Every ARM SoC is proprietary, closed hardware. Same applies to most other hardware components like Wi-Fi / NFC / cellular radios, touchscreens, cameras and even batteries. There is nothing open about it, and not shipping the firmware updates just exposes users to vulnerabilities.
Conversation
Replying to
Then close off the attack surface to access these from untrusted domains. Installing new black boxes is not security hygiene.
1
Replying to
There's a lot of work by others on improving isolation for these components and reducing exposed attack surface. I'm not particularly focused on security in this thread but rather frustration with projects falsely pretending to be open hardware or provide better privacy/security.
1
3
I don't understand how people can get away with presenting completely proprietary hardware / firmware as open. I'm sure it's even more frustrating for people doing the hard work of making actual open hardware, especially those trying to match current privacy/security properties.
1
6
Replying to
Absolutely. I share your frustration with misrepresentation of ARM SoCs as open, just not your enthusiasm for allowing post-shipping black box code in to replace one set of vulns with another, possibly-intentional set.
1
Replying to
It's not really a black box when it's not obfuscated and can be disassembled. The firmware signing keys for a lot of these things are also not controlled by the SoC vendor but rather the phone vendor and development boards can be obtained without keys burned into the fuses yet.
Being able to install firmware security updates fixing serious security vulnerabilities is important. Not being able to fix a remote code execution bug in the Wi-Fi radio or the GPU is a serious problem. Sure, the components should be isolated and usually are to some extent.
1
6
Having it isolated doesn't make the attacker gaining local code execution a non-issue though. There are direct consequences to these security vulnerabilities and it gives the attackers a way to compromise the rest of the device. It's a major step towards exploiting the OS.
1
1
Show replies
Replying to
If you're up for disassembling and diffing updates to see what they actually do, then I think it's reasonable to ship them even if they're proprietary in sense of license.