[Replicant] [PATCH v2][ 11/11] freedom-privacy-security-issues: Improve the modem isolation description.
contact at paulk.fr
Wed Apr 20 09:45:15 UTC 2016
Le lundi 28 mars 2016 à 20:50 +0200, Denis 'GNUtoo' Carikli a écrit :
> Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo at no-log.org>
Please drop the final point in the commit title. Otherwise:
Acked-by: Paul Kocialkowski <contact at paulk.fr>
> freedom-privacy-security-issues.php | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
> diff --git a/freedom-privacy-security-issues.php b/freedom-privacy-security-
> index b78665e..6587da1 100644
> --- a/freedom-privacy-security-issues.php
> +++ b/freedom-privacy-security-issues.php
> @@ -66,9 +66,10 @@
> Despite this situation, the modem remains a
> crucial part for privacy/security: it is nearly always connected to the GSM
> network, allowing for <a href="//www.gnu.org/philosophy/malware-mobiles.html">
> remote control</a>.
> The modem can be more or less damaging to
> privacy/security depending on what hardware it has access to and can control.
> That is to say, how isolated it is from the
> rest of the device.<br /><br />
> - A device with bad modem isolation would allow
> the modem to access and control key parts of the hardware, such as the RAM,
> storage, GPS, camera, user I/O and microphone.
> - This situation is terrible for
> privacy/security as it provides plenty of ways to efficiently spy on the user,
> triggered remotely over the mobile telephony network.
> - Those are accessible to the mobile telephony
> operator, but also to attackers setting up fake base stations for that
> + A device with bad modem isolation cannot
> prevent the modem from accessing and controlling key parts of the hardware.
> + For instance the main CPU's RAM, its storage,
> the GPS, the camera, user I/O and the microphone.
> + This situation is terrible for
> privacy/security as it provides plenty of opportunities to efficiently spy on
> the user, that could be triggered remotely over the mobile telephony network.
> + That mobile telephony network is accessible
> to the mobile telephony operator, but also to attackers setting up fake base
> stations for that purpose.
> <a href="images/freedom-privacy-security-
> issues/good-modem-isolation.png" data-lightbox="current-situation" data-
> title="Good modem isolation"><img src="images/freedom-privacy-security-
> issues/good-modem-isolation.png" alt="Good modem isolation" style="width:
> 250px; float: right;"/></a>
> On the other hand, when the modem is well-
> isolated from the rest of the device, it is limited to communicating directly
> with the SoC and can only access the device's microphone when allowed by the
> It is then strictly limited to accessing what
> it really needs, which considerably reduces its opportunities to spy on the
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part
More information about the Replicant