[rdl]

The idea is that your "high side" device is a phone, with all your apps, etc. It communicates over a well defined interface (USB seems like the best, but bt or wifi could be adequate given certain considerations) to a fully-functional mifi dongle or whatever which does normal cell/public-wifi/etc. functionality. No compromise of the external cell modem can get at high side data. The current "baseband can DMA your main device" is absurd; security processors (only on iOS and BB and maybe WP, really) help a little, but not enough.

Yes, it is two small boxes right now, but there's no reason you couldn't build a "baseband firewall" which puts baseband in one area, a firewall in between, and the regular phone, with only a well defined open interface in between.

[dobbsbob]

Snapdragon and every other baseband coming out has them on an 'all in one' chip which is application CPU and baseband sharing direct memory. Unless you have a microscope you can't build a hw firewall.

Cryptophone uses an older Samsung to do this but has no SIM protection. The firewall isn't foolproof either it only detects extended use of the baseband cpu without the application cpu being busy then shuts down the device, which makes it a brick open to denial of service.

A hardened Android build is fine for most shady activity and avoiding dragnet surveillance. If you are a drug lord or foreign spy use a laptop or tablet with ostel or silent circle, internal mic removed and running hardened free software, your dongle should have TurboSIM or similar wrapper that can be coded to reject OTA updates and not reply to silent tracking SMS. Marlinespike is also working on a new Whispercore, I have a forensics resistant project, and there is of course Cryptophone GSMK. Is the project you're talking about the build that runs Xen then boots Android in phony isolation because the snapdragon chip can still access memory.

Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data

[rdl]

The idea is you don't use baseband functionality at all in the main high-side device. It can be a PDA, connected over USB to a separate radio. There's no way the radio can do anything particularly evil except if there are implementation bugs over USB (API problems with whatever interface you build between them, most likely), but at least that can be inspected by end users and problems found/fixed.

These highly-integrated devices are basically inimical to decent security.

No (that project was an earlier version of blackphone/geekphone, actually! from what I've heard)

[chillingeffect]

I believe you have the right idea. To isolate audio/message encryption in one box, stream it via IP to cellular (LTE/4G/etc) towers in another box. Then, the customer puts those two boxes into one box.

It could basically be done today with an Android PDA running VoiP app only, connected over wifi to a cellular hotspot in one's pocket. The next evolution would be to replace the wifi with a wired network.

[rdl]

I'm probably going to submit this + some specific privacy/location/etc. protecting services as a turnkey thing to DC/BH 2014. Also looking at a kickstarter for something on the "travel router which isn't a complete piece of crap" front.

[agwa]

I'm curious what you'd like to see in a travel router. Is it mainly the software or hardware you think needs work, or both?

On the software front, I have an OpenWRT image which I think works pretty well for travel which I've been meaning to publish (routes all traffic over an OpenVPN tunnel and can act simultaneously as a WIFI client to the hotel network and as an access point for your own network). The hardware is nothing special (WRT54GL) and it would definitely be nice if it were more portable. I'd love to hear your thoughts and will be looking forward to that kickstarter.

[rdl]

Hardware. USB powered. Dual radio, ideally dual dual band (so 4 radios which can be 1-4 in use). Ethernet port. Probably a USB port for 4g. Ideally a good form factor. Probably no battery, use a USB battery or laptop.

My goal would be to never ever connect my devices to wifi, and run everything through the device.

There are lots of attempts to make current hw work for this, but while you can get close, nothing is good enough IMO. I have the tplink, the belkin, etc with different firmware.

Enough flash and ram to run sane openwrt, and maybe options for a VPN client, and a stretch of Tor. Fitting that within the power budget would be the issue.

[rdl]

The problem with doing wifi weird bridge mode where you are on both networks leads to performance issues on busy networks because you are necessarily on the same channels.

It might be worth giving that up since then existing hardware is usable.

[count]

Have you talked to The Grugq about this? Sounds like a beefed up version of PORTAL: https://github.com/grugq/portal

[rdl]

Yes, I talk to The Grugq a lot, although our relationship does not involve bonds of affection and/or personal obligation, and/or where the I and the foreign national share private time together in a public or private setting where sensitive professional and personal information is discussed or is the target of discussion.

But yeah. Grugq's doing a lot of other cool stuff now too.

[dobbsbob]

I just tried this with a Huawei E1762 (casing removed) and a stripped down dongle. Crammed them both into the back of a Nexus and attached it using the case I have for a Seidio Innocell 3800mAh battery extention.

Activated airplane mode to kill the baseband, PPP widget runs fine on 4.2.2. Success. (kernel module loading not avail Android 4.3+ though obviously can build your own, or get a Moto G with native USB OTG support)

[daxelrod]

> Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data

Do you happen to have a link? That's pretty terrible for anyone with a work phone and a personal phone.

[homunculus]

"Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data"

They, the feds, must be surveilling an awful lot of ordinary citizens because in my day job, delivery driver, I carry two phones. One issued by my company and my personal phone and on days when I'm working with another driver we'd have four phones in one vehicle. I can imagine there are quite a few people who have good reason to carry two phones regularly.

[Digit-Al]

How can having two phones be an indicator that you are up to something? It is extremely common for working professionals to have both a personal mobile and a company mobile these days.

[rdl]

They do really complex analysis of patterns of how phones move, how they're powered up, call history, etc. It's actually really fascinating if you think about it and dig into it a bit, just like being able to largely identify (and sometimes effectively decipher) network traffic through analysis of encrypted message flows.

Just carrying two phones with you isn't the most interesting thing; it's a pair of people who normally have one phone during normal activity, and then at some location turn that phone off and turn on another phone which isn't used for anything except calling the other person briefly and hanging up without saying anything, and then those phones moving closely together, etc.

In my proposed case, there's no actual "second phone" on the cellphone network; your "phone" is a wifi only device which talks to a box which talks over data.

Traffic analysis is one of the things NSA does exceptionally well; the open crypto world is like 5 and maybe NSA is 7, but the open traffic analysis world is more like 2 and NSA is a 9.