- Files: GIF, JPG, PNG, Maximum:5000 KB, Thumbnails: 400x400 pixels
- Currently 1666 unique user posts. View catalogue
[ Return ] [ Entire Thread ] [ First 100 posts ] [ Last 50 posts ]
Posting mode: Reply [Last 50 posts][ Reply ]
72 posts omitted. Last 50 posts shown.
Expand all images.
|>>|| No. 24774
So my Three contract (24m One Plan at £33.50pm) is finally bloody ending and I'd rather not keep paying for this lacklustre Galaxy S4. It's caused me more bother than good.
Do any of you chaps have recommendations for a more modern handset, perhaps on contract at a lesser price? Stock Android is a bonus. Expandable memory is a must.
|>>|| No. 25820
You don't even need some rouge factory or whatever to do the hardware modifications in some cases. Mediatek (a huge company who make SOCs for a bunch of Chinese budget phone manufacturers) shipped a chip with debugging tools which allowed attackers to gain root access.
|>>|| No. 25821
Ok, now I realise that I'm dealing with a moron.
Regardless, the link included reinforces my point; hardware level backdoors (whether of a level of complexity that I described or of a HIGHER complexity as is shown in the provided link) are used in highly targeted operations and not mass distributed in consumer devices.
Both of these would be completely removed by unlocking the bootloader and flashing a new OS over the top exactly as I originally suggested.
Rage and sage for steam from my ears.
|>>|| No. 25822
>Both of these would be completely removed by unlocking the bootloader and flashing a new OS over the top exactly as I originally suggested.
And, again, then you'd have to hope that whoever made the new OS didn't use compromised portions of the original in writing it, and that they're not incompetent or malicious enough to introduce too many new ones!
|>>|| No. 25823
>Ok, now I realise that I'm dealing with a moron.
The document I linked to describes a highly indiscriminate attack. The Microsemi ProASIC3 is not a particularly specialised chip. It's a common, versatile and relatively low-cost logic array that goes into all sorts of low-volume production hardware. Digikey and Mouser have reels of them in stock - you can buy one online for about a fiver.
The researchers found that someone had interfered with the production process of this chip to subvert the security of every single chip coming off the production line. You can't insert a backdoor in one chip, it's physically impossible. You tamper with the HDL used to produce the maskset, embedding the backdoor in every chip.
Now consider the SoCs and baseband processors used in modern phones. They have a transistor count in the millions. They use intellectual property provided by many different companies. They're complex enough as to be essentially impossible to audit, even in the early stages of development. They're produced by one of a handful of companies, all based within spitting distance of each other in Taiwan and Shenzhen. The behaviour of a chip is essentially opaque, because you can only see what the designer chooses to expose via JTAG or what you can figure out with an electron microscope and a vat of boiling nitric acid.
The NSA spends hundreds of millions of dollars on BULLRUN, a program designed solely to embed vulnerabilities in commercial products. Their core operational strategy is to collect everything, everywhere then sift through it to find their targets. They put optical taps on undersea cables, their listening sites capture everything from DC to daylight, they monitor every phone line in the developed world. What are the odds that they haven't bribed an ARM partner to embed some dodgy logic in an IP block, that they don't have a man on the inside at Gemalto or Qualcomm, that they haven't used some classified bit of pure maths to tamper with the Verilog standards?
|>>|| No. 25824
> The NSA spends hundreds of millions of dollars on BULLRUN, a program designed solely to embed vulnerabilities in commercial products. Their core operational strategy is to collect everything, everywhere then sift through it to find their targets. They put optical taps on undersea cables, their listening sites capture everything from DC to daylight, they monitor every phone line in the developed world. What are the odds that they haven't bribed an ARM partner to embed some dodgy logic in an IP block, that they don't have a man on the inside at Gemalto or Qualcomm, that they haven't used some classified bit of pure maths to tamper with the Verilog standards?
You're right, but none of that makes a Chinaphone any more or less secure or insecure than any commercial computer or smartphone, which was the whole point of my original umbrage with post >>25807.
