Building a new totally free phone

Paul Wise pabs at
Fri Aug 23 15:26:45 CEST 2013

Security experts have moved on from that line of thinking long ago I
think. The problem with it is that a GSM/3G/LTE modem is not just a
communications channel. It is a generic processor running software.
Probably buggy, insecure, proprietary software. Same goes for GPS,
WiFi, Ethernet and other external-facing firmware. Depending on the
architecture of your device and the simplicity and security of the
interface between your modem and your, attackers may be able to turn
their probably relatively-easy-to-aquire modem beachhead into full
control and monitoring of the whole system. This is the reason the
Replicant folks strongly recommend against Qualcomm devices, where the
CPU is controlled by the modem.

Based on the talks I saw at OHM2013, the SIM card may be a similar
threat. The good news is that some SIM cards are insecure enough that
you (and remote attackers) can calculate the Ki, remove the SIM and
use the Ki instead.

OHM2013 also taught me that the carrier networks are full of juicy
insecure Linux based systems, so you don't just have to worry about
carrier collaboration with nation-state adversaries.

Yes, we need better protocols but we also need libre embedded software
and carriers who run libre software and have some ethics.


More information about the community mailing list