<openbot>
Also some photo links whenever possible ;
<openbot>
Paulk-aldrin how is it going thee
<openbot>
Cheers
<paulk-aldrin>
I'm not there yet
<openbot>
Oh
<openbot>
Nevermind post whn u there at your lesiure
jonsger has joined #neo900
jonsger has quit [Client Quit]
trx has quit [Disconnected by services]
delphi has joined #neo900
somepersonok has joined #neo900
somepersonok has quit [Ping timeout: 246 seconds]
openbot has left #neo900 [#neo900]
Pali has joined #neo900
IgorSK has left #neo900 ["Ex-Chat"]
Kabouik has quit [Ping timeout: 245 seconds]
wpwrak has quit [Quit: Leaving]
jonsger has joined #neo900
delphi is now known as trx
haroonk has joined #neo900
<haroonk>
hello
<haroonk>
Is neo900 the only phone that has hardware set up that does not allow it to be remotely turned on?
<DocScrutinizer51>
I don't know for sure but probably other smartphones you can get nowadays are not designed same way. Definitely you usually can't know
<haroonk>
Whats the subject/gist of what hardware neo900 uses that nobody else uses? I mean not even Mozilla withe its Firefox OS partners do this or Ubuntu phones, im ignorant about hardware but im guessing its really expensive ?
<haroonk>
uses, as in not allow backdoor/remote turn on
<ZetaR>
haroonk: The Neo900 connects to the modem using USB and UART, and all communication to it is controlled by the OS. Most other phones (according to what DocScrutinizer05 has said previously) use a combined modem/CPU system, where the modem is sort of in the position of hypervisor (so the CPU can't offer any security at all against the modem). Note that the Neo900 management (like DocScrutinizer) are at CCCamp, so they might not be able to a
<ZetaR>
The position of the modem w.r.t. the OS is basically just like connecting a USB modem dongle to your computer.
<ZetaR>
Except more secure because the Neo900 has hardware monitoring of the modem antenna and hardware power switches, so the modem can be very reliably turned off and can't pretend to be off when it isn't.
haroonk_ has joined #neo900
<ZetaR>
haroonk_: Did you see my response to your question, or did you disconnect before I said it?
<haroonk_>
ZetaR, I missed it!
<haroonk_>
please share again
<ZetaR>
(01:50:57 PM) ZetaR: haroonk: The Neo900 connects to the modem using USB and UART, and all communication to it is controlled by the OS. Most other phones (according to what DocScrutinizer05 has said previously) use a combined modem/CPU system, where the modem is sort of in the position of hypervisor (so the CPU can't offer any security at all against the modem). Note that the Neo900 management (like DocScrutinizer) are at CCCamp, so they m
<ZetaR>
(01:52:05 PM) ZetaR: The position of the modem w.r.t. the OS is basically just like connecting a USB modem dongle to your computer.
<ZetaR>
(01:53:29 PM) ZetaR: Except more secure because the Neo900 has hardware monitoring of the modem antenna and hardware power switches, so the modem can be very reliably turned off and can't pretend to be off when it isn't.
haroonk has quit [Ping timeout: 244 seconds]
<DocScrutinizer51>
ZetaR: thanks for the exhaustive and correct answer
<ZetaR>
DocScrutinizer51: Sure. :)
Psykus has joined #neo900
freemangordon has quit [Ping timeout: 272 seconds]
<haroonk_>
thanks guys
freemangordon has joined #neo900
<haroonk_>
ZetaR, this set up requires advanced knowledge of hardware and software to set up? Thats the main feature I want to implement if its possible with a DIY phone eg some microcontroller and attachments
<ZetaR>
haroonk_: If you have the expertise to set up and program MCUs and attachments, then it wouldn't be difficult for you to figure out how to ensure data security. Just ensure that all secure data is passed to the modem only under the control of your MCU (i.e. no shared memory). Monitoring the actual transmissions of the modem is more complex because it requires routing and handling signals in the hundreds of MHz / gigahertz range on a PCB. E
<haroonk_>
heck nah
<ZetaR>
That said, it sounds like you are concerned about HW security on a DIY phone that will be very nontrivial to build, etc.
<haroonk_>
yes
<bencoh>
unless you want do build a "phone" just for fun, not really to use it
<ZetaR>
IIRC, there is a GSM module for the Arduino, but it is not really usable for voice.
<haroonk_>
I want to build a basic phone that I can resell to people I know who want that feature
<haroonk_>
ZetaR, if not voice, just text transmitting?
<bencoh>
a basic "dumb" (aka not smart) phone ?
<haroonk_>
smart or dumb, but has the feature where it cant be remotely turned on
<ZetaR>
haroonk_: Yes, AFAIK the Arduino shield can do text transmitting/receiving. It isn't a "phone" however (not even a dumb phone), because you can't make calls on it with decent quality.
<haroonk_>
awesome
<ZetaR>
So you just want a box that you can use to send/receive text messages?
<bencoh>
piphone is more of a proof of concept for me
<bencoh>
and I doubt you'd find the different neo900 components "off the shelf"
<haroonk_>
bummer
<bencoh>
(especially considering the time they've had to spend to find/source some of those)
<ZetaR>
The Neo900 components can really only be assembled with specialized equipment anyway.
<bencoh>
you can always try a different design though, but I woudln't expect to build a DIY reliable pocket phone with decent battery life without designing a board
<haroonk_>
so the gazillion phones out there, all follow a standard of hardware modem design on purpose or not on purpose to allow remote turnning on? to save money?
<bencoh>
you could go for a small arm core on a devel board, a touchscreen, and a modem (like the sim900/gprs)
<bencoh>
for a start
<bencoh>
ZetaR: haha, true :-)
<haroonk_>
thanks bencoh ZetaR
* haroonk_
eats crunch n' munch
<ZetaR>
haroonk_: The CPU/modem on most phones are combined into an integrated system to save money. IIRC, this is because the modem needs its own CPU and memory, and it is just cheaper to merge them.
<haroonk_>
ah, I understand better now, thanks
<ZetaR>
The separation between the main CPU/memory and the modem CPU/memory ends up being just a virtual separation. And if your modem is updated over-the-air (standard feature), the terms of this separation could be easily changed (might be impossible to know how easily, because it depends on internal design).
<haroonk_>
is there a term or quick way to determine visually or planning something out, where you make you setup have a GSM board/modem? that has its own cpu ram?
<haroonk_>
like the PiPhone, how does one visually see or look at the spec to see if it is or not prone to remote turn on
<haroonk_>
ZetaR, digesting slowly what you said
<ZetaR>
haroonk_: Short answer: No, unless they actually point out exactly how it is secure.
<haroonk_>
oh snap...
<ZetaR>
You would need to understand how it is constructed.
<ZetaR>
i.e. examine the schematics, or the board itself.
<ZetaR>
In this case I have made a claim about the Neo900 being connected to the modem through USB and UART with hardware safeties, which you may verify if you wish by examining the published prototype schematics.
<haroonk_>
hahaha this stuff is way over my head, I just did not think there was Z-E-R-O companies or geeks other than Neo900 that make such a board, no crowfunded projects no word, no tweet, its like nobody cares...even the Android community with all the openess dont care about such hardware. I wanted to see if I can do that feature with off the shelf but seems I gotta shell out 10's of $1000 to get a company to mention and for me to learn
<haroonk_>
all this
<ZetaR>
That price tag is why nobody wants to deal with it. Most people would rather fool themselves into thinking they can have "security" on their phone, while building a design from a cheap merged cpu/modem module. Having those parts separate is expensive, and producing a small run makes things much more expensive, unfortunately.
<ZetaR>
But this is how I prefer to think about it: when I get my Neo900, it will probably be my phone for the next 10 years, if not more.
<ZetaR>
If it is flexible and durable enough to last for 15-20 years, then the price isn't actually that much if you make regular purchases of phones or computer hardware.
<bencoh>
and when you're not-so-big a company, want to build/sell a smartphone and have to choose between sw engineers to write user-related code that sits on top of android, or hw/sw engineers to design a board and write drivers ... guess what ;)
<bencoh>
you just pick the cheapest and most common design, ask someone to build/test it for you and send you a BOM, and work on top of that
<ZetaR>
Actually, almost all of the software work is already done because Maemo/Fremantle, which is used on the Nokia N900, is almost completely open source, and all the new hardware uses standard interfaces.
<ZetaR>
Not Android in this case, but rather a derivative of Debian.
<ZetaR>
Or actually whatever other system you want to install.
<ZetaR>
The only thing really preventing you from doing that with any other smartphone is locked down firmware and proprietary drivers, neither of which are a problem here.
<Arch-TK>
ZetaR: your message got cut off in both instances
<Arch-TK>
whoops that was a few pages up
<Arch-TK>
nvm
<Arch-TK>
I even wrote a thing to prevent this.... I need to make it better.
<haroonk_>
silent circle, i wonder what they did lol
<ZetaR>
haroonk_: You mean the Blackphone? IIRC, DocScrutinizer05 mentioned that they didn't even address this problem.
<haroonk_>
heh
<haroonk_>
yep
vakkov has quit [Remote host closed the connection]
vakkov has joined #neo900
<bencoh>
yeah definitely dont
<bencoh>
they*
<ZetaR>
There is a conversation about it somewhere in the IRC logs, I believe.
<bencoh>
yeah, we discussed that a few times here :)
<edwin>
hmm does Neo900's CPU include virtualization extensions? then you could take this a bit further and build an architecture like Qubes OS (Xen with dom0 kernel that has no networking, and separate domU with networking drivers)
<bencoh>
edwin: omap3, so not really, no :)
<MonkeyofDoom>
plus virtualization escapes are a lot easier than chips finding power from nowhere
<ZetaR>
Modem code isn't even executed on the CPU, so virtualization would be for user applications.
<MonkeyofDoom>
the trend there is to do OS-side sandboxing a la namespaces/cgroups
<MonkeyofDoom>
not that I really want to bet either way on theoretical HW virt features being more or less robust than Linux sandboxing stuff...
<edwin>
hmm apparently you can isolate DMA on ARM even without the virtualization extensions if this is true: http://soda.swedish-ict.se/5269/2/securing_DMA_compeng.pdf "We therefore show how to prevent DMA attacks with highsecure isolation guarantees through DMA virtualizationbased on standard ARMMemory Management Unit (MMU)functionality only. Our design approach is generic andapplies to newer ARM architectures such as
<edwin>
although... since the modem is isolated from the CPU it doesn't use DMA, does anything on the Neo900 (like wifi) need to use DMA at all?
<ZetaR>
The OMAP3 has memory virtualization at least, and there isn't any bus attached to the CPU that you can do DMA attacks over anyway AFAIK.
<MonkeyofDoom>
the GPU doesn't have DMA?
<MonkeyofDoom>
forgive my ignorance here
<bencoh>
ZetaR: what do you mean by "memory virt" ?
<edwin>
interesting, so Neo900's networking stack will be more secure than my laptop's or desktop's without requiring an IOMMU to isolate things
<ZetaR>
Uhm, that is a good question because the GPU is integrated with the CPU.
<bencoh>
it has a MMU, and some "advanced" memory mapping/access right management maybe, but ...
<MonkeyofDoom>
"SoC"
<ZetaR>
bencoh: I am looking through the manual atm.
<ZetaR>
USB has DMA, but it is under OS control, unlike PCIe or Firewire.
<ZetaR>
It looks like the MMU has memory virtualization so that the other SoC modules (like the GPU and DSP) see a continuous block of memory, even if it is fragmented over the physical memory.
<bencoh>
is that a real "dynamic" fragmenting or just a memory remap ?
<ZetaR>
I haven't yet find the relevant passage that explains it in more detail.
<bencoh>
(remap and/or different addressing)
<ZetaR>
It has memory protection for the virtual addressing, and mentions a interconnect firewall as well.
<ZetaR>
And it looks like it is dynamic fragmenting.
<ds2>
voice is dead.
<ZetaR>
Okay, so when there is a request over the SoC's internal bus it is checked against a set of rules to ensure that the request has authorization. It is described on p624 of the manual.
SylvieLorxu has quit [Remote host closed the connection]
<ZetaR>
It checks: initiator, command (read or write), command attributes, and region requested in the memory space.
SylvieLorxu has joined #neo900
<ZetaR>
To me this looks pretty secure against not only DMA-type attacks, but any sort of unauthorized communication between modules.
<haroonk_>
this whole modem situation makes me say fuck the android community in the face
<DocScrutinizer51>
,,,hihi
<bencoh>
that's more sad that laughable, but ... ^ ^
<haroonk_>
people are making open source laptops, open source printers, open source rpi-like microcontrollers, still no open source baseband adapter or whtaever its called
<haroonk_>
not baseband adapter i mean modem
<bencoh>
opensource rpi-like microcontrollers ?
<bencoh>
there are so-colled open-hardware (basically open schematics) boards, there are opensource hdl designs for some functions, but I haven't seen a complete "opensource" controller so far
<bencoh>
arm cores aren't open hardware anyway
<dos1>
open modems are problematic, due to the need of certification to legally transmit on public networks
<DocScrutinizer51>
hey dos1 :)))
<DocScrutinizer51>
when do you arrive?
<dos1>
and as nobody tested the certification process with a hardware supposed to be open for its user, it might be tricky or even simply impossible
<ds2>
I think the term "public" networks is a misnomer
<dos1>
DocScrutinizer51: hey hey! Thursday, around 13 at Berlin, then at 15 the Bassliner bus departs
<dos1>
ds2: well, at cccamp a "non-public" one is being built right now I suppose ;)
paulk-aldrin has quit [Remote host closed the connection]
<ds2>
dos1: the networks are owned by private entities
<dos1>
oh, this meaning. yeah, sure - "public" as in, publicly available, not created by yourself for tests with special governmental permission
<ds2>
in constrast to say a WiFi network
<dos1>
(or inside a room being a faraday cage)
<DocScrutinizer51>
dos1: please don't forget to bring the proto_v1
<DocScrutinizer51>
dos1: I got the cheap tent for you, already built up on a nice location
<dos1>
DocScrutinizer51: it's ready right in front of me :)
<DocScrutinizer51>
:))
<lexik>
Too bad not being there.
<lexik>
Would love to see the photos!
<lexik>
It's nice to see the project (still) actively flowing.
jonsger has quit [Quit: jonsger]
Kabouik_ has quit [Read error: Connection reset by peer]
<ZetaR>
haroonk_: If you are using Internet connectivity over the modem, you are vulnerable to all of the standard MitM attacks that a provider can do against you, as well as tracking based on triangulation of the transmitter. These are provider-side attacks though, and have nothing to do with modem security. Hacking the modem on the Neo900 gives you nothing besides what can already be done by the provider without hacking the modem.
<haroonk_>
thanks
<ZetaR>
Those MitM attacks can be mitigated by ensuring you are using SSL to connect to your Jabber server. Solving the tracking problem would require scrapping the entire cell infrastructure and rebuilding it.
<ZetaR>
bencoh: I almost forgot, there is a project in the works to make a Propeller 2. One of the very nice feature of this is that you would have a bunch (32?) of generic pins that implement hardware UART and analog I/O.
<ZetaR>
I mean, they would *all* have that.
<ZetaR>
The Propeller 1 has a similar degree of genericness, but does it in software instead of hardware: 8 simple and fast cores designed for bitbang.