Comment by jcims
6 years ago
I don’t know much about the responsibilities of the baseband but it seems that there are other attack vectors. Can it read storage? What about unencrypted content going over the network?
6 years ago
I don’t know much about the responsibilities of the baseband but it seems that there are other attack vectors. Can it read storage? What about unencrypted content going over the network?
Of course the network hardware can see unencrypted network traffic. That's unfixable, except of course by encrypting everything.
only there is no process isolation so no strong guarantee that secrets aren't leaked. no control over baseband makes the whole environment in which (other privacy protecting) apps are running extremely hostile from a security pov.
That's not really correct either.
Modern Android/Qualcomm phones have pretty sophisticated security architectures that do indeed isolate the baseband, partly because exploiting baseband bugs was such a common source of phone unlocks in the past. If an app is using SSL then the baseband can't read what's happening.