Linked by Thom Holwerda on Thu 13th Mar 2014 19:31 UTC
Privacy, Security, Encryption

First it was a huge backdoor, then it turned out not to be a big deal. Whatever is the case with this issue with Samsung phones - it only serves to highlight what I wrote about several months ago:

It's kind of a sobering thought that mobile communications, the cornerstone of the modern world in both developed and developing regions, pivots around software that is of dubious quality, poorly understood, entirely proprietary, and wholly insecure by design.

Whether or not this is actually a huge security issue, I don't care - it just further highlights the dire need for a properly and truly open baseband firmware.

Order by: Score:
Sabon
Member since:
2005-07-06

And it won't come from Android, iOS, or Windows phones or Blackberry or ... well who is left? Non smart phones? Nope.

Reply Score: 1

No it isnt Member since:
2005-11-14

Jolla and Ubuntu. And no, they won't have open basebands.

Then again, any mobile phone can and will be location tracked from the towers, so anyone pretending some brand of phone guarantees your privacy is just a shill.

Reply Score: 5

woegjiub Member since:
2008-11-25

AFAIK, it's illegal in most countries to use a device with a cellular connection without providing adequate identification, so unless you have forged credentials, you're always being tracked by the mobile provider anyway - otherwise, they can't know where to send calls/data responses.

Obviously it'd be much better if the tracking/etc. ended there, but Stallman's right about this one: if you *really* care about privacy, don't use a mobile.

TBH, that would also mean not using the internet either, since you need an ISP, and *they* need to know where to send data, so...

Really, the only way to "guarantee privacy" is to go off-grid completely and live in the forest, off on-site solar/wind power and farming.

Edited 2014-03-14 02:34 UTC

Reply Score: 5

Alfman Member since:
2011-01-28

woegiub,


Stallman's right about this one: if you *really* care about privacy, don't use a mobile.
TBH, that would also mean not using the internet either, since you need an ISP, and *they* need to know where to send data, so...


It's not quite the same though. An IP address doesn't identify you to the same level as a cell phone IMEI & Sim card.

If you really want to, you can go to a coffee shop and clear your cookies, that gives you moderate security right there. If you need more privacy, you'd need to modify your MAC address. and then modify your browser's fingerprint such that it does not point back to you.

https://panopticlick.eff.org/


At this point you are pretty safe on the computer side assuming you don't give yourself away online. However if you still wanted even more privacy from the most sophisticated adversaries, then you should probably turn off your cell phone BEFORE going to the coffee shop (otherwise your cell phone trivially proves you were there at that time).

On the other hand, it might be best to leave your phone on and leave it at home. The NSA already correlates disparate network events in order to identify "co travelers". (Turning off one phone, then turning on another, will flag both phones to the NSA as "co-travellers"). This correlation could conceivably exist also between phones and other activities. In other words, leaving your phone on and not moving it makes "them" think you stayed at home. There is no event data to correlate against.

http://leaksource.info/2013/12/05/co-traveler-analytics-nsa-collect...


Most people would balk at going to such lengths to protect their privacy. However in this day and age of government agencies who indiscriminately collect our data without regards to privacy rights or suspicion of crime, it's what you'd have to do.

Reply Score: 5

woegjiub Member since:
2008-11-25

My point was that although your IP doesn't identify you, your ISP still needs to know where to route your data.

Using anonymous wifi/public access points would work though, you are right. I actually totally forgot those existed.

Reply Score: 4

zima Member since:
2005-07-06

An IP address doesn't identify you to the same level as a cell phone IMEI & Sim card.

IEMI is pretty much enough - a GSM mobile phone without SIM card can still call 112, so it still must be tracked by the cellular network. ;)

Reply Score: 2

ichi Member since:
2007-03-06

Really, the only way to "guarantee privacy" is to go off-grid completely and live in the forest, off on-site solar/wind power and farming.


If you did that over here you'd have the government knocking on your door as soon as they found your solar panels on satellite images (I'm not sure about that qualifying as "guarantee privacy").

Yes, we are charged extra taxes for producing our own energy. How fun is that?

And yes, they actually spend time looking at satellite images to find things to charge for. A friend of mine got a notification saying he had to pay for the swimming pool he had built... which wasn't a swimming pool but a shed with a blue roof.

Reply Score: 3

woegjiub Member since:
2008-11-25

That is insane. Which country do you live in?
It's something I can easily see mine wanting to do, but being unable to (Australia is freaking *huge*).

Reply Score: 1

ichi Member since:
2007-03-06

That is insane. Which country do you live in?


The sunny and windy Spain, a place were you'd expect renowable energies being fostered instead of punished.

