Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"With end-to-end encryption where the messages are encrypted and decrypted on the client it would not be possible for anyone with access to phone records or central servers to read what was said. They would need to obtain the private keys that are generated on the client devices themselves."

Would that it were.

You are using the application processor (the "computer") to do that work, but there are two other computers inside your phone - the baseband processor and the SIM card.[1] Your carrier has access (OTA updates, etc.) to the baseband processor and can load new code/functions on it without your knowledge at any time. Depending on the SOC your phone is based on, the baseband processor can have DMA access to your application processor. What that means is, the baseband processor (which you have no control over whatsoever) can read your RAM directly.

Your cryptosystem that you describe probably works quite well on a desktop or laptop computer, but your carrier completely and totally owns your phone and everything on it.

... and we haven't even gotten to what they can do with the SIM card ...

[1] Yes, the SIM card is a computer with its own processor, RAM and programs running on it right this moment.



It seems like what we need to do is separate the damn things. Build the phone as two independent machines that only communicate with each other over ethernet. Then the user controls the one that runs Android and the other one never sees plaintext.


Don't expect to see that architecture on the floor of a retailer near you anytime soon. Maybe in the EU??? NOT in the US.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: