upvote

points

by cartoonworld13 hours ago |
comments
upvoteby ylk12 hours ago|
next
[-]
> The baseband can do a lot, it has dma

There's an IOMMU:

> Is the baseband isolated? > Yes, the baseband is isolated on all of the officially supported devices. Memory access is partitioned by the IOMMU and limited to internal memory and memory shared by the driver implementations. [...]

https://grapheneos.org/faq#baseband-isolation

> GrapheneOS cannot really influence this, but hardened_malloc could conceivably help.

They can and do, see above. But I don't see how hardened_malloc is related to the baseband doing DMA.

reply
upvoteby cartoonworld11 hours ago|
parent|
[-]
Thanks, this is very good information!

To answer your question, I thought it might just be slightly harder to extract secrets or exploit a running process directly. Thats all I was saying.

reply
upvoteby evolve2k11 hours ago|
prev|
[-]
I don’t have the source (I’ll have to try find it), but I read that the cell site simulators can work on 4G and earlier but don’t work on 5G. So one thing folks can do is set ur phone to use 5G networks only (unless ur stuck and then u can make it looser but be aware your less protected at that time).

I do this on iOS I’m sure it’s do-able on GrapheneOS and hopefully on Android too.

reply
upvoteby cartoonworld11 hours ago|
parent|
[-]
5G CSS is harder yes, but keep in mind that most 5G is the 5G_NSA variety, and is really just riding on the same cell bands, no mmwave here. You probably notice that your phone often slips out of 5g, or you inhabit different modes here.

Essentially, 5G is sort of a lie. Phones spend a lot of time exchanging information via 4g/lte, and just like 2g/3g and 3g/4g, there are simply downgrades that can be performed in the field, without getting too far into the weeds.

5G matters not for this.

reply