[pvg]

Having nothing at all to go by except for the platform's documentation and if we're lucky a pinky promise

We have way, way, way more than that. Both the GP and you are arguing about the security deficiencies of modern phones as you've imagined them, rather than as they are but that gap is trivial to close with relatively little reading.

[DaiPlusPlus]

> you are arguing about the security deficiencies of modern phones as you've imagined them, rather than as they are

I appreciate the strength of your conviction - but I'm not an phone industry insider, and have no access to the kinds of reading-material I assume you're pointing to - for example, Qualcomm put their docs behind a verify-your-employer-wall (which is outrageous): https://www.qualcomm.com/products/technology/modems/snapdrag...

...if Qualcomm's attitude towards openness and transparency is representative of the mobile comms industry in general then they have little hope of correcting any misinformation or misconceptions other technology folk like ourselves might have, let alone the general public.

[pvg]

No, this doesn't require access to internal documentation of anything, just googling a little. Like the sibling comment points out, the whole baseband thing is a bit of a messageboard trope and has been for about decade. This is one of these things you can sort of guess from first principles! I.e. how likely is it that this well-known problem (the potential security implications of DMA/memory mapped peripherals) has remained completely unmitigated and unaddressed by smartphone designers for 10+ years?

[DaiPlusPlus]

Can we have an IM conversation about this? If so, is StackOverflow Chat okay and at what time?