Reply Score: 1

zima Member since:
2005-07-06

That is insane.

AFAIK, that's fairly standard throughout the EU - the idea being, I think, that you're just another energy producer.

Reply Score: 2

zima Member since:
2005-07-06

AFAIK, it's illegal in most countries to use a device with a cellular connection without providing adequate identification, so unless you have forged credentials, you're always being tracked by the mobile provider anyway - otherwise, they can't know where to send calls/data responses.

Not quite so simple - remember, a GSM mobile phone without SIM card can still call the 112 emergency number.

Really, the only way to "guarantee privacy" is to go off-grid completely and live in the forest, off on-site solar/wind power and farming.

Small scale water power is also pretty straightforward in many places.

Reply Score: 2

Alfman Member since:
2011-01-28

No it isnt,

Rosenberg: I think calling this a "backdoor" is a bit far-fetched, much less one that can allow parties to remotely access data from your phone. This claim can be debunked with three crucial facts:

1. There is virtually no evidence for the ability to remotely execute this functionality....

2. The amount of data that can be read or written to by this functionality is very limited...this can only be used to access data specifically related to radio functionality, plus information stored on the SD card (because this is also readable by every application on the phone).

3. ...The authors had to leverage a directory traversal flaw in the handling of modem commands in order to cause the radio software to write outside of the /efs/root directory...This suggests that the intended purpose of this functionality was rather mundane and not at all malicious, and that it was simply poorly implemented.



#1. Rosenberg has a valid point, having proprietary code running in the modem isn't proof in and of itself that it's exploitable. It's nevertheless alarming that the application processor would allow the modem to access user files.

#2. Rosenberg's statement failed to debunk any claims with this one. In fact he even echos the original claims that the daemon can run as either root or as under a limited account with access to /sdcard.

#3. So what? A hacker who's gotten this far would not be phased by "../../". It doesn't much matter (to hackers) whether the vulnerability is intentional or not. In fact the best backdoors are made to look accidental:

https://freedom-to-tinker.com/blog/felten/the-linux-backdoor-attempt...



So, we know that the application processor is vulnerable. Whether the Modem is will have to remain an open question. It's not even clear to me that the binary machine code for the modem is accessible for reverse engineering? Lots of micro-controllers offer code protection that makes it near impossible to access the binary code:

www.stmcu.org/download/index.php?act=down&id=4207


Q: Does anyone know if the modem's firmware can be flashed over the air (like a cable modem)? If so, then it doesn't even matter what's in the firmware. An entity such as the NSA could just flash a new firmware at will to do whatever it wants, like exploiting the application processor's vulnerabilities.

Reply Score: 5

Interesting ...
by Bill Shooter of Bul on Thu 13th Mar 2014 20:42 UTC
Bill Shooter of Bul
Member since:
2006-07-14

I know someone that writes some of that software. For some reason, he doesn't like carrying or using a cell phone ....

Hmm....

Reply Score: 4

RE: Interesting ...
by lucas_maximus on Fri 14th Mar 2014 07:42 UTC in reply to "Interesting ..."
lucas_maximus Member since:
2009-08-18

I used to work at Maccy Ds, I don't like burgers from there either.

Reply Score: 3

open firmware
by project_2501 on Thu 13th Mar 2014 21:04 UTC
project_2501
Member since:
2006-03-20

Does one exist? Even an in development one? If there was I'm sure some people would go out of there way to get compatible hardware to achieve this kind of assurance.

An ideal opportunity for the Firefox phones?

Edited 2014-03-13 21:05 UTC

Reply Score: 2

RE: open firmware
by tingo on Thu 13th Mar 2014 21:29 UTC in reply to "open firmware"
tingo Member since:
2007-10-13

There is an ongoing effort:
http://lists.openmoko.org/pipermail/community/2013-February/068280....
and here:
http://bitbucket.org/falconian/freecalypso-sw
but that's only targeting one specific hardware.

Edited 2014-03-13 21:31 UTC

Reply Score: 6

Make your own
by dennisma on Thu 13th Mar 2014 21:45 UTC
dennisma
Member since:
2013-12-05

Make your own phone. From easy to make Arduino phone http://www.instructables.com/id/ArduinoPhone/

to a more advanced Rasberry Pi phone.

You can even make your own cell tower with a Rasberry Pi (though it's shit for range). http://www.phonearena.com/news/DIY-enthusiasts-make-their-own-cell-...

Reply Score: 4

RE: Make your own
by smashIt on Thu 13th Mar 2014 23:13 UTC in reply to "Make your own"
smashIt Member since:
2005-07-06

Make your own phone. From easy to make Arduino phone http://www.instructables.com/id/ArduinoPhone/


with these you still have a binary-blob inside the gsm-module

Reply Score: 7

Comment by judgen
by judgen on Fri 14th Mar 2014 04:19 UTC
judgen
Member since:
2006-07-12

"the cornerstone of the modern world" Hahaha bullshit. if it had said "a cornerstone" it might have been more truthful. Words matter.

Reply Score: 3

No.
by Soulbender on Fri 14th Mar 2014 07:19 UTC
Soulbender
Member since:
2005-08-18

the cornerstone of the modern world in both developed and developing regions


How about "no"?

Reply Score: 3

RE: No.
by Kochise on Fri 14th Mar 2014 09:35 UTC in reply to "No."
Kochise Member since:
2006-03-03

Well, if you refeer to the Babylonian mythology, phones... and the Internet, allows people to communicate broadly worldwide, without much limit (if being spyed by the NSA).

So, in a sense, "cornerstone" would quite fit the description, whenever you agree or not.

Travelling fast is another "cornerstone".

Kochise

Reply Score: 2

RE[2]: No.
by Soulbender on Fri 14th Mar 2014 09:48 UTC in reply to "RE: No."
Soulbender Member since:
2005-08-18

"the" cornerstone is very different from "a" cornerstone though. It's even more dubious that it would be the cornerstone in a developing country.

Edited 2014-03-14 09:51 UTC

Reply Score: 3

RE[3]: No.
by gan17 on Fri 14th Mar 2014 10:17 UTC in reply to "RE[2]: No."
gan17 Member since:
2008-06-03

Nutella is obviously the cornerstone.

Reply Score: 2

RE[4]: No.
by Kochise on Fri 14th Mar 2014 13:24 UTC in reply to "RE[3]: No."
Kochise Member since:
2006-03-03

Nope, lolcats...

Kochise

Reply Score: 3

What would be the point of open firmware?
by bassbeast on Sat 15th Mar 2014 14:43 UTC
bassbeast
Member since:
2007-11-11

The airwaves are controlled by the government and big corps that are in bed with the government so having a 100% FOSS phone wouldn't help you one single bit.

As we saw here in the USA a few years back with the AT&T whistleblower they control the backbone...game over,you lose. Once you have control of the backbone a MITM is beyond trivial and even if you encrypt the call they can still gleam enough from the metadata to build a scarily accurate portrait of your life.

The only thing we can really do is accept the fact that anything broadcast, be it over the net or the airwaves, might as well be considered blasted over a megaphone in the town square and treat it as such. The founder of Google wa right, privacy IS dead, we just didn't realize HOW dead it was until all the whistleblowing.

Reply Score: 3

Alfman Member since:
2011-01-28

bassbeast,

"What would be the point of open firmware?"

That's simple, the point of open source in such circumstances would be to increase our confidence that the software running our devices does not have a backdoor.


The airwaves are controlled by the government and big corps that are in bed with the government so having a 100% FOSS phone wouldn't help you one single bit.


I disagree, open source would help security researchers find vulnerabilities regardless of WHO was responsible for them. Heck, having big corps in bed with the government is even more of a reason to have open source because it logically follows that their binary blobs would be even less likely to be trustworthy.

Of significant historical relevance, Microsoft's NSAKEY key was only discovered when MS accidentally released a debug build of their cryptographic code. This "NSAKEY" was allegedly a key the NSA could use to sign their own code and get windows to accept it as a trusted component of windows. MS officially rejected this allegation, however they've never provided any good reason for having named it "NSAKEY", which doesn't leave much to the imagination. In hindsight it seems even more likely that it was a key for the NSA. Regardless of our thoughts on this conspiracy, I think the incident itself makes a pretty compelling case for open source over proprietary blobs. It enables the public to discover what's lurking in the software.

http://www.cnn.com/TECH/computing/9909/03/windows.nsa.02/index.html...


The founder of Google wa right, privacy IS dead, we just didn't realize HOW dead it was until all the whistleblowing.


Maybe, yet it makes google's response to the NSA leaks even more ironic:

"I was shocked that the NSA would do this -- perhaps a violation of law but certainly a violation of mission," Schmidt told CNN.


http://money.cnn.com/2013/11/04/technology/google-nsa-snowden/index...

Perhaps there's an element of hypocrisy at google...

Edited 2014-03-16 07:22 UTC

Reply Score: 3

v 1
by Anonymous on Mon 17th Mar 2014 05:44 UTC
v 1
by Anonymous on Mon 17th Mar 2014 09:56 UTC