www. O S N E W S .com
News Features Interviews
BlogContact Editorials

There are no secure smartphones
By Thom Holwerda on 2016-01-15 10:09:06

So long as basebands are not audited, and smartphones do not possess IOMMUs and have their operating systems configure them in a way that effectively mitigates the threat, no smartphone can be trusted for the integrity or confidentiality of any data it processes.

This being the case, the quest for "secure" phones and "secure" communications applications is rather bizarre. There are only two possible roads to a secure phone: auditing baseband or using an IOMMU. There can't even begin to be a discussion on secure communications applications until the security of the hardware is established.

I've written about this a long time ago, and it remains true today. Your phone is not secure, by definition, regardless of platform. Governments should legally demand phone manufacturers to fully publish all source code to the baseband chips they use, or be barred from sales. Mobile phone networks have become a crucial pillar of our society, and as citizens, we have the right to know what's going on in baseband chips.

Of course, that's not going to happen - governments benefit from the inherent lack of any form of security in our mobile phone network - but one can dream.

16  Comments - Printer friendly - Related stories
Recent related stories
- Sailfish OS 2.1.1 released - 2017-08-29
- Librem 5: a security and privacy focused GNU/Linux smartphone - 2017-08-24
- "The best phone you can buy right now" - 2017-08-07
- OpenMoko: 10 years after - 2017-07-24
- Deal Alert: Free download of iPhone data utility - 2017-07-12
- More related articles

Tell a friend
Your full name:
Your email address:
Your friend's email:
Anti-spam measure:

News Features Interviews
BlogContact Editorials

WAP site - RSS feed
© OSNews LLC 1997-2007. All Rights Reserved.
The readers' comments are owned and a responsibility of whoever posted them.
Prefer the desktop version of OSNews?