[Arm-netbook] 2 ideas

Luke Kenneth Casson Leighton lkcl at lkcl.net
Sat Jul 30 18:40:20 BST 2016


On Sat, Jul 30, 2016 at 6:28 PM, Luke Kenneth Casson Leighton
<lkcl at lkcl.net> wrote:

>>> http://rhombus-tech.net/community_ideas/hybrid_phone/ lot happening in
>>> a very short amount of time.  this proposed phone design has a
>>> hardware kill-switch on the modem.  cuts the power entirely.
>>
>> It would be great, if this could be come to life too.
>
>  working on it.  slowly.  one thing at a time.

 btw, one of the reasons for starting a smart-ish phone with a hard
kill switch on the modem is down to a story where i accidentally found
out that there are over-the-air arbitrary remote code execution paths
in these modems.

 i had been asked by dr stallman to investigate the possibility of
hard-disabling firmware updates in a 3G modem.  the sales person that
i spoke to *misunderstood* my enquiry, and accidentally answered the
question "is it possible for governments or other third parties to
arbitrarily load and run executables over-the-air without the
end-user's knowledge?" with an implicit "yes".

 we also know that this feature is something that Telit provide and
actively advertise as part of their Industrial and Automotive modem
series, but with Telit's range that is something that is definitely
desirable (to be able to fix any software bugs in a modem which could
be embedded absolutely in the remotest or most hostile and
inaccessible environments, used for Telemetry data gathering).

 the accidental example however was *NOT* an industrial 3G modem - it
was an end-user "mobile phone" 3G modem that is commonly-used in
smartphones and tablets.

 so this is not a theoretical exercise: modem manufacturers are forced
to provide back-door paths for spying purposes without end-user's
knowledge, hence the need for open transparent hardware and hard
kill-switches on all and any components that can't be audited.

l.


---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68



More information about the arm-netbook mailing list