Given how many times I've crashed the Linux USB stack with misbehaving USB devices (including the M1 in gadget mode/m1n1...), I *guarantee* the modem in the L5 is in a position to remotely exploit the AP.
Conversation
Also, given their complete lack of any actual care for security, I doubt the L5 locks down the USB port for the modem to a PID/VID/descriptor whitelist... so their attack surface is *every USB device driver in the Linux kernel*. Which is a *hilarious* security downgrade.
1
10
I would hope they do (i remember reading /something/ about that somewhere, maybe it was an idea and not that someone had implemented it for the PP/L5)
but yeah, it's far from ideal
1
4
USBGuard works on L5 and is integrated with GNOME. It's not enabled by default yet because there are still some details to flesh out, but it's going to be.
1
1
So you're saying *today* your baseband isolation is much worse than ~every other phone's. And maybe in the future it'll be the ~same. While marketing yourselves as much better. Gotcha.
1
2
23
I'm starting to think that the security of all these "libre" devices is pathologically bad precisely because the engineers working on them are people who *don't* understand how security is engineered in more serious systems, and that's why they think they're scary and bad.
2
5
33
Spend a bunch of time keeping blobs away from the main CPU, don't even hash them. RYF certified laptops with µCs running blobs with full DMA access. Shared memory scary even though it's behind a firewall, let's expose the entire USB attack surface to the baseband instead.
2
3
26
"Layered Security", don't even have an IOMMU. Libre all the things, no secureboot. Throw on an off the shelf eMMC, no firmware audit and no FDE by default, there's another blob with full system access.
1
2
23
Actually I see they do FDE by default now (as of a couple months ago), too bad no integrity and no secureboot so the eMMC can still just take over.
"Open TrustZone code!" which you aren't actually doing any interesting security features with. All key management in the OS.
1
1
15
Anti-rollback storage? Don't need that when there's no passcode unlock attempt limit at all. Brute force to your heart's content.
I thought they said this was for "regular users" who wouldn't use a 32-character passphrase to unlock their phone?
2
1
15
Their choice of SoC, cellular baseband, Wi-Fi baseband and other components is based on the warped view that having persistent firmware in components is somehow more open or freedom respecting than the OS being required to load the firmware which is more secure and transparent.
They mislead people into thinking that it's an open hardware device and ignore the many serious privacy and serious issues with their product. They spread tons of misinformation about other products and open source projects including GrapheneOS and have done substantial harm.
1
11
GrapheneOS has spent years since we started in 2014 looking for hardware partners interested in making private and secure devices rather than focusing on branding/marketing and producing something significantly worse than iPhone or Pixel which are still leagues ahead of everyone.
1
13
Show replies