Replicant we are also looking for unfixable security issues in the
Exynos 4412 bootroms, which would enable us to get run free software
bootloaders on the device.

If there are unfixable security issues in the Exynos 4210, OMAP3 or
OMAP4 bootroms we would also be very interested in that. 

Also note that we do accept patches for Replicant 6.0 as well.
For instance I sent some patches for it yesterday. So if anyone still wants
to backport security fixes that it still possible, but I don't think
it's a good strategy as the amount of work is probably way bigger than
porting Replicant to Android 9.

> On
> https://redmine.replicant.us/projects/replicant/wiki/GalaxySIIGTI9100
> there is a message:
> Galaxy S 2 (I9100) Privacy/security issues
> If it is a link, it does not work. The word warning is missing. And
> the message should be located at the top, next to the data
> of the phone.
This is also one of the many things we try to work on from time to time.

This link it not meant to describe any freedom, privacy or security
issues present within Replicant.

Instead, it's meant to describe freedom, privacy or security issue
specific to the GT-I9100 variant of the Galaxy SII we know about, and
even for the GT-I9300, the work is not 100% complete either.

For instance we still need to do a better analysis of the components
being on the device, and have references and proofs that can show that
there aren't extra microphone connected to the modem for instance.

My current strategy is to try to combine as many things as possible
when working on a given area. 

For instance I recently I started looking into more details at the GPIO
interface between the modems and the system on a chip running Replicant,
in order to see if it's possible to do a good abstraction of the modem
in libsamsung-ipc. 

That abstraction, good or bad, is needed for Replicant 9 anyway. And I
found potential issues that needs to be investigated in more details.

Even if some of the issues turns out to be problematic, they are all
probably fixable in Replicant 9 in a very robust way, so it'll probably
be done at some point. We plan to try USB whitelist and/or USBguard to
prevent the modem from becoming a keyboard for instance.

Keep in mind that we are trying to do our best, despite having
very few people contributing to Replicant. Contributions in term of
documentation, code, etc are very welcome.

We also need to spend time Replicant 9 too, as once it is ready, it will
fix many security issues and we could remove the warning.

At that point we will also need to make way more frequent releases in
order to limit the number of security issues still present in the last
release.

Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20200401/e16e1288/attachment.asc>

More information about the Replicant mailing list