Hi Bastien,
On 23.06.2015 22:59, Bastien wrote: > So I am curious about how the Ubuntu phones are wired, what SoC they > use, and the security strategy, the BQ as well as the Meizu. To make it short: all currently available phones (bq Aquaris E4.5/E5, Meizu MX4) are just "normal" Android phones based on 32-bit MediaTek SoCs. This means that the Baseband is part of the SoC and has direct access to all peripherials and all memory, and the system has to use the same binary blob drivers that Android uses. The first bootloader stage, which initializes the core hardware, is burned into an internal ROM inside the SoC and (AFAIK) unknown. The security strategy is to protect the user against malicious apps, but there is no protection against malicious baseband/firmware/driver activity. It's simply not possible. There is no open 4G-capable baseband out there, and we don't have open drivers for most of the phone hardware present in Ubuntu phones. The Blackphone is actually not a good example as well, it uses binary blob drivers. The most secure hardware concept I know of is the Neo900, it goes to great lengths to separate and confine all hardware, especially the baseband. It can be used with 100% FOSS software, if you don't need 3D acceleration, because that would require a binary blob, and the GPU has full access to memory again... cheers, Simon -- Mailing list: https://launchpad.net/~ubuntu-phone Post to : ubuntu-phone@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
