Hi Bastien,
On 23.06.2015 22:59, Bastien wrote:
So I am curious about how the Ubuntu phones are wired, what SoC they
use, and the security strategy, the BQ as well as the Meizu.
To make it short: all currently available phones (bq Aquaris E4.5/E5,
Meizu MX4) are just "normal" Android phones based on 32-bit MediaTek
SoCs. This means that the Baseband is part of the SoC and has direct
access to all peripherials and all memory, and the system has to use the
same binary blob drivers that Android uses. The first bootloader stage,
which initializes the core hardware, is burned into an internal ROM
inside the SoC and (AFAIK) unknown.
The security strategy is to protect the user against malicious apps, but
there is no protection against malicious baseband/firmware/driver
activity. It's simply not possible. There is no open 4G-capable baseband
out there, and we don't have open drivers for most of the phone hardware
present in Ubuntu phones.
The Blackphone is actually not a good example as well, it uses binary
blob drivers. The most secure hardware concept I know of is the Neo900,
it goes to great lengths to separate and confine all hardware,
especially the baseband. It can be used with 100% FOSS software, if you
don't need 3D acceleration, because that would require a binary blob,
and the GPU has full access to memory again...
cheers,
Simon