[dobbsbob]

Snapdragon and every other baseband coming out has them on an 'all in one' chip which is application CPU and baseband sharing direct memory. Unless you have a microscope you can't build a hw firewall.

Cryptophone uses an older Samsung to do this but has no SIM protection. The firewall isn't foolproof either it only detects extended use of the baseband cpu without the application cpu being busy then shuts down the device, which makes it a brick open to denial of service.

A hardened Android build is fine for most shady activity and avoiding dragnet surveillance. If you are a drug lord or foreign spy use a laptop or tablet with ostel or silent circle, internal mic removed and running hardened free software, your dongle should have TurboSIM or similar wrapper that can be coded to reject OTA updates and not reply to silent tracking SMS. Marlinespike is also working on a new Whispercore, I have a forensics resistant project, and there is of course Cryptophone GSMK. Is the project you're talking about the build that runs Xen then boots Android in phony isolation because the snapdragon chip can still access memory.

Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data

[rdl]

The idea is you don't use baseband functionality at all in the main high-side device. It can be a PDA, connected over USB to a separate radio. There's no way the radio can do anything particularly evil except if there are implementation bugs over USB (API problems with whatever interface you build between them, most likely), but at least that can be inspected by end users and problems found/fixed.

These highly-integrated devices are basically inimical to decent security.

No (that project was an earlier version of blackphone/geekphone, actually! from what I've heard)

[chillingeffect]

I believe you have the right idea. To isolate audio/message encryption in one box, stream it via IP to cellular (LTE/4G/etc) towers in another box. Then, the customer puts those two boxes into one box.

It could basically be done today with an Android PDA running VoiP app only, connected over wifi to a cellular hotspot in one's pocket. The next evolution would be to replace the wifi with a wired network.

[rdl]

I'm probably going to submit this + some specific privacy/location/etc. protecting services as a turnkey thing to DC/BH 2014. Also looking at a kickstarter for something on the "travel router which isn't a complete piece of crap" front.

[agwa]

I'm curious what you'd like to see in a travel router. Is it mainly the software or hardware you think needs work, or both?

On the software front, I have an OpenWRT image which I think works pretty well for travel which I've been meaning to publish (routes all traffic over an OpenVPN tunnel and can act simultaneously as a WIFI client to the hotel network and as an access point for your own network). The hardware is nothing special (WRT54GL) and it would definitely be nice if it were more portable. I'd love to hear your thoughts and will be looking forward to that kickstarter.

[rdl]

Hardware. USB powered. Dual radio, ideally dual dual band (so 4 radios which can be 1-4 in use). Ethernet port. Probably a USB port for 4g. Ideally a good form factor. Probably no battery, use a USB battery or laptop.

My goal would be to never ever connect my devices to wifi, and run everything through the device.

There are lots of attempts to make current hw work for this, but while you can get close, nothing is good enough IMO. I have the tplink, the belkin, etc with different firmware.

Enough flash and ram to run sane openwrt, and maybe options for a VPN client, and a stretch of Tor. Fitting that within the power budget would be the issue.

[agwa]

Thanks.

Yes, it sounds like it will be challenging to fit everything in the power budget. Do you think there's a need to use this on battery power? Won't most people be using it in a hotel room? A wall wart that's compact and dual-voltage would work for me and would provide much more power than USB.

I'll also put in a pitch for at least two Ethernet ports, so you can use one for connecting to the hotel and another for your LAN, in case WIFI's not cutting it or you need to connect a non-WIFI device (in my case, a VoIP phone).

One usability problem which has vexed me is that most hotels force you through a captive portal, which doesn't work if you're routing all traffic over a VPN. (Some even make you do it every 24 hours!) My latest solution is a special Ethernet port that's on a separate subnet which isn't routed over the VPN. You use that for going through the captive portal and then you switch over to WIFI or another Ethernet port. I think a hardware switch to turn the VPN on and off would also be a good solution.

[rdl]

There are also software features missing on current devices, especially in stock firmware. A really good firewall, VPN client, and other security tools would be nice. Central enterprise management and/or managed service as an option would also be wonderful. My main goal is execs who travel to China regularly.

[dobbsbob]

For a portable firewall/router, I use a cubieboard running OpenBSD. It has a USB to DC cable that powers the device (no hdd attached) and runs LTE sticks fine. Costs $50 and runs a complete install to run Tor or whatever you want. Right now I have it running pf filtered VLANs to segregate devices, an authenticated AES wireless hotspot and Jondonym mix, which I tunnel all traffic through including Tor and i2p traffic. That way the local wireless carrier who you're using doesn't see any tor traffic.

[rdl]

The problem with doing wifi weird bridge mode where you are on both networks leads to performance issues on busy networks because you are necessarily on the same channels.

It might be worth giving that up since then existing hardware is usable.

[agwa]

Yeah, it's definitely suboptimal but it seems to work. If it's easy to have a second radio then you should probably have one. On the other hand, urban areas are usually so saturated with access points that using a separate channel might not gain you much.

[count]

Have you talked to The Grugq about this? Sounds like a beefed up version of PORTAL: https://github.com/grugq/portal

[rdl]

Yes, I talk to The Grugq a lot, although our relationship does not involve bonds of affection and/or personal obligation, and/or where the I and the foreign national share private time together in a public or private setting where sensitive professional and personal information is discussed or is the target of discussion.

But yeah. Grugq's doing a lot of other cool stuff now too.

[dobbsbob]

I just tried this with a Huawei E1762 (casing removed) and a stripped down dongle. Crammed them both into the back of a Nexus and attached it using the case I have for a Seidio Innocell 3800mAh battery extention.

Activated airplane mode to kill the baseband, PPP widget runs fine on 4.2.2. Success. (kernel module loading not avail Android 4.3+ though obviously can build your own, or get a Moto G with native USB OTG support)

[daxelrod]

> Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data

Do you happen to have a link? That's pretty terrible for anyone with a work phone and a personal phone.

[homunculus]

"Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data"

They, the feds, must be surveilling an awful lot of ordinary citizens because in my day job, delivery driver, I carry two phones. One issued by my company and my personal phone and on days when I'm working with another driver we'd have four phones in one vehicle. I can imagine there are quite a few people who have good reason to carry two phones regularly.

[Digit-Al]

How can having two phones be an indicator that you are up to something? It is extremely common for working professionals to have both a personal mobile and a company mobile these days.

[rdl]

They do really complex analysis of patterns of how phones move, how they're powered up, call history, etc. It's actually really fascinating if you think about it and dig into it a bit, just like being able to largely identify (and sometimes effectively decipher) network traffic through analysis of encrypted message flows.

Just carrying two phones with you isn't the most interesting thing; it's a pair of people who normally have one phone during normal activity, and then at some location turn that phone off and turn on another phone which isn't used for anything except calling the other person briefly and hanging up without saying anything, and then those phones moving closely together, etc.

In my proposed case, there's no actual "second phone" on the cellphone network; your "phone" is a wifi only device which talks to a box which talks over data.

Traffic analysis is one of the things NSA does exceptionally well; the open crypto world is like 5 and maybe NSA is 7, but the open traffic analysis world is more like 2 and NSA is a 9.