Comment by badrabbit

I am not sure I fully understand what you mean, but my question was that if all important data/metadata is encrypted when it leaves the hardware that is trusted then why does it matter if there was a hostile malware on the baseband hardware? A sibling comment mentioned the pinephone has only usb and i2c to the baseband, so barring 0 days over the USB, unless USB also means whatever the equivalent of DMA on mobile is, then it can't impact trusted code.

This is kind if like my home ISP router. I don't care if it is compromised because I don't manage it and I don't trust it with any of my important data or expose it directly to trusted devices.