Hacker News new | ask | show | jobs
by logicallee 2336 days ago
I don't know but I find the structure of the post pretty hilarious.

Basically the post says that the PinePhone mobile phone is, with the exception of the "mobile phone" part, a completely open source mobile phone.

It's just a funny way to write the post. If you remove the mobile phone part it's not a mobile phone. It's like saying a cake is, with the exception of the cake part, completely vegan.
3 comments
Piskvorrr 2336 days ago
If it were a feature phone, this would be an accurate summary. For a smartphone, calling is a minority usage (an actual issue with the modem, sure) and network access is assumed over a hostile link anyway; does it matter if it's hostile at hop 1 or hop 2, if the modem is not a privileged part of the system?
link
RL_Quine 2336 days ago
Right. We're just moving the DMZ, and that's for a lot of cases totally fine. Rather than how people would assume it works like this.

    CPU -> LTE Modem || DMZ || Cellphone Provider
We have this for the Pinephone.

    CPU || DMZ || LTE Modem -> Cellphone Provider
This is fine.

Remember that in the first model, and in most typical phones, the LTE Modem have above root access to the CPU through DMA. The exception is some more modern devices like the iPhone, which give the modem a specific sandbox device to DMA into that's not the actual processor.

link
my123 2336 days ago
On the iPhone, the modem has always been on a separate chip.
link
detaro 2336 days ago
separate chip doesn't tell you anything about the security model.
link
my123 2336 days ago
It was USB/HSIC and then switched over to PCIe with IOMMU.
link
mirimir 2336 days ago
Right, regardless of chip configuration, modern phones use IOMMU for isolation. Arguably the main advantage of the PinePhone and Librem 5 is the kill switches.
link
numpad0 2336 days ago
An FBI tracker under your car is not a privileged part of your car
link
throwaway41597 2336 days ago
Could it be made less bad if you could turn the tracker off (switch to airplane mode by physically removing power from the modem) any time you want?

It'd be nice if the PinePhone supported this.

link
mirimir 2336 days ago
Both the PinePhone and Librem 5 have physical kill switches for the modems.
link
Piskvorrr 2336 days ago
I do not follow the car analogy, please explain.
link
lvh 2336 days ago
Not GP: but I assume the answer is "because GPS is in the modem, the closed source untrusted part could still be actively disclosing your location".
link
lallysingh 2336 days ago
.. But the modem itself is broadcasting it's identity to multiple radio receivers. Is there enough of a difference wrt GPS positioning for the distinction to matter?
link
lvh 2335 days ago
Sure, I agree it’s subtle. But it is: a) much higher resolution b) potentially to a specific third party who may not have access to cell network data. Like, say, an angry ex-spouse.
link
Piskvorrr 2336 days ago
Aha! That is a valid concern indeed. Lesser than the usual "baseband has full access to whole system", but still significant.
link
lvh 2336 days ago
There are two reasons for wanting an open source phone: safety and hackability. Yes, the actual modem part isn't hackable, but they did do a good job (as do iPhones!) of segregating the closed source part so at least you don't have to worry about it remotely popping the actual phone OS. (nitpicking about "the modem is the real phone" not withstanding)
link
throwaway2048 2336 days ago
If you remove the CPU its not a mobile phone either.
link