:: Re: [DNG] TALOS 2 - The Libre Owner…
Top Page
Delete this message
Reply to this message
Author: Enrico Weigelt, metux IT consult
Date:  
To: dng
Subject: Re: [DNG] TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server
On 31.08.2017 20:07, Rick Moen wrote:

> Having the i.MX6 ori.MX8 CPU 'separate' from the baseband controller


Does it have to be an mx6 ? okay, open gpu drivers, but perhaps a little
bit expensive and produces a lot heat.

> (a term on which they have not yet elaborated), but the latter remains
> deeply problematic, being a proprietary black box with proprietary,
> opaque firmware.


#1: isolate them as much as we can, power on only if required, no direct
     connections to other vital devices, eg. main memory, storage, ports,
     mic, etc - for some interfaces eg. i2s we could even add an extra
     tamper detection (when baseband attempts to read audio stream)
     or just inject fake data when no actual call is running (w/
     cell calls you can safely assume being wiretapped)
#2: reverse engineer the firmware and find leaks for the time we need
     to strike
#3: write our own open firmware (that might also be useful for existing
     phones out in the wild - maybe even roll out via a virus)


> The WiFi and Bluetooth chips and firmware are apparently also black
> boxes.


Don't let them do the encryption part, just let them be dumb switches,
until we have our own firmware.

> https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy


They suggest firefox ... recent versions (at least since 52) have
built-in malware. I've already removed larged parts of it (yet
very experimental and untested) - still need a strategy to align
w/ upstream.

MSF has already made it perfectly clear they'll never accept any patches
for that and continue their path (already threatened me personally)


--mtx