[Arm-netbook] 2 ideas

Christian Kellermann ckeen at pestilenz.org
Tue Aug 2 10:36:10 BST 2016


* Luke Kenneth Casson Leighton <lkcl at lkcl.net> [160730 19:41]:
> On Sat, Jul 30, 2016 at 6:28 PM, Luke Kenneth Casson Leighton
> <lkcl at lkcl.net> wrote:
>
> >>> http://rhombus-tech.net/community_ideas/hybrid_phone/ lot happening in
> >>> a very short amount of time.  this proposed phone design has a
> >>> hardware kill-switch on the modem.  cuts the power entirely.
> >>
> >> It would be great, if this could be come to life too.
> >
> >  working on it.  slowly.  one thing at a time.
>
>  btw, one of the reasons for starting a smart-ish phone with a hard
> kill switch on the modem is down to a story where i accidentally found
> out that there are over-the-air arbitrary remote code execution paths
> in these modems.
>
>  i had been asked by dr stallman to investigate the possibility of
> hard-disabling firmware updates in a 3G modem.  the sales person that
> i spoke to *misunderstood* my enquiry, and accidentally answered the
> question "is it possible for governments or other third parties to
> arbitrarily load and run executables over-the-air without the
> end-user's knowledge?" with an implicit "yes".
>

This is part of the GSM standard. The SIMs need to be able to run Java
applets insider their processor. Allowing the tracking of the device
amongst other things. This has been made public in 2013:

https://media.ccc.de/v/30C3_-_5449_-_en_-_saal_1_-_201312271715_-_mobile_network_attack_evolution_-_karsten_nohl_-_luca_melette

Kind regards,

Christian

--
May you be peaceful, may you live in safety, may you be free from
suffering, and may you live with ease.



More information about the arm-netbook mailing list