especially if it’s using sim/esim card. Those mobile carriers can literally do whatever the fuck they want to your phone and there’s nothing you can do about it.
Google doing this is just the equivalent of what Apple has been doing for a while.
People need to buy more Linux phones. It’s the only way for the tech to improve.
I saw a Defcon talk about SIM cards a few years ago, really interesting stuff.
Most people treat SIM cards as just an ID to get on a carrier’s network, but they are soo much more.
When SIM cards were developed, they were designed to be the core of your phone, your handset would be just that, handset that would only run the software on the SIM card.
SIM cards are small computers, they have a CPU, RAM and storage, they can run apps on the SIM card itself and only present the UI to the phone.
With my first phones, I remember the contacts being stored on the SIM card itself, it usually took 30-60 sec to load them after a phone restart. But bloody convenient when switching phones, this was way before iCloud and other similar services, and moving your SIM card moved all your contacts as well.
Since SIM cards are controlled by the operator, they can do stuff that might surprise you, they can act as a trusted source for signing/encrypting/storing data, the user does not have direct access to tamper with the chip, so security apps have been developed to run on SIM cards, I don’t know the current status on this, but in countries with limited/older infrastructure, this was used for bank security apps, since the SIM is a locked down system, you can use it to securely store a key, and have the SIM use the key to generate a token, sign requests and even encrypt data, all without the key leaving the SIM.
Jolla isn’t in the US at least AFAIK. And outside that I’m not really aware of other similar options available here. I’m looking at maybe getting something I can root and wipe to run linux. But that’s beyond most people’s ability and desire.
especially if it’s using sim/esim card. Those mobile carriers can literally do whatever the fuck they want to your phone and there’s nothing you can do about it.
Wow that’s wild, how does my SIM card allow my carrier to do whatever they want to my phone?
On the face of it, that sounds like a gigantic breach of privacy. Can they look at my photos, capture my screen, read my stored app data, intercept outbound Internet traffic before it’s encrypted, etc? That’s wild.
Not to mention that I bought my phone separately, so it’s got nothing to do with them. As one might imagine, I only added a SIM in order to receive traditional telephone calls, it’s not otherwise useful to me.
Oh how fun is that the definition of “phone” has changed.
This is all speculation on my side but it can’t look into your files or anything. What we call a smartphone today is actually a combination of a very powerful computer and a telephone in the same chassis. The SIM card can do a lot in the phone part of your smartphone: send/receive/process messages, calls, track your location etc. not open and see through your camera though.
especially if it’s using sim/esim card. Those mobile carriers can literally do whatever the fuck they want to your phone and there’s nothing you can do about it.
Google doing this is just the equivalent of what Apple has been doing for a while.
People need to buy more Linux phones. It’s the only way for the tech to improve.
I saw a Defcon talk about SIM cards a few years ago, really interesting stuff.
Most people treat SIM cards as just an ID to get on a carrier’s network, but they are soo much more.
When SIM cards were developed, they were designed to be the core of your phone, your handset would be just that, handset that would only run the software on the SIM card.
SIM cards are small computers, they have a CPU, RAM and storage, they can run apps on the SIM card itself and only present the UI to the phone.
With my first phones, I remember the contacts being stored on the SIM card itself, it usually took 30-60 sec to load them after a phone restart. But bloody convenient when switching phones, this was way before iCloud and other similar services, and moving your SIM card moved all your contacts as well.
Since SIM cards are controlled by the operator, they can do stuff that might surprise you, they can act as a trusted source for signing/encrypting/storing data, the user does not have direct access to tamper with the chip, so security apps have been developed to run on SIM cards, I don’t know the current status on this, but in countries with limited/older infrastructure, this was used for bank security apps, since the SIM is a locked down system, you can use it to securely store a key, and have the SIM use the key to generate a token, sign requests and even encrypt data, all without the key leaving the SIM.
Here is the talk I mentioned:
https://youtu.be/31D94QOo2gY
Also the baseband chip for 4G/5G is yet another self contained computer you don’t control. Shit’s egregious.
Thanks for the video link.
Someone once managed to contain a very small webserver in it.
Jolla isn’t in the US at least AFAIK. And outside that I’m not really aware of other similar options available here. I’m looking at maybe getting something I can root and wipe to run linux. But that’s beyond most people’s ability and desire.
I’ve been eyeing the furi phone. I like the hardware switches for modem/GPS, camera, and microphone.
Wow that’s wild, how does my SIM card allow my carrier to do whatever they want to my phone?
On the face of it, that sounds like a gigantic breach of privacy. Can they look at my photos, capture my screen, read my stored app data, intercept outbound Internet traffic before it’s encrypted, etc? That’s wild.
Not to mention that I bought my phone separately, so it’s got nothing to do with them. As one might imagine, I only added a SIM in order to receive traditional telephone calls, it’s not otherwise useful to me.
Oh how fun is that the definition of “phone” has changed.
This is all speculation on my side but it can’t look into your files or anything. What we call a smartphone today is actually a combination of a very powerful computer and a telephone in the same chassis. The SIM card can do a lot in the phone part of your smartphone: send/receive/process messages, calls, track your location etc. not open and see through your camera though.