← Back to context

Comment by kuhsaft

6 hours ago

Not OP, but

> This is false. Please stop writing false statements without any links. NXP promises to produce the i.MX 8M Quad until Jan. 2033. The support will be even longer.

I think they meant that the processor itself is old. It supports ARMv8 and is lacking the enhanced memory protection and execution features of the ARMv9-A processors on newer phones.

> This is false again. It doesn't matter how much my device might be compromised. The attacker will not get any access to the shut down sensors, radios or voice/video, if I use the three kill switches.

The problem is that your device can be compromised quite easily and without you knowing. The kill switches are moot at that point.

7 comments

kuhsaft

Reply
fsflover  6 hours ago

The kill switches will work independently on a compromise. Why are they moot? Also, it's possible to completely reflash the device in case of doubt.

"quite easily" strongly depends on what exactly you are doing. For example, if I use Firefox with NoScript, then it is not very easy.

  • kuhsaft  6 hours ago

    > The kill switches will work independently on a compromise. Why are they moot?

    Kill switches only work as a security feature when you activate them before you know you're compromised. But that's impossible.

    It's a reactive "security" feature not a proactive one.

    > For example, if I use Firefox with NoScript, then it is not very easy.

    Security vulnerabilities aren't only JS related.

    https://www.mozilla.org/en-US/security/advisories/mfsa2026-3...

    https://www.mozilla.org/en-US/security/advisories/mfsa2026-3...

    Adding an extension that can access all your browsing data doesn't seem very secure either.

    Required permissions:

    - Access browser tabs

    - Access browser activity during navigation

    - Access your data for all websites

    • fsflover  5 hours ago

      Good links, thank you. I agree that my protection is not perfect in general. Fortunately I do not open random websites on my phone; I have my laptop with Qubes OS for that.

      > Adding an extension that can access all your browsing data doesn't seem very secure either.

      This is not just a random extension but an officially recommended one, https://support.mozilla.org/en-US/kb/recommended-extensions-.... It's also regularly verified by the community. I trust it as I trust Firefox.

      4 replies →