Notices


Reply
Thread Tools
Feathers McGraw's Avatar
Posts: 581 | Thanked: 1,948 times | Joined on Jul 2014 @ UK
#81
When did it stop being such a chode? Looks much better now, they must have done some "redesign"

Edit: also, that comparison chart says that pureos "Separates CPU from Cellular Baseband" whereas iOS and Android don't... but that's a hardware feature?!

Last edited by Feathers McGraw; 2017-09-26 at 19:45.
 

The Following User Says Thank You to Feathers McGraw For This Useful Post:
Posts: 1,403 | Thanked: 6,443 times | Joined on Apr 2010 @ Czech Republic
#82
Originally Posted by Feathers McGraw View Post
When did it stop being such a chode? Looks much better now, they must have done some "redesign"

Edit: also, that comparison chart says that pureos "Separates CPU from Cellular Baseband" whereas iOS and Android don't... but that's a hardware feature?!
Well, it can mean a lot of things. AFAIK most current smarpthones have an application CPU where the "normal" OS lives (Sailfish OS/Android/iOS/etc.) and a baseband with its own CPU that runs some totally proprietary RTOS no one really knows much about and which handles all the communication with the cellular network (calling, SMS, data, etc.).

These these CPUs generally communicate with some sort of IPC - for example if the user uses the phone app to start a call, the application CPU tells the baseband CPU to initiate it.

How tightly coupled these two CPUs are can make quite a difference, as you can generally tell what the application CPU is running while the baseband CPU is basically running an unauditable binary blob sitting on an always online wireless connection. IIRC in some cases it even starts first during boot and/or can manipulate content of the main memory without the application CPU knowing about it. Fun and games!

For that reason the Neo 900 project went the way of having a separate baseband module that communicates with the application CPU via clearly defined and easily to audit channel & which can be robustly disabled (by turning it's power supply off).

So it could be the Librem Phone projects wants to do the same thing as Neo 900 (fully separate baseband module). Or they just rephrase the status quo (individual application/baseband CPUs with unclear separation) in a positive way - and I would not discount that given that the whole project seems to be a bit marketing heavy and fact light.
__________________
modRana: a flexible GPS navigation system
Mieru: a flexible manga and comic book reader

Thanks to everyone who voted for modRana & Mieru in the Maemo.org coding competition !
 

The Following 8 Users Say Thank You to MartinK For This Useful Post:
mikecomputing's Avatar
Posts: 3,387 | Thanked: 4,679 times | Joined on Feb 2010 @ Gothenburg in Sweden
#83
What we know is the arm choosed has no cellular built in The core sock so they have to use Telia/ublox or similar all those modules has almost alwaus an interna closed firmware.

I doubt even neo900 is full Open modem firmware....
__________________
Go librem

telegram @mike7b4
mastodon.social @mike7b4

Last edited by mikecomputing; 2017-09-27 at 20:19.
 

The Following 3 Users Say Thank You to mikecomputing For This Useful Post:
Venemo's Avatar
Posts: 1,287 | Thanked: 1,730 times | Joined on Aug 2009 @ Budapest, Hungary
#84
Cellular modems are so complicated that they require their own ARM processor. Whatever code runs on this core is closed-source and proprietary.

In order to improve general system performance, some SoC vendors chose to include the modem in the SoC itself. So basically there is yet another ARM core in the SoC which is dedicated to running the cellular modem. This core runs a closed-source blob and is unavailable to the operating system.

This thight integration raises some concerns for some people:
  • the audio signal is routed directly into the modem, without any intervention from the main CPU, which leads to some people believing that the modem can always "listen in" to you, even when you are not in a phone call
  • the main processor communicates with the modem's ARM core via shared memory, so the modem can access the main memory, so some people believe that the modem can "steal your data" by copying arbitrary stuff from your RAM
  • since the modem is on the same chip and powered via the same power pins, some people also think that there is no reliable way to power down the modem entirely, so it can "spy" on you even when you think it's in offline mode
  • since the modem runs closed-source software, some people believe that it is of bad quality and suspect to "backdoors" (and is not auditable by independent researchers)

Whether or not these concerns are valid (or even feasible technically) or not is anybody's guess. I'm not saying you should go paranoid about this, but these are the main concerns that are raised with regards to this.

