On Sat, Jul 30, 2016 at 6:28 PM, Luke Kenneth Casson Leighton lkcl@lkcl.net wrote:
http://rhombus-tech.net/community_ideas/hybrid_phone/ lot happening in a very short amount of time. this proposed phone design has a hardware kill-switch on the modem. cuts the power entirely.
It would be great, if this could be come to life too.
working on it. slowly. one thing at a time.
btw, one of the reasons for starting a smart-ish phone with a hard kill switch on the modem is down to a story where i accidentally found out that there are over-the-air arbitrary remote code execution paths in these modems.
i had been asked by dr stallman to investigate the possibility of hard-disabling firmware updates in a 3G modem. the sales person that i spoke to *misunderstood* my enquiry, and accidentally answered the question "is it possible for governments or other third parties to arbitrarily load and run executables over-the-air without the end-user's knowledge?" with an implicit "yes".
we also know that this feature is something that Telit provide and actively advertise as part of their Industrial and Automotive modem series, but with Telit's range that is something that is definitely desirable (to be able to fix any software bugs in a modem which could be embedded absolutely in the remotest or most hostile and inaccessible environments, used for Telemetry data gathering).
the accidental example however was *NOT* an industrial 3G modem - it was an end-user "mobile phone" 3G modem that is commonly-used in smartphones and tablets.
so this is not a theoretical exercise: modem manufacturers are forced to provide back-door paths for spying purposes without end-user's knowledge, hence the need for open transparent hardware and hard kill-switches on all and any components that can't be audited.
l.
--- crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68