Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: "the Fairphone is fatally flawed for security"
From: coderman <coderman () gmail com>
Date: Sat, 4 Jan 2014 22:28:38 -0800

On Sat, Jan 4, 2014 at 6:55 PM, Bernhard Kuemel <bernhard () bksys at> wrote:
"... the modem is ... poorly ...
isolated from the rest of the platform and could access critical
components such as storage, RAM, GPS and audio (microphone) of the
device"

Can you tell me what attack vectors might exploit this vulnerability?


baseband attack (remote injection, carrier cooperation, other vector)
 leads to -> bus access
  leads to -> storage, RAM, GPS and audio, etc.

baseband vulnerabilities are difficult to identify and weaponize, but
growing ever more pervasive.

see also these QUANTUMINSERTs:
"30C3 Baseband Exploitation in 2013"
http://www.youtube.com/watch?v=_5DqsPCCtiI

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]