[adiusmus]

It sure helps though. And being able to compare source code to binary is good for checking blobs.

No one knows what nasties are hidden in these blobs that run on EVERY phone out there. I’d actually go as far as saying cell phone processing modules are completely insecure. Unlikely to receive updates. Poorly documented. Security standards are likely to be weakly implemented with gaping holes.

As for proof, I’d point at the lack of source code as a starting point. Open source doesn’t guarantee security but it at least lets interested parties try to the degree they want or need to.

[pvg]

As for proof, I’d point at the lack of source code as a starting point.

Much better proof would be frequent exploits through the vectors you consider examples glaring insecurity.

[adiusmus]

Sure. Go and have a look at GSM and friends. I’d say the cellular network in general is routinely being manipulated. The protocols and standards for over-the-air are demonstrably insecure and assuming the actual hardware is also insecure is reasonable as well.

[pvg]

Part of the point of this thread is that 'modern flagship phones' are designed with problems like that in mind. You're the one claiming to have 'proof' they are trivially insecure.

[adiusmus]

I pointed at the lack of source code as a starting point for proof of complete insecurity. I pointed at the ease of the existing protocols in active use as an example of that insecurity. That insecurity is the basis for Stingray fake towers. If you can fake the tower then the cellular modules can’t be much better.

I’m sure various agencies are quite frustrated by their inability to use the cellular modem as an entry point into Apple’s phones. That by itself is another pointer.

I didn’t claim to have proof other than that.

[pvg]

That's proof for the values of proof that include 'innuendo'.

[adiusmus]

You haven’t addressed any of my points to any particular depth. So I’m not sure why you have such faith in this tech.