<enyc>
that makes a lot of sense, -- handled much of the RF switching black-magic for you...
<DocScrutinizer05>
type approved by FCC etc ;-D
<enyc>
do you need to do anything for neo900 'monitoring the module' purposes? -- that is all just for the modem only?
<DocScrutinizer05>
when using bare chip solution (like e.g. Nokia did in N900 for modem and WLAN/BT) we need a certification that costs $$$$$$
<enyc>
nods
<enyc>
is this module a potential thickness issue?
<DocScrutinizer05>
no, it's a convenient 1.4mm thin
<DocScrutinizer05>
the "original" is 1.9mm
<enyc>
so... wifi modules have come on from the n900's day?
<DocScrutinizer05>
((monitoring the module)) just this minute I discuss with Werner whether we spend a FET switch to power down the whole thing brute-fiorce when disabled
<DocScrutinizer05>
sorry? please rephrase
<enyc>
humm... wifi modules have improved (thinner, etc..) since the day n900 was designed anyway ??
<DocScrutinizer05>
dunno, possibly
<DocScrutinizer05>
anyway modules are still more expensive than bare chip solutions when building millions of devices
<enyc>
nods
<DocScrutinizer05>
that's why no huge manuf is using modules in their phones
<DocScrutinizer05>
it's cheaper for them to spend $$$$$$ non-recurring-expense on cert
<DocScrutinizer05>
also they buy a few million chips from e.g. TI directly, and thus will have option to get a dedicated TI field engineer to help them bringing up the design and iron out any flaws. We can't do that either
<DocScrutinizer05>
so our best option is to use modules
<DocScrutinizer05>
pyra even uses a midule for the OMAP5 SoC
<DocScrutinizer05>
TI basically stopped offering bare chips to aftermarket with OMAP4 or OMAP5
<DocScrutinizer05>
too many projects failed when they tried to bring up OMAP5 without help of TI
timc1assic has quit [Remote host closed the connection]
ozero has quit [Ping timeout: 256 seconds]
deafboy_ is now known as deafboy
ozero has joined #neo900
jonsger has joined #neo900
vakkov has quit [Ping timeout: 240 seconds]
lobito has joined #neo900
vakkov has joined #neo900
lobito has quit [Quit: Leaving.]
pigeons has quit [Ping timeout: 240 seconds]
pigeons has joined #neo900
pigeons is now known as Guest22631
vakkov has quit [Ping timeout: 244 seconds]
antiatom has quit [Read error: Connection reset by peer]
antiatom has joined #neo900
vakkov has joined #neo900
vakkov_ has joined #neo900
vakkov has quit [Ping timeout: 272 seconds]
jonsger has quit [Ping timeout: 256 seconds]
itbaron has joined #neo900
tomeff has quit [Ping timeout: 250 seconds]
vakkov__ has joined #neo900
vakkov_ has quit [Ping timeout: 252 seconds]
vakkov__ has quit [Ping timeout: 246 seconds]
tomeff has joined #neo900
SylvieLorxu has joined #neo900
Guest22631 is now known as pigeons
<ZetaR>
DocScrutinizer05: The differences I saw:
<ZetaR>
DocScrutinizer05: B30931D7020Y918: Requires external filter for WLAN MIMO; External DC-DC converter inductors; A number of minor feature pins declared (e.g. JTAG, wake host up from BT)
<ZetaR>
DocScrutinizer05: WL1837MODGIMOCT: Does not require external filter; Internal DC-DC converter inductors; Additional GPIO pin features unclear (e.g. JTAG undeclared, etc.)
<DocScrutinizer05>
tanks :-)
<DocScrutinizer05>
thanks even
<ZetaR>
yw ;-)
<DocScrutinizer05>
one elephant we didn't notice until Nik commented: type approval / cert status
<DocScrutinizer05>
unclear for TDK
<ZetaR>
There were also some differences in the antenna switching block diagrams, but I am not sure what differences they make.
<DocScrutinizer05>
if the TDK has no type approval, we might as well forget about it right away
<DocScrutinizer05>
if we would want to go that path, we could already use chips and build our own WLAN solution
<DocScrutinizer05>
so, the big question: does the TDK have a 'FCC' number?
<ZetaR>
I will look and see if I can find something.
<DocScrutinizer05>
great! many thanks :-)
ozero has quit [Ping timeout: 252 seconds]
ozero has joined #neo900
l_bratch has joined #neo900
paulk-collins has joined #neo900
vakkov__ has joined #neo900
ozero has quit [Quit: bye]
vakkov__ has quit [Ping timeout: 240 seconds]
vakkov__ has joined #neo900
paulk-collins has quit [Ping timeout: 240 seconds]
l_bratch has quit [Read error: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number]
l_bratch has joined #neo900
fling has quit [Read error: Connection reset by peer]
vakkov__ has quit [Ping timeout: 272 seconds]
fling has joined #neo900
vakkov__ has joined #neo900
l_bratch has quit [Quit: Leaving]
l_bratch has joined #neo900
paulk-collins has joined #neo900
afics has quit [Remote host closed the connection]
<ZetaR>
This seems to be a common attitude: the government is omniscient so you shouldn't even try to have privacy. It is just another variant of the other common cop-outs, and I think that it is probably a psychological coping mechanism.
<DocScrutinizer51>
"receive SMS even when off" haha
<DocScrutinizer51>
while that actually could get done "while (pretending) off" that would create quite som confusion
Pali has joined #neo900
<DocScrutinizer51>
and the device can't know if that's a 'special' SMS it actaully should receive, without actaully receiving it
<DocScrutinizer51>
hi Pali
<Pali>
hi!
<l_bratch>
very depressing responses in this Hacker News thread :(
<ZetaR>
AFAICT, for most consumer devices smarter than a hair dryer, it is difficult for the average user to tell if whether they are off or are just in some sort of sleep/standby mode.
<l_bratch>
luckily some people are giving very intelligent and well worded replies :)
jonsger1 has joined #neo900
jonsger has quit [Ping timeout: 240 seconds]
jonsger1 is now known as jonsger
jonsger has quit [Client Quit]
<saper>
l_bratch: depressing, but true
<ZetaR>
I think people intuitively reject the conclusion that you should have privacy, or that it is possible to have privacy, because to accept it would put them in a position where they would feel obligated to be in conflict with someone more powerful than them.
<freemangordon>
ZetaR: or rather they refuse to take the responsibility
<freemangordon>
Pali: hi!
<freemangordon>
please check you mail :)
<ZetaR>
Right, that is what I am saying. It is a psychological coping mechanism.
<Pali>
freemangordon: syncing emails...
<l_bratch>
in certain tech savvy communities, I imagine people reject the idea that the device/OS/platform they are comfortable with is somehow bad/wrong/broken/vulnerable, especially when somebody new comes along and tells them that some new platform has all the answers instead.
<l_bratch>
in this case I believe that someone new (the Neo900 project) to be correct, but I can kind of understand an outsider's perspective too
<freemangordon>
I don't. Commenting without making an effort to know the facts is not something I can understand.
<freemangordon>
hmm, which reminds me.. where is iDont?
<ZetaR>
There is a difference between understanding and condoning.
<freemangordon>
well, I am not a native english speaker, but still , in my english->bulgarian dictionary, "understand" means to "get the reasons behind some action" or somesuch in the above context. Thus "understand" is what I meant :)
<freemangordon>
And I am not the one to judge the people who think iCrap and Android are the next best things after the sliced bread. I can only advice them.
<ZetaR>
Sometimes "understand" in casual speech means "understand in a sympathetic way", and sometimes it means "understand in a empirical way".
<ZetaR>
At least, that is how I have observed people use it.
<freemangordon>
sure, I know that, it is my english to blame that the latter meaning is not clear from my statement :)
<freemangordon>
however
<ZetaR>
No, it's fine. You were using the common usage of "understand". My comment was more of a philosophical one, rather than objecting to word use.
<ZetaR>
Also, I have no grounds to criticize anyone's English here, since I am a dumb monolingual American. ;-)
Kabouik has joined #neo900
<freemangordon>
hehe
timclassic has quit [Remote host closed the connection]
timclassic has joined #neo900
<DocScrutinizer05>
when all those people over there in that Ycomb thread would watch the http://neo900.org/stuff/cccamp15/ccc2015talk/neo900-wpwrak_CCC2015.webm talk, they *might* have better basis to actually judge about how secure or unsecure different approaches / designs of phones are. So much complete misinformation and FUD, it's a shame
Pali has quit [Remote host closed the connection]
<Wizzup>
two things are infinite: the universe and human stupidity, I am not so certain about the former
<DocScrutinizer05>
>>We can build fractal antenna's on a tiny scale these days -- Incorporating something like that into silicon won't be that expensive, and all that it needs to do is maybe short 2 pins that put the chip into debug mode and GL discovering that in a postmortem.<< >> intentionally added flaw that causes an error or an errata when say exposed to certain radio frequency which in conjunction with other external or internal attacks might
<DocScrutinizer05>
lead to an effective backdoor.<< ROTFL
<DocScrutinizer05>
sub-millimeter waves? will have a hard time penetrating the chip's plastic case to reach that chip scale fractional antenna. Not to start commenting on the second assertion
<Arch-TK>
DocScrutinizer05: "Awaiting Bank Wire Payment" how long does this stuff take :P
<Arch-TK>
My bank sent me a letter saying that the payment went through.
<Arch-TK>
at least on my end.
<DocScrutinizer05>
sorry, I missed to check for last ~10 days
<DocScrutinizer05>
will do it today
<Arch-TK>
Oh, that's alright.
<DocScrutinizer05>
manual process, you know
<Arch-TK>
I see.
<Arch-TK>
That's fine, take all the time you need, I was a bit worried I screwed something up though :P
tomeff has quit [Quit: tomeff]
<Arch-TK>
DocScrutinizer05: the thing is, even if such a back door existed and such technology existed, there's still the issue that <some security agency or attacker> wants to gain access to <some device> running <some operating system the attacker doesn't know much about before hand>
<DocScrutinizer05>
sorry for causing worries
<Arch-TK>
how would the attacker know how to effectively blindly patch an operating system or firmware which they can't be sure is exactly the same as what they expect without the end user noticing something?
<DocScrutinizer05>
yes
<DocScrutinizer05>
obviously
<Arch-TK>
At this point this <security agency or attacker> would have a much easier job coming to your house, knocking you out with a swift punch and manually installing spying software on the device.
<Arch-TK>
and at that point, you have bigger issues to worry about than your phone being tapped.
<DocScrutinizer05>
even when CPU silicon was flawed in a way so a magical data sequence on USB would cause the CPU to load and execute an arbitrary code following this magic sequence, it's still the question what that code should actually do since it has little or no clue how to send out that coredump to the attacker, thanks to zero knowledge about the OS and prolly also the device circuitry
<DocScrutinizer05>
yes, indeed
<DocScrutinizer05>
any attack vector is a problem only as long as there isn't a more probably, feasible, more easy alternative attack vector
<Arch-TK>
there's only so much reinforcement you can do, you can make your front door a large thick steel door, and sure someone trying to break in could use a torch to get through the door, but at that point, they might as well just break a window.
<DocScrutinizer05>
exactly
<DocScrutinizer05>
and still I dare to claim the NSA would NOT find a flaw or backdoor exploit on Neo900
<DocScrutinizer05>
no matter how many billions they throw on that attack
jonsger has joined #neo900
<DocScrutinizer05>
of course except trivial attacks like using the device as a mechanical target with a laser microphone, which they could do with any arbitrary object
<DocScrutinizer05>
without physical access to device, or tricking user into installing malware, they have no means to gain control over the OS and thus no way to stop/block our sandboxing and dominant control of modem (and other subsystems) power supply
<DocScrutinizer05>
so when you intruct Neo900 "go *safe mode*" then it *will* be safe mode
paulk-collins has quit [Quit: Quitte]
lobito has joined #neo900
<Arch-TK>
DocScrutinizer05: although most of the idiots (idiots because they make assumptions without any prior knowledge) at the top of this thread have been getting shot down quite effectively
<Arch-TK>
s/at the top of/in/
<Wizzup>
DocScrutinizer05: remote os attacks are possible
<DocScrutinizer05>
well, yes. I obviously can't guarantee for the bug-free state of complete linux. When wget goes bonkers on "This is NSA here: SEND ROOT PASSWORD NOW!" string, then there's hardly anything I can do about that
<DocScrutinizer05>
I'd subsume that under "tricking user into installing malware" nevertheless
<Wizzup>
that's not really fair - there have been remote exploits in linux, just rarely
<Wizzup>
but it does mean that being on wifi / having wifi on, can be enough
<DocScrutinizer05>
yes, obviously a hardware can't stop software from doing bad things
<Wizzup>
that is my point
<DocScrutinizer05>
not your point, your responsibility ;-)
<DocScrutinizer05>
Neo900 UG only provides the hardware, and that hardware is 100% safe
<DocScrutinizer05>
actually I guess we could even evaluate our BSP and guarantee that it's safe
<DocScrutinizer05>
in the end of the day this would be UART, SDIO and USB kernel drivers to check for possible backdoors or exploits
Kabouik has quit [Ping timeout: 240 seconds]
<DocScrutinizer05>
when you decide to run a webbrowser on top of that, with activex and javascript enabled, that's not our fault and nothing we could do about it
antiatom has quit [Read error: Connection reset by peer]
<DocScrutinizer05>
and still, I think it will be pretty hard to actually run a useful exploit against the device without user noticing it. There's an LED showing the modem is powered up, and you can't override that with any exploit
antiatom has joined #neo900
<DocScrutinizer05>
so when user tells modem to shut down and the LED doesn't go dark, you should start wondering what's going on
Kabouik has joined #neo900
<Arch-TK>
I didn't know there was going to be an LED for the modem :P
<Arch-TK>
All this phone is missing is a high sample rate ADC and the rest of the input side of a DSO. and maybe two metal pins sticking out for a taser.
<DocScrutinizer05>
the set of diagnostic LEDs I insisted to have :-) tiny, not really conveniently placed, and dim, but unconditional and reliable and trustworthy
<Arch-TK>
then maybe a soldering iron attachment.
<Arch-TK>
and a laser
<DocScrutinizer05>
hmm, sorry. We can't sample at more than maybe 192kHz with a 16bit
<DocScrutinizer05>
dual channel
<Arch-TK>
I wonder..
<Arch-TK>
What about a logic analyser?
<DocScrutinizer05>
attach that to hackerbus. should have at least 4 GPIO for that, with level shifters :-)
<Arch-TK>
I2C debugging at the very least :P
<Arch-TK>
and SPI
<DocScrutinizer05>
:nod:
<DocScrutinizer05>
but actually I'd recommend a small USB dongle for that
<Kero>
no need to exploit the hardware, when cracked software (browser) can do malicious things by itself, like listening in on bank transactions and sending out data to another destination at the same time (modem will be on, user won't see much; if kernel is compromised too and bogus network activity is hidden, user won't see anything)
<Kero>
kinda frustrating, finally having a phone that I control, so that I should not run complex software on it (open or not), because it likely contains bugs that are big enough to create holes so that the phone can be forced to do things still not under my control.
<Kero>
Still, orders of magnitude better than starting with hardware that I don't control.
Oksana_ has joined #neo900
jonsger has quit [Quit: jonsger]
<ZetaR>
Has there actually been a case of in-silicon backdoors being added that weren't in the manufacturer's design? People keep talking about how this is a big concern (e.g. with chips made in China being used in military hardware), but I don't recall ever hearing about it happening. Though, often there are undocumented diagnostic modes that can break your security, AFAICT they are added by the manufacturer for the development process.
<wpwrak>
if you are a manufacturer, do you want your government to see you as a patriot or as a traitor ? ;-)
wicket64 has joined #neo900
<ZetaR>
If you are a big enough manufacturer, then you are the government (or at least a major influence).
<wpwrak>
by then you've probably adopted the mindset that more control of the riffraff and all the enemies, especially the imaginary ones, is a good thing :)
<wpwrak>
and i think especially the chinese government is smart enough to avoid situations where it would have to take orders from companies
<ZetaR>
I doubt a large manufacturer of silicon could get away with blatantly putting a backdoor in silicon at an early stage. There are probably too many people looking at the design. I think it would be too hard to get away with it late in manufacture either. Changing firmware is the most convenient for a backdoor.
<ZetaR>
I mean, they could do it, but they would get found out.
<wpwrak>
if your workforce is of the right mindset, they all may know, yet nobody would talk
<ZetaR>
I don't think that conspiracies work that way. Either you do things openly and the only secrets are methods (like the NSA), or you operate secretly and only a few people actually know what is going on.
<wpwrak>
well, let's see what the Volkswagen investigation will produce :-)
<wpwrak>
that may actually be a great example of a very old-style conspiracy
<wpwrak>
also, think of all the co-workers of snowden who kept still
sparetire_ has quit [Quit: sparetire_]
<wpwrak>
even snowden is a child of the (western) modern times, where employer-employee loyalty is much weaker (both ways) than it used to be in the past
<ZetaR>
Well, the NSA wiretap stuff has been known for a long time. There just weren't internal documents leaked confirming it.
<wpwrak>
you had to be quite "crazy" to imagine the nsa have its hands at *that* many places
<ZetaR>
Room 641A was exposed in 2006, according to Wikipedia. Only 3 years after it had been established.