Mission Impossible: Hardening Android for Security and Privacy

Unless there is an open baseband chipset, there is <i>nothing</i> that tor, or anyone else, can do to secure an android phone[1].<p>Depending on the implementation of the SOC, etc., the baseband chipset, which can be controlled over the air by your carrier (independently of the computer you&#x27;re holding in your hand) can have full DMA access to the phone.<p>Read that again: the carrier, through special over the air interfaces that you cannot be a part of, can control your entire phones memory - reading and writing bit by bit any piece they want. There&#x27;s no software, or OS, that will save you on a device like that.<p>Note that not all baseband chipsets are quite as dangerous, but they&#x27;re all a closed source, third-party controlled device-within-a-device that is run over an out of band interface that you can&#x27;t control.<p>[1] ... or any other phone ...

If you like this, you&#x27;ll also like Peter Stuge&#x27;s 30c3 talk: Hardening hardware and choosing a #goodBIOS<p>&quot;A commodity laptop is analyzed to identify exposed attack surfaces and is then secured on both the hardware and the firmware level against permanent modifications by malicious software as well as quick drive-by hardware attacks by evil maids, ensuring that the machine always powers up to a known good state and significantly raising the bar for an attacker who wants to use the machine against its owner.&quot;<p><a href="http://media.ccc.de/browse/congress/2013/30C3_-_5529_-_en_-_saal_2_-_201312271830_-_hardening_hardware_and_choosing_a_goodbios_-_peter_stuge.html" rel="nofollow">http:&#x2F;&#x2F;media.ccc.de&#x2F;browse&#x2F;congress&#x2F;2013&#x2F;30C3_-_5529_-_en_-_...</a><p>And this is the best blog post I know of on the above:<p><a href="https://blog.patternsinthevoid.net/replacing-a-thinkpad-x60-bootflash-chip.html" rel="nofollow">https:&#x2F;&#x2F;blog.patternsinthevoid.net&#x2F;replacing-a-thinkpad-x60-...</a>

100+ steps are needed to add some privacy to Android.<p>Impressive work and I&#x27;m eager to try this out on a rainy day. Hopefully this will become easier and realistic for many more people soon to have.