Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Please. Commercial phones "security model" is to protect themselves from the user, and that's about it. The baseband itself is the main backdoor.


The chips are built to mitigate this now.

And upon reboot, a proper verified boot, as well as Auditor &or Attestation, lets you know, with cryptographic proof, whether your phone's firmware has been compromised by such a piece of hardware.


...and yet they are choke full of spyware.

In the context of a proprietary phone, secure boot and all of that is the new tivoization.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: