[Replicant] [PATCH v2][ 11/11] freedom-privacy-security-issues: Improve the modem isolation description.
Denis 'GNUtoo' Carikli
GNUtoo at no-log.org
Mon Mar 28 18:50:31 UTC 2016
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo at no-log.org>
---
freedom-privacy-security-issues.php | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/freedom-privacy-security-issues.php b/freedom-privacy-security-issues.php
index b78665e..6587da1 100644
--- a/freedom-privacy-security-issues.php
+++ b/freedom-privacy-security-issues.php
@@ -66,9 +66,10 @@
Despite this situation, the modem remains a crucial part for privacy/security: it is nearly always connected to the GSM network, allowing for <a href="//www.gnu.org/philosophy/malware-mobiles.html">remote control</a>.
The modem can be more or less damaging to privacy/security depending on what hardware it has access to and can control.
That is to say, how isolated it is from the rest of the device.<br /><br />
- A device with bad modem isolation would allow the modem to access and control key parts of the hardware, such as the RAM, storage, GPS, camera, user I/O and microphone.
- This situation is terrible for privacy/security as it provides plenty of ways to efficiently spy on the user, triggered remotely over the mobile telephony network.
- Those are accessible to the mobile telephony operator, but also to attackers setting up fake base stations for that purpose.
+ A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware.
+ For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone.
+ This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network.
+ That mobile telephony network is accessible to the mobile telephony operator, but also to attackers setting up fake base stations for that purpose.
<a href="images/freedom-privacy-security-issues/good-modem-isolation.png" data-lightbox="current-situation" data-title="Good modem isolation"><img src="images/freedom-privacy-security-issues/good-modem-isolation.png" alt="Good modem isolation" style="width: 250px; float: right;"/></a>
On the other hand, when the modem is well-isolated from the rest of the device, it is limited to communicating directly with the SoC and can only access the device's microphone when allowed by the SoC.
It is then strictly limited to accessing what it really needs, which considerably reduces its opportunities to spy on the user.
--
2.7.4
More information about the Replicant
mailing list