Full Disclosure mailing list archives
Re: "the Fairphone is fatally flawed for security"
From: coderman <coderman () gmail com>
Date: Sat, 4 Jan 2014 22:28:38 -0800
On Sat, Jan 4, 2014 at 6:55 PM, Bernhard Kuemel <bernhard () bksys at> wrote:
"... the modem is ... poorly ... isolated from the rest of the platform and could access critical components such as storage, RAM, GPS and audio (microphone) of the device" Can you tell me what attack vectors might exploit this vulnerability?
baseband attack (remote injection, carrier cooperation, other vector) leads to -> bus access leads to -> storage, RAM, GPS and audio, etc. baseband vulnerabilities are difficult to identify and weaponize, but growing ever more pervasive. see also these QUANTUMINSERTs: "30C3 Baseband Exploitation in 2013" http://www.youtube.com/watch?v=_5DqsPCCtiI _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- "the Fairphone is fatally flawed for security" Bernhard Kuemel (Jan 04)
- Re: "the Fairphone is fatally flawed for security" coderman (Jan 04)