← Back to context

Comment by averageRoyalty

2 years ago

This is an excellent reference. It is worth emphasising though, this does not make the device secure.

No matter what OS you put on, there's still a proprietary baseband blob with executuon permissions underneath. All of these devices are built compromised.

3 comments

averageRoyalty

Reply
steelframe  2 years ago

Absolutely! I was focusing on moving toward a generally more privacy-centric way of using a mobile device. Of course an insecure device can be made to neutralize any privacy-protecting measures I've described. However just because a device has a vulnerability doesn't necessarily mean that it will be compromised. In fact I'd be surprised if there is more than, say, a 1% chance that any given random Pixel 7 phone is actually compromised via the baseband code.

Also, that said, if you are personally targeted by your government for surveillance, all bets are off. I don't know how to defend against that, but a potential start would be to eliminate all electronic devices from your person and your house and then to set off a powerful EMP every time you walk through your door when coming back home.

It's refreshing that Google, the same company that makes Android, has recently called out baseband blobs for their poor security.

https://googleprojectzero.blogspot.com/2023/03/multiple-inte...

Here's some discussion on the GrapheneOS forum:

https://discuss.grapheneos.org/d/3942-baseband-vulnerabiliti...

While I'm not convinced it's causing widespread exploitation, baseband blobs are definitely a problem, and hopefully some of the advocacy that Google's Android org puts on phone vendors can get us to a better place. And maybe efforts from organizations like Librem can push us toward modems with fully OSS firmware.