You are viewing a single comment's thread.

view the rest of the comments →


[–] anonymous-coward [S] 0 points 2 points (+2|-0) ago 

I believe it, just wondering if there is a way we can see the proof...


[–] Craxic ago 

There is a way: just take a look at the device's baseband firmware. Assuming it isn't encrypted, you should be able to see the code that runs on the chip. Problem is, understanding that code requires enormous amounts of practice and skill: you're reading assembly. There are very few people capable of doing it. Even if you can do it, you're searching for what is essentially a needle in a huge haystack. And the needle looks like hay. Finding an exploit like this is extremely tough. Google will pay you something like 10k for finding one in Chrome, and you have the source code for Chrome. So if finding just one of these exploits in an open source project is worth 10k, and it happens fairly infrequently, you can imagine how hard it is to do the same with something where you don't have the source code. To top all of this off: how do we even know that the firmware we supply to the baseband is the only thing that runs on it?

Face it: if you have a phone, and professional hackers want in: they'll get in. So try not to use it for private stuff.