So these people who are designing "privacy-protecting" devices generally use a SoC with a non-integrated modem, which allows greater control over the modem in case it becomes "malicious". So they sacrifice some PCB area and make some trade-off to give you this additional control.

EDIT 1: practically all modern smartphones have a SoC which has the modem built-in. Not sury why Purism sells this as a software feature, though, when clearly it isn't.

EDIT 2: according to some trivia, Nokia figured out how to run the modem and their OS on the same one ARM core, which is why their low-end phones were so cheap (because they needed one fewer CPU core at a time when this meant saving a significant cost).

Last edited by Venemo; 2017-09-27 at 11:55.
 

The Following 11 Users Say Thank You to Venemo For This Useful Post:
Feathers McGraw's Avatar
Posts: 581 | Thanked: 1,948 times | Joined on Jul 2014 @ UK
#85
Originally Posted by MartinK View Post
Well, it can mean a lot of things. AFAIK most current smarpthones have an application CPU where the "normal" OS lives (Sailfish OS/Android/iOS/etc.) and a baseband with its own CPU that runs some totally proprietary RTOS no one really knows much about and which handles all the communication with the cellular network (calling, SMS, data, etc.).

These these CPUs generally communicate with some sort of IPC - for example if the user uses the phone app to start a call, the application CPU tells the baseband CPU to initiate it.

How tightly coupled these two CPUs are can make quite a difference, as you can generally tell what the application CPU is running while the baseband CPU is basically running an unauditable binary blob sitting on an always online wireless connection. IIRC in some cases it even starts first during boot and/or can manipulate content of the main memory without the application CPU knowing about it. Fun and games!

For that reason the Neo 900 project went the way of having a separate baseband module that communicates with the application CPU via clearly defined and easily to audit channel & which can be robustly disabled (by turning it's power supply off).

So it could be the Librem Phone projects wants to do the same thing as Neo 900 (fully separate baseband module). Or they just rephrase the status quo (individual application/baseband CPUs with unclear separation) in a positive way - and I would not discount that given that the whole project seems to be a bit marketing heavy and fact light.
Yeah I get that, and it's one of the reasons why I was interested in the neo900, but isn't the problem that the baseband CPU can read/shares memory with the application CPU. Separating them requires separate memory for the two CPUs... which is a hardware feature, that you can't just implement in an OS.

From http://neo900.org/faq#floss
Unlike some other smartphones do, Neo900 won't share system RAM with the modem and system CPU will always have full control over the microphone signal sent to the modem. You can think of it as a USB dongle connected to the PC, with you in full control over the drivers, with a virtual LED to show any modem activity
 

The Following 2 Users Say Thank You to Feathers McGraw For This Useful Post:
wicket's Avatar
Posts: 526 | Thanked: 2,462 times | Joined on May 2010 @ Colombia
#86
I wouldn't advertise it as a feature at all. Separating the modem from the SoC doesn't guarantee anything. They claim that the Librem 5 is the phone that "focuses on security by design and privacy protection by default" but in reality the Neo900, with its sandboxed modem design, would be by far the better option in this category. There's so much to like about the Librem 5 but their false claims are annoying and don't inspire me with any confidence that they are competent enough to deliver.
__________________
DebiaN900 - Native Debian on the N900.

Mobile devices with mainline Linux support - Help needed with documentation.

"Those who do not understand Unix are condemned to reinvent it, poorly." - Henry Spencer
 

The Following 4 Users Say Thank You to wicket For This Useful Post:
Venemo's Avatar
Posts: 1,287 | Thanked: 1,730 times | Joined on Aug 2009 @ Budapest, Hungary
#87
Originally Posted by wicket View Post
I wouldn't advertise it as a feature at all. Separating the modem from the SoC doesn't guarantee anything. They claim that the Librem 5 is the phone that "focuses on security by design and privacy protection by default" but in reality the Neo900, with its sandboxed modem design, would be by far the better option in this category. There's so much to like about the Librem 5 but their false claims are annoying and don't inspire me with any confidence that they are competent enough to deliver.
I think the Librem 5 will employ the same idea as the Neo900
 

The Following 4 Users Say Thank You to Venemo For This Useful Post:
Posts: 232 | Thanked: 978 times | Joined on Oct 2013 @ France
#88
Originally Posted by wicket View Post
They claim that the Librem 5 is the phone that "focuses on security by design and privacy protection by default" but in reality the Neo900, with its sandboxed modem design, would be by far the better option in this category.
Do you have details on the librem5 implementation to back those claims ?
I didn't find much on this, except that the iMx6/8 doesn't exist with integrated baseband, so it will by design be separated. I don't think the memory bus of the iMx6/8 can be shared (in the idea that there are 2 chips reading/writing on the same RAM), so it would need its own memory. At this point, we are close to the Neo900 design, and the attack surface reduced a lot compared to standard phones.
The remaining things not clear is if they went with a hardware way to monitor and power down the baseband, and how the audio input is connected to it ?
 

The Following 4 Users Say Thank You to Zeta For This Useful Post:
wicket's Avatar
Posts: 526 | Thanked: 2,462 times | Joined on May 2010 @ Colombia
#89
Originally Posted by Venemo View Post
I think the Librem 5 will employ the same idea as the Neo900
I hope so, but they don't mention anything about a sandboxing and monitoring the baseband on their campaign. If they are going to do this, it's kind of a big feature to leave out of the product description.

Originally Posted by Zeta View Post
Do you have details on the librem5 implementation to back those claims ?
I didn't find much on this, except that the iMx6/8 doesn't exist with integrated baseband, so it will by design be separated. I don't think the memory bus of the iMx6/8 can be shared (in the idea that there are 2 chips reading/writing on the same RAM), so it would need its own memory. At this point, we are close to the Neo900 design, and the attack surface reduced a lot compared to standard phones.
The remaining things not clear is if they went with a hardware way to monitor and power down the baseband, and how the audio input is connected to it ?
The Neo900 design documents and Git repos are all shared publicly.

The baseband is a big proprietary black box. We have no idea what goes on inside of it. If privacy was my top concern, I'd feel much safer with a device that has a sandboxed baseband than one that doesn't.
__________________
DebiaN900 - Native Debian on the N900.

Mobile devices with mainline Linux support - Help needed with documentation.

"Those who do not understand Unix are condemned to reinvent it, poorly." - Henry Spencer
 

The Following 5 Users Say Thank You to wicket For This Useful Post:
Venemo's Avatar
Posts: 1,287 | Thanked: 1,730 times | Joined on Aug 2009 @ Budapest, Hungary
#90
Originally Posted by wicket View Post
The baseband is a big proprietary black box. We have no idea what goes on inside of it. If privacy was my top concern, I'd feel much safer with a device that has a sandboxed baseband than one that doesn't.
The "sandbox" means:
  1. The modem does not access system memory
  2. Power input of the modem is controlled by the application processor
  3. Audio input of the modem is controlled by the application processor

The above points are effective solved by having a separate module or chip for the modem and only communicating with it via a simple serial port. Plus, adding a switch to its power supply and audio.

However, some people are even more paranoid and add an RF switch between the modem and the antenna, "just to be sure".

Not sure how far the Neo900 and the Purism go with this, though. (Neo900 had a detailed doc somewhere but I can't find it now.)
 

The Following 5 Users Say Thank You to Venemo For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 23:35.