Likewise, if you think CyanogenMod or CopperheadOS is inherently less secure than vanilla Android or whatever bullshit an OEM decided to flash on their phones then you're utterly wrong.
|>>|| No. 25825
>none of that makes a Chinaphone any more or less secure or insecure than any commercial computer or smartphone
Yes, it does, because we're talking about speculative backdoors vs backdoors which we absolutely know exist and are routinely found by white hat researchers with no profit motive.
|>>|| No. 25826
I've personally found obvious bugdoors in default Android libraries, there is no speculation here.
|>>|| No. 25828
>The researchers found that someone had interfered with the production process of this chip to subvert the security of every single chip coming off the production line. You can't insert a backdoor in one chip, it's physically impossible. You tamper with the HDL used to produce the maskset, embedding the backdoor in every chip.
Hang on a minute - where is this asserted to be anything than an Actel debug channel? Ill advised, certainly, but I don't see a third party being involved. (And I actually paid those guys to crack a chip, for commercial reasons. We had the rights, but not the source. It was interesting.)
|>>|| No. 25829
The way I see it: China is far away and can't do anything to me. I live in the UK, and the spooks here can put me in a gym bag. So the best option is the Chinese phone.
|>>|| No. 25830
Western spooks are going to get their hands on your data anyway if you're using western networks. It isn't either/or, it's one or both.
And the people exploiting the holes left in the security by Chinese manufacturers most certainly can do plenty to you.
|>>|| No. 25838
The idea that Chinese spooks watching me is better than American spooks watching me.
|>>|| No. 25839
And NSA/GCHQ can watch you either way. As I said, it's not either/or, it's one or both.
The myriad backdoors discovered by people with nothing like the resources of a state show that "spooks" are the least of your worries with Chinese phones, in any case.
|>>|| No. 25840
They can have as many back doors for the Chinese spooks to exploit for all I care. I care about here. So... Better safe than sorry, lad.
|>>|| No. 25841
The point is that regardless of who they're "for", they're poorly implemented enough that researchers looking for them often find and disclose them, meaning you can guarantee people with less benevolent goals finding them and keeping the news to themselves so they can collect and sell on data or use payment information themselves.
And on top of that, you're using networks operated by companies which are wholly willing to co-operate fully with the spooks "here".
So you're not "safe", quite the opposite.
|>>|| No. 25842
The more people that have access to it, the better. It is not really a secret if everyone knows now, is it? Better safe than sorry, mate.
|>>|| No. 25843
In that case, let's make sure your card details are safe. Just tell us the long number on the front, your name as it appears, the expiry date and the three digits on the back. Better safe than sorry, innit.
|>>|| No. 25845
But if you don't tell us your details, how are we supposed to recognise them as yours when we see them? You'll be sorry then, m7.
|>>|| No. 25846
No mate, if you take millions more details plus mine, then is it okay. Better safe than sorry, right?
|>>|| No. 25847
You know what they say. A journey of a million miles starts with a single step. Now hurry, before the Chinese get their hands on them, otherwise you'll be paying for all sorts of crazy fetish porn without even getting to see it.
|>>|| No. 25848
No mate, you should do it all in one go, not one by one. Better safe than sorry.
|>>|| No. 25850
The only information I have been able to glean from this thread is that it is indubitably better to be safe than to be sorry.
A lesson well learned, thanks everyone.
|>>|| No. 25960
So what's the best value for money smartphone knocking on the market thesedays?
|>>|| No. 25962
Amazing, cheers. Just ordered the Redmi 4x - looks like it has similar specs to an iPhone 7 in a £100 phone, fucking hell. Hope the delivery time won't be too ridiculous.
|>>|| No. 25975
If you want my advice OP I think you should avoid Chinese phones.
|>>|| No. 25979
All the ones with Hauwei chipsets are well known to be backdoor-d to fuck. They have AT commands that allow you to turn on the microphone or camera, without any indication, for instance.
|>>|| No. 25981
That's an anti-Chinese myth.
Anyway, I'd rather the Chinese than Theresa knowing what kind of porn I watch.
|>>|| No. 25985
As has been addressed previously, there are numerous examples of popular imported handsets from China having backdoors identified and exploited by researchers. It's not just "the Chinese" who have access to your information, it's anyone with the knowledge and incentive.
[ Return ] [ Entire Thread ] [ First 100 posts ] [ Last 50 posts ]