[Gta04-owner] Almost bought a spyPhone?
mx4812 at arcor.de
mx4812 at arcor.de
Wed Apr 10 12:53:33 CEST 2013
> That is too late and maybe a little too technical detail...
better now then never
> How can it be improved?
Text to be placed in info blocks / divs on a prominent page.
...
Almost bought a spyPhone?
Nah, guess not. These come in many flavors!
Spying Apps
Well, you know them.
Spying Operating System
Look here
https://github.com/CyanogenMod/android_device_lge_mako/blob/cm-10.1/proprietary-blobs.txt
to see how manny untrustable binary programms need run to use closed android devices.
There are a lot of them...way too much.
As Replicant developers, consequently we decided not to lend our effeorts towards certain phone hardware.
We also strongly suspect that theses libraries implement spyware.
Specifically, the proprietary parts of the RIL(the library which talks to
the modem). We suspect that it tracks your position trough the cell ID, and could also
copy and modify files on your device (on nexus S we heard that the
proprietary ril even ran as root...).
Modem Firmware Spying
Some phones share memory between the CPU and the modem that is controlled by non-free binary firmware.
In Nexus S there are literally banks of RAM wired to both, CPU and modem.
Rhe RAM bank has 2 areas, one of them is for exchanging with the modem(16M) and the rest ...well...it's
for the CPU code(80M)... So the modem could probably change
what's inside to to do arbitrary things.
Others, like the htc dream have share the NAND memory (holds the operating system) between the modem and the CPU.
Some even have the sound card directly connected to the modem.
(Does that ring a bell? The sound card with a microphone attached in direct control of the modem...) and
Integrated GPS
It is not uncommon to have the GPS integrated in the
modem (https://en.wikipedia.org/wiki/RRLP), so the modem can spy on your position, orientation,
environment, and heart beat with more precision than just the normal base station triangulation.
Bootloader
most of the off-the-shelf phones have non-free and signed bootloaders.
There is a lot of talks on secure boot recently, it's meant to protect
against malware subverting the boot system to install rootkits and
similar things. However, if a malware can do it, why couldn't a proprietary bootloader do
something like that?
The GTA04, while having a non-free wifi firmware that is a pain to
handle properly for operating system developers, solves all the previous mentioned issues.
More information about the Gta04-owner
mailing list