Noob question: Why exactly could the NSA have access to full RAM on Graphene phones?
Too much fun ecash talk. Wee hours of the morning and not sleeping yet.
💤 rugged 💤
nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8
nostr:npub1u8lnhlw5usp3t9vmpz60ejpyt649z33hu82wc2hpv6m5xdqmuxhs46turz
nostr:npub12rv5lskctqxxs2c8rf2zlzc7xx3qpvzs3w4etgemauy9thegr43sf485vg
Great episode guys. ❤️
Discussion
The modem shares the same infrastructure
The baseband nor any other radio does not have access to the RAM on the devices. They are isolated components via IOMMU and they're explicitly part of GrapheneOS' device's security and hardware requirements:
https://grapheneos.org/faq#future-devices
Cellular radios have always been isolated in GrapheneOS supported devices, even down to the first two devices we supported (Galaxy S4 and Nexus 5). It's a misconception cellular radios have privileged access to the OS or memory.
A long time ago Broadcom Wi-Fi radios worked the same way it did on laptops without having proper isolation but that was resolved on the Nexus 5X, and was never an issue on Pixels to begin with. Cellular was never more privileged than Wi-Fi, and in fact on several of the early devices Wi-Fi was not properly isolated via IOMMU (such as the Nexus 5, Nexus 9 and Nexus 6P), but cellular always had been.
Thanks. Appreciating Graphene even more! 💜
Someone knows their stuff here.