Neal H. Walfield neal at walfield.org
Tue Nov 5 23:24:09 CET 2013

Hi, Peter,

At Wed, 6 Nov 2013 08:49:48 +1100 (EST),
Peter wrote:
> apologies for this possibly "naive" question.. I am a sysadmin with 
> insufficient knowledge of mobile related hardware.
> However, I am exploring how useful this project could be for 
> security-concerned people as journalists (e.g.)
> In some situations these people want to be sure that their phone does not 
> spy on them - as well as does not make them trackable.
> Here is a question: can you use software to switch off some functionality 
> completely, e.g. stopping communication with the mobile network?

This is a greater question.

Unfortunately, it is not possible to get the source code to most
modems.  The excuse that the vendors give is that since laws carefully
regulate how radios are used, the modem cannot run arbitrary code.
Some OSes provide a software kill switch that turns off the modem, but
since the hardware and software and not typically open, you can't
verify that it really works.

There are two things that we can do, however.  First, if we build or
are able to inspect the hardware, we can verify that the software kill
switch really does work.  That is, we can verify whether when the OS
turns the modem off, it really cuts the power to the modem.  At that
point, there is really nothing the modem can do.  Second, we can make
sure that the modem can't access the OS's memory.  That is, we only
talk to it via some serial-like interface and interrupts.  In
particular, we don't allow it to do DMA (at least not without an
IOMMU).  This ensures that the modem can't extract and upload data or
encryption keys that might be in memory.

The only phone that is likely to satisfy these requirements is the

If you are interested in this topic, I hope to give a talk at the
upcoming OHS workshop about an OS that I'm developing exactly for the
scenario that you are describing.  Please see:



