Comment by Bender
1 day ago
I remember listening to his talks and had some respect for him. He could defeat any argument about any perceived security regarding any facet of tech. Not so much any more. He knows as well as I do anything on a phone can never be secure. I get why he did it. That little boat needed an upgrade and I would do it too. Of course this topic evokes some serious psychological responses in most people. Wait for it.
> He knows as well as I do anything on a phone can never be secure
I assume because of the baseband stuff to be FCC compliant? Last I checked that meant DMA channels, etc. to access the real phone processor. All easily activated over the air.
All easily activated over the air.
Indeed. The only reason this is not used by customer support for more casual access, firmware upgrades and debugging is a matter of policy and the risk of mass bricking phones and as such this is not exposed to them. There are other access avenues as well including JTAG debugging over USB and Bluetooth.
I don't think the FCC requires DMA channels. That's done out of convenience because it's how PCIe works.
The FCC doesn't require DMA channels, but the baseband processor may have access to it among anything else.
1 reply →
Any citation on this? I’ve never heard that.
47 CFR Part 2 and Part 15
FCC devices are certified / allowed to use a spectrum, but you must maintain compliance. If you're a mobile phone manufacturer you have to be certain that if a bug occurs, the devices don't start becoming wifi jammers or anything like that.
This means you need to be able to push firmware updates over the air (OTA). These must be signed to avoid just anyone to push out such an OTA.
The government has a history of compelling companies to push out signed updates.
There are hobbyist groups that tinker with these things. They are just as lazy as me and do not publish much. One has to find and participate in their semi-private .onion forums. Not my cup of tea. Most of it goes over my head and requires special hardware I am not interested in tinkering with.