Mike Perry: > anonymous coward: >> My special concern is about the baseband CPU. The baseband potentially >> allows full access to the whole system. And the baseband is closed source. >> >> Thus, the baseband is the perfect trojan for "them". I asked a phone >> maker that makes "cryptophones" what they say about the baseband CPU as >> a backdoor. They did not reply to the present day. >> >> If it really is that simply for "them" to break into a smartphone, all >> the security apps are worthlesse. Be it TOR, ChatSecure, TextSecure, >> RedPhone, everything would be crap. "They" could easily steal your >> secret keys and contacts. >> >> Thus, what does the scientific community say about these concerns? > > You may like: > https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy > > It's still not perfect (nothing is), and it's certainly nowhere near > user-friendly yet, but I happen to think it's a step in the right > direction. In case you don't know it yet, you may also read https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor and http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor
So free software matters, e.g. by not implementing risky features. But it is not a guarantee and may only work sometimes, as it depends on the architecture of the phone